Class: Aws::S3::Object

Inherits:

Object

• Object
• Aws::S3::Object

Defined in:

gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb,
gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object.rb

Defined Under Namespace

Classes: Collection

Read-Only Attributes

• #accept_ranges ⇒ String

  Indicates that a range of bytes was specified.

• #archive_status ⇒ String

  The archive state of the head object.

• #bucket_key_enabled ⇒ Boolean

  Indicates whether the object uses an S3 Bucket Key for server-side encryption with Key Management Service (KMS) keys (SSE-KMS).

• #bucket_name ⇒ String
• #cache_control ⇒ String

  Specifies caching behavior along the request/reply chain.

• #checksum_crc32 ⇒ String

  The Base64 encoded, 32-bit CRC32 checksum of the object.

• #checksum_crc32c ⇒ String

  The Base64 encoded, 32-bit CRC32C checksum of the object.

• #checksum_crc64nvme ⇒ String

  The Base64 encoded, 64-bit CRC64NVME checksum of the object.

• #checksum_sha1 ⇒ String

  The Base64 encoded, 160-bit SHA1 digest of the object.

• #checksum_sha256 ⇒ String

  The Base64 encoded, 256-bit SHA256 digest of the object.

• #checksum_type ⇒ String

  The checksum type, which determines how part-level checksums are combined to create an object-level checksum for multipart objects.

• #content_disposition ⇒ String

  Specifies presentational information for the object.

• #content_encoding ⇒ String

  Indicates what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.

• #content_language ⇒ String

  The language the content is in.

• #content_length ⇒ Integer (also: #size)

  Size of the body in bytes.

• #content_range ⇒ String

  The portion of the object returned in the response for a GET request.

• #content_type ⇒ String

  A standard MIME type describing the format of the object data.

• #delete_marker ⇒ Boolean

  Specifies whether the object retrieved was (true) or was not (false) a Delete Marker.

• #etag ⇒ String

  An entity tag (ETag) is an opaque identifier assigned by a web server to a specific version of a resource found at a URL.

• #expiration ⇒ String

  If the object expiration is configured (see [ PutBucketLifecycleConfiguration ][1]), the response includes this header.

• #expires ⇒ Time

  The date and time at which the object is no longer cacheable.

• #expires_string ⇒ String
• #key ⇒ String
• #last_modified ⇒ Time

  Date and time when the object was last modified.

• #metadata ⇒ Hash<String,String>

  A map of metadata to store with the object in S3.

• #missing_meta ⇒ Integer

  This is set to the number of metadata entries not returned in x-amz-meta headers.

• #object_lock_legal_hold_status ⇒ String

  Specifies whether a legal hold is in effect for this object.

• #object_lock_mode ⇒ String

  The Object Lock mode, if any, that's in effect for this object.

• #object_lock_retain_until_date ⇒ Time

  The date and time when the Object Lock retention period expires.

• #parts_count ⇒ Integer

  The count of parts this object has.

• #replication_status ⇒ String

  Amazon S3 can return this header if your request involves a bucket that is either a source or a destination in a replication rule.

• #request_charged ⇒ String

  If present, indicates that the requester was successfully charged for the request.

• #restore ⇒ String

  If the object is an archived object (an object whose storage class is GLACIER), the response includes this header if either the archive restoration is in progress (see [RestoreObject][1] or an archive copy is already restored.

• #server_side_encryption ⇒ String

  The server-side encryption algorithm used when you store this object in Amazon S3 or Amazon FSx.

• #sse_customer_algorithm ⇒ String

  If server-side encryption with a customer-provided encryption key was requested, the response will include this header to confirm the encryption algorithm that's used.

• #sse_customer_key_md5 ⇒ String

  If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide the round-trip message integrity verification of the customer-provided encryption key.

• #ssekms_key_id ⇒ String

  If present, indicates the ID of the KMS key that was used for object encryption.

• #storage_class ⇒ String

  Provides storage class information of the object.

• #tag_count ⇒ Integer

  The number of tags, if any, on the object, when you have the relevant permission to read object tags.

• #version_id ⇒ String

  Version ID of the object.

• #website_redirect_location ⇒ String

  If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL.

Actions

• #copy_from(source, options = {}) ⇒ Object

  Copies another object to this object.

• #delete(options = {}) ⇒ Types::DeleteObjectOutput
• #get(options = {}, &block) ⇒ Types::GetObjectOutput
• #head(options = {}) ⇒ Types::HeadObjectOutput
• #initiate_multipart_upload(options = {}) ⇒ MultipartUpload
• #put(options = {}) ⇒ Types::PutObjectOutput
• #restore_object(options = {}) ⇒ Types::RestoreObjectOutput

Associations

• #acl ⇒ ObjectAcl
• #bucket ⇒ Bucket
• #multipart_upload(id) ⇒ MultipartUpload
• #version(id) ⇒ ObjectVersion

Instance Method Summary

• #client ⇒ Client
• #copy_to(target, options = {}) ⇒ Object

  Copies this object to another object.

• #data ⇒ Types::HeadObjectOutput

  Returns the data for this Object.

• #data_loaded? ⇒ Boolean

  Returns true if this resource is loaded.

• #download_file(destination, options = {}) ⇒ Boolean

  Downloads a file in S3 to a path on disk.

• #exists?(options = {}) ⇒ Boolean

  Returns true if the Object exists.

• #initialize(*args) ⇒ Object constructor

  A new instance of Object.

• #load ⇒ self (also: #reload)

  Loads, or reloads #data for the current Object.

• #move_to(target, options = {}) ⇒ void

  Copies and deletes the current object.

• #presigned_post(options = {}) ⇒ PresignedPost

  Creates a PresignedPost that makes it easy to upload a file from a web browser direct to Amazon S3 using an HTML post form with a file field.

• #presigned_request(method, params = {}) ⇒ String, Hash

  Allows you to create presigned URL requests for S3 operations.

• #presigned_url(method, params = {}) ⇒ String

  Generates a pre-signed URL for this object.

• #public_url(options = {}) ⇒ String

  Returns the public (un-signed) URL for this object.

• #upload_file(source, options = {}) {|response| ... } ⇒ Boolean

  Uploads a file from disk to the current object in S3.

• #upload_stream(options = {}, &block) ⇒ Boolean

  Uploads a stream in a streaming fashion to the current object in S3.

• #wait_until(options = {}) {|resource| ... } ⇒ Resource deprecated Deprecated.

  Use [Aws::S3::Client] #wait_until instead

• #wait_until_exists(options = {}, &block) ⇒ Object
• #wait_until_not_exists(options = {}, &block) ⇒ Object

Constructor Details

#initialize(bucket_name, key, options = {}) ⇒ Object #initialize(options = {}) ⇒ Object

Returns a new instance of Object.

Overloads:

• #initialize(bucket_name, key, options = {}) ⇒ Object

  Parameters:

  • bucket_name (String)
  • key (String)

  Options Hash (options):

  • :client (Client)
• #initialize(options = {}) ⇒ Object

  Options Hash (options):

  • :bucket_name (required, String)
  • :key (required, String)
  • :client (Client)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 24

def initialize(*args)
  options = Hash === args.last ? args.pop.dup : {}
  @bucket_name = extract_bucket_name(args, options)
  @key = extract_key(args, options)
  @data = options.delete(:data)
  @client = options.delete(:client) || Client.new(options)
  @waiter_block_warned = false
end

Instance Method Details

#accept_ranges ⇒ String

Indicates that a range of bytes was specified.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 59

def accept_ranges
  data[:accept_ranges]
end

#acl ⇒ ObjectAcl

Returns:

• (ObjectAcl)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 3430

def acl
  ObjectAcl.new(
    bucket_name: @bucket_name,
    object_key: @key,
    client: @client
  )
end

#archive_status ⇒ String

The archive state of the head object.

This functionality is not supported for directory buckets.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 122

def archive_status
  data[:archive_status]
end

#bucket ⇒ Bucket

Returns:

• (Bucket)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 3439

def bucket
  Bucket.new(
    name: @bucket_name,
    client: @client
  )
end

#bucket_key_enabled ⇒ Boolean

Indicates whether the object uses an S3 Bucket Key for server-side encryption with Key Management Service (KMS) keys (SSE-KMS).

Returns:

• (Boolean)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 379

def bucket_key_enabled
  data[:bucket_key_enabled]
end

#bucket_name ⇒ String

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 36

def bucket_name
  @bucket_name
end

#cache_control ⇒ String

Specifies caching behavior along the request/reply chain.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 266

def cache_control
  data[:cache_control]
end

#checksum_crc32 ⇒ String

The Base64 encoded, 32-bit CRC32 checksum of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in the Amazon S3 User Guide.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 151

def checksum_crc32
  data[:checksum_crc32]
end

#checksum_crc32c ⇒ String

The Base64 encoded, 32-bit CRC32C checksum of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in the Amazon S3 User Guide.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 168

def checksum_crc32c
  data[:checksum_crc32c]
end

#checksum_crc64nvme ⇒ String

The Base64 encoded, 64-bit CRC64NVME checksum of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 180

def checksum_crc64nvme
  data[:checksum_crc64nvme]
end

#checksum_sha1 ⇒ String

The Base64 encoded, 160-bit SHA1 digest of the object. This checksum is only present if the checksum was uploaded with the object. When you use the API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in the Amazon S3 User Guide.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 197

def checksum_sha1
  data[:checksum_sha1]
end

#checksum_sha256 ⇒ String

The Base64 encoded, 256-bit SHA256 digest of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in the Amazon S3 User Guide.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 214

def checksum_sha256
  data[:checksum_sha256]
end

#checksum_type ⇒ String

The checksum type, which determines how part-level checksums are combined to create an object-level checksum for multipart objects. You can use this header response to verify that the checksum type that is received is the same checksum type that was specified in CreateMultipartUpload request. For more information, see Checking object integrity in the Amazon S3 User Guide.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 229

def checksum_type
  data[:checksum_type]
end

#client ⇒ Client

Returns:

• (Client)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 546

def client
  @client
end

#content_disposition ⇒ String

Specifies presentational information for the object.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 272

def content_disposition
  data[:content_disposition]
end

#content_encoding ⇒ String

Indicates what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 280

def content_encoding
  data[:content_encoding]
end

#content_language ⇒ String

The language the content is in.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 286

def content_language
  data[:content_language]
end

#content_length ⇒ Integer Also known as: size

Size of the body in bytes.

Returns:

• (Integer)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 134

def content_length
  data[:content_length]
end

#content_range ⇒ String

The portion of the object returned in the response for a GET request.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 299

def content_range
  data[:content_range]
end

#content_type ⇒ String

A standard MIME type describing the format of the object data.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 292

def content_type
  data[:content_type]
end

#copy_from(source, options = {}) ⇒ Object

Copies another object to this object. Use multipart_copy: true for large objects. This is required for objects that exceed 5GB.

Examples:

Basic object copy

bucket = Aws::S3::Bucket.new('target-bucket')
object = bucket.object('target-key')

# source as String
object.copy_from('source-bucket/source-key')

# source as Hash
object.copy_from(bucket:'source-bucket', key:'source-key')

# source as Aws::S3::Object
object.copy_from(bucket.object('source-key'))

Managed copy of large objects

# uses multipart upload APIs to copy object
object.copy_from('src-bucket/src-key', multipart_copy: true)

Parameters:

• source (S3::Object, S3::ObjectVersion, S3::ObjectSummary, String, Hash) —

  Where to copy object data from. source must be one of the following:

  • Aws::S3::Object
  • Aws::S3::ObjectSummary
  • Aws::S3::ObjectVersion
  • Hash - with :bucket and :key and optional :version_id
  • String - formatted like "source-bucket-name/uri-escaped-key" or "source-bucket-name/uri-escaped-key?versionId=version-id"
• options (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (options):

• :multipart_copy (Boolean) — default: false —

  When true, the object will be copied using the multipart APIs. This is necessary for objects larger than 5GB and can provide performance improvements on large objects. Amazon S3 does not accept multipart copies for objects smaller than 5MB. Object metadata such as Content-Type will be copied, however, Checksums are not copied.

• :content_length (Integer) —

  Only used when :multipart_copy is true. Passing this options avoids a HEAD request to query the source object size but prevents object metadata from being copied. Raises an ArgumentError if this option is provided when :multipart_copy is false or not set.

• :copy_source_client (S3::Client) —

  Only used when :multipart_copy is true and the source object is in a different region. You do not need to specify this option if you have provided :content_length.

• :copy_source_region (String) —

  Only used when :multipart_copy is true and the source object is in a different region. You do not need to specify this option if you have provided a :source_client or a :content_length.

• :use_source_parts (Boolean) — default: false —

  Only used when :multipart_copy is true. Use part sizes defined on the source object if any exist. If copying or moving an object that is already multipart, this does not re-part the object, instead re-using the part definitions on the original. That means the etag and any checksums will not change. This is especially useful if the source object has parts with varied sizes.

See Also:

• #copy_to

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 1500

def copy_from(options = {})
  options = options.merge(
    bucket: @bucket_name,
    key: @key
  )
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.copy_object(options)
  end
  resp.data
end

#copy_to(target, options = {}) ⇒ Object

Note:

If you need to copy to a bucket in a different region, use #copy_from.

Copies this object to another object. Use multipart_copy: true for large objects. This is required for objects that exceed 5GB.

Examples:

Basic object copy

bucket = Aws::S3::Bucket.new('source-bucket')
object = bucket.object('source-key')

# target as String
object.copy_to('target-bucket/target-key')

# target as Hash
object.copy_to(bucket: 'target-bucket', key: 'target-key')

# target as Aws::S3::Object
object.copy_to(bucket.object('target-key'))

Managed copy of large objects

# uses multipart upload APIs to copy object
object.copy_to('src-bucket/src-key', multipart_copy: true)

Parameters:

• target (S3::Object, String, Hash) —

  Where to copy the object data to. target must be one of the following:

  • Aws::S3::Object
  • Hash - with :bucket and :key
  • String - formatted like "target-bucket-name/target-key"

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object.rb', line 121

def copy_to(target, options = {})
  Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    ObjectCopier.new(self, options).copy_to(target, options)
  end
end

#data ⇒ Types::HeadObjectOutput

Returns the data for this Aws::S3::Object. Calls Client#head_object if #data_loaded? is false.

Returns:

• (Types::HeadObjectOutput) —

  Returns the data for this Aws::S3::Object. Calls Client#head_object if #data_loaded? is false.

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 571

def data
  load unless @data
  @data
end

#data_loaded? ⇒ Boolean

Returns true if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.

Returns:

• (Boolean) —

  Returns true if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 579

def data_loaded?
  !!@data
end

#delete(options = {}) ⇒ Types::DeleteObjectOutput

Examples:

Request syntax with placeholder values

object.delete({
  mfa: "MFA",
  version_id: "ObjectVersionId",
  request_payer: "requester", # accepts requester
  bypass_governance_retention: false,
  expected_bucket_owner: "AccountId",
  if_match: "IfMatch",
  if_match_last_modified_time: Time.now,
  if_match_size: 1,
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :mfa (String) —

  The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device. Required to permanently delete a versioned object if versioning is configured with MFA delete enabled.

  This functionality is not supported for directory buckets.

• :version_id (String) —

  Version ID used to reference a specific version of the object.

  For directory buckets in this API operation, only the null value of the version ID is supported.

• :request_payer (String) —

  Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :bypass_governance_retention (Boolean) —

  Indicates whether S3 Object Lock should bypass Governance-mode restrictions to process this operation. To use this header, you must have the s3:BypassGovernanceRetention permission.

  This functionality is not supported for directory buckets.

• :expected_bucket_owner (String) —

  The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

• :if_match (String) —

  Deletes the object if the ETag (entity tag) value provided during the delete operation matches the ETag of the object in S3. If the ETag values do not match, the operation returns a 412 Precondition Failed error.

  Expects the ETag value as a string. If-Match does accept a string value of an '*' (asterisk) character to denote a match of any ETag.

  For more information about conditional requests, see RFC 7232.

• :if_match_last_modified_time (Time, DateTime, Date, Integer, String) —

  If present, the object is deleted only if its modification times matches the provided Timestamp. If the Timestamp values do not match, the operation returns a 412 Precondition Failed error. If the Timestamp matches or if the object doesn’t exist, the operation returns a 204 Success (No Content) response.

  This functionality is only supported for directory buckets.

• :if_match_size (Integer) —

  If present, the object is deleted only if its size matches the provided size in bytes. If the Size value does not match, the operation returns a 412 Precondition Failed error. If the Size matches or if the object doesn’t exist, the operation returns a 204 Success (No Content) response.

  This functionality is only supported for directory buckets.

  You can use the If-Match, x-amz-if-match-last-modified-time and x-amz-if-match-size conditional headers in conjunction with each-other or individually.

Returns:

• (Types::DeleteObjectOutput)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 1607

def delete(options = {})
  options = options.merge(
    bucket: @bucket_name,
    key: @key
  )
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.delete_object(options)
  end
  resp.data
end

#delete_marker ⇒ Boolean

Specifies whether the object retrieved was (true) or was not (false) a Delete Marker. If false, this response header does not appear in the response.

This functionality is not supported for directory buckets.

Returns:

• (Boolean)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 53

def delete_marker
  data[:delete_marker]
end

#download_file(destination, options = {}) ⇒ Boolean

Downloads a file in S3 to a path on disk.

# small files (< 5MB) are downloaded in a single API call
obj.download_file('/path/to/file')

Files larger than 5MB are downloaded using multipart method:

# large files are split into parts
# and the parts are downloaded in parallel
obj.download_file('/path/to/very_large_file')

You can provide a callback to monitor progress of the download:

# bytes and part_sizes are each an array with 1 entry per part
# part_sizes may not be known until the first bytes are retrieved
progress = proc do |bytes, part_sizes, file_size|
  puts bytes.map.with_index { |b, i| "Part #{i + 1}: #{b} / #{part_sizes[i]}" }.join(' ') + "Total: #{100.0 * bytes.sum / file_size}%"
end
obj.download_file('/path/to/file', progress_callback: progress)

Parameters:

• destination (String, Pathname, File, Tempfile) —

  Where to download the file to. This can either be a String or Pathname to the file, an open File object, or an open Tempfile object. If you pass an open File or Tempfile object, then you are responsible for closing it after the download completes. Download behavior varies by destination type:

  • String/Pathname paths: Downloads to a temporary file first, then atomically moves to the final destination. This prevents corruption of any existing file if the download fails.
  • File/Tempfile objects: Downloads directly to the file object without using temporary files. You are responsible for managing the file object's state and closing it after the download completes. If the download fails, the file object may contain partial data.
• options (Hash) (defaults to: {}) —

  Additional options for Client#get_object and #Client#head_object may be provided.

Options Hash (options):

• :mode (String) — default: "auto" —

  "auto", "single_request" or "get_range"

  • auto mode is enabled by default, which performs multipart_download
  • "single_request" mode forces only 1 GET request is made in download
  • "get_range" mode requires :chunk_size parameter to configured in customizing each range size
• :chunk_size (Integer) —

  required in "get_range" mode.

• :thread_count (Integer) — default: 10 —

  Customize threads used in the multipart download.

• :checksum_mode (String) — default: "ENABLED" —

  When "ENABLED" and the object has a stored checksum, it will be used to validate the download and will raise an Aws::Errors::ChecksumError if checksum validation fails. You may provide a on_checksum_validated callback if you need to verify that validation occurred and which algorithm was used. To disable checksum validation, set checksum_mode to "DISABLED".

• :on_checksum_validated (Callable) —

  Called each time a request's checksum is validated with the checksum algorithm and the response. For multipart downloads, this will be called for each part that is downloaded and validated.

• :progress_callback (Proc) —

  A Proc that will be called when each chunk of the download is received. It will be invoked with bytes_read, part_sizes, file_size. When the object is downloaded as parts (rather than by ranges), the part_sizes will not be known ahead of time and will be nil in the callback until the first bytes in the part are received.

Returns:

• (Boolean) —

  Returns true when the file is downloaded without any errors.

Raises:

• (MultipartDownloadError) —

  Raised when an object validation fails outside of service errors.

See Also:

• Client#get_object
• Client#head_object

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object.rb', line 542

def download_file(destination, options = {})
  download_opts = options.merge(bucket: bucket_name, key: key)
  executor = DefaultExecutor.new(max_threads: download_opts.delete([:thread_count]))
  downloader = FileDownloader.new(client: client, executor: executor)
  Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    downloader.download(destination, download_opts)
  end
  executor.shutdown
  true
end

#etag ⇒ String

An entity tag (ETag) is an opaque identifier assigned by a web server to a specific version of a resource found at a URL.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 236

def etag
  data[:etag]
end

#exists?(options = {}) ⇒ Boolean

Returns true if the Object exists.

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (Boolean) —

  Returns true if the Object exists.

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 586

def exists?(options = {})
  begin
    wait_until_exists(options.merge(max_attempts: 1))
    true
  rescue Aws::Waiters::Errors::UnexpectedError => e
    raise e.error
  rescue Aws::Waiters::Errors::WaiterFailed
    false
  end
end

#expiration ⇒ String

If the object expiration is configured (see PutBucketLifecycleConfiguration ), the response includes this header. It includes the expiry-date and rule-id key-value pairs providing object expiration information. The value of the rule-id is URL-encoded.

Object expiration information is not returned in directory buckets and this header returns the value "NotImplemented" in all responses for directory buckets.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 79

def expiration
  data[:expiration]
end

#expires ⇒ Time

The date and time at which the object is no longer cacheable.

Returns:

• (Time)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 305

def expires
  data[:expires]
end

#expires_string ⇒ String

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 310

def expires_string
  data[:expires_string]
end

#get(options = {}, &block) ⇒ Types::GetObjectOutput

Examples:

Request syntax with placeholder values

object.get({
  if_match: "IfMatch",
  if_modified_since: Time.now,
  if_none_match: "IfNoneMatch",
  if_unmodified_since: Time.now,
  range: "Range",
  response_cache_control: "ResponseCacheControl",
  response_content_disposition: "ResponseContentDisposition",
  response_content_encoding: "ResponseContentEncoding",
  response_content_language: "ResponseContentLanguage",
  response_content_type: "ResponseContentType",
  response_expires: Time.now,
  version_id: "ObjectVersionId",
  sse_customer_algorithm: "SSECustomerAlgorithm",
  sse_customer_key: "SSECustomerKey",
  sse_customer_key_md5: "SSECustomerKeyMD5",
  request_payer: "requester", # accepts requester
  part_number: 1,
  expected_bucket_owner: "AccountId",
  checksum_mode: "ENABLED", # accepts ENABLED
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :if_match (String) —

  Return the object only if its entity tag (ETag) is the same as the one specified in this header; otherwise, return a 412 Precondition Failed error.

  If both of the If-Match and If-Unmodified-Since headers are present in the request as follows: If-Match condition evaluates to true, and; If-Unmodified-Since condition evaluates to false; then, S3 returns 200 OK and the data requested.

  For more information about conditional requests, see RFC 7232.

• :if_modified_since (Time, DateTime, Date, Integer, String) —

  Return the object only if it has been modified since the specified time; otherwise, return a 304 Not Modified error.

  If both of the If-None-Match and If-Modified-Since headers are present in the request as follows:If-None-Match condition evaluates to false, and; If-Modified-Since condition evaluates to true; then, S3 returns 304 Not Modified status code.

  For more information about conditional requests, see RFC 7232.

• :if_none_match (String) —

  Return the object only if its entity tag (ETag) is different from the one specified in this header; otherwise, return a 304 Not Modified error.

  If both of the If-None-Match and If-Modified-Since headers are present in the request as follows:If-None-Match condition evaluates to false, and; If-Modified-Since condition evaluates to true; then, S3 returns 304 Not Modified HTTP status code.

  For more information about conditional requests, see RFC 7232.

• :if_unmodified_since (Time, DateTime, Date, Integer, String) —

  Return the object only if it has not been modified since the specified time; otherwise, return a 412 Precondition Failed error.

  If both of the If-Match and If-Unmodified-Since headers are present in the request as follows: If-Match condition evaluates to true, and; If-Unmodified-Since condition evaluates to false; then, S3 returns 200 OK and the data requested.

  For more information about conditional requests, see RFC 7232.

• :range (String) —

  Downloads the specified byte range of an object. For more information about the HTTP Range header, see https://www.rfc-editor.org/rfc/rfc9110.html#name-range.

  Amazon S3 doesn't support retrieving multiple ranges of data per GET request.

• :response_cache_control (String) —

  Sets the Cache-Control header of the response.

• :response_content_disposition (String) —

  Sets the Content-Disposition header of the response.

• :response_content_encoding (String) —

  Sets the Content-Encoding header of the response.

• :response_content_language (String) —

  Sets the Content-Language header of the response.

• :response_content_type (String) —

  Sets the Content-Type header of the response.

• :response_expires (Time, DateTime, Date, Integer, String) —

  Sets the Expires header of the response.

• :version_id (String) —

  Version ID used to reference a specific version of the object.

  By default, the GetObject operation returns the current version of an object. To return a different version, use the versionId subresource.

  * If you include a versionId in your request header, you must have the s3:GetObjectVersion permission to access a specific version of an object. The s3:GetObject permission is not required in this scenario.

  • If you request the current version of an object without a specific versionId in the request header, only the s3:GetObject permission is required. The s3:GetObjectVersion permission is not required in this scenario.

  • Directory buckets - S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the null value of the version ID is supported by directory buckets. You can only specify null to the versionId query parameter in the request.

  For more information about versioning, see PutBucketVersioning.

• :sse_customer_algorithm (String) —

  Specifies the algorithm to use when decrypting the object (for example, AES256).

  If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in Amazon S3, then when you GET the object, you must use the following headers:

  • x-amz-server-side-encryption-customer-algorithm

  • x-amz-server-side-encryption-customer-key

  • x-amz-server-side-encryption-customer-key-MD5

  For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided Encryption Keys) in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :sse_customer_key (String) —

  Specifies the customer-provided encryption key that you originally provided for Amazon S3 to encrypt the data before storing it. This value is used to decrypt the object when recovering it and must match the one used when storing the data. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.

  If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in Amazon S3, then when you GET the object, you must use the following headers:

  • x-amz-server-side-encryption-customer-algorithm

  • x-amz-server-side-encryption-customer-key

  • x-amz-server-side-encryption-customer-key-MD5

  For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided Encryption Keys) in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :sse_customer_key_md5 (String) —

  Specifies the 128-bit MD5 digest of the customer-provided encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

  If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in Amazon S3, then when you GET the object, you must use the following headers:

  • x-amz-server-side-encryption-customer-algorithm

  • x-amz-server-side-encryption-customer-key

  • x-amz-server-side-encryption-customer-key-MD5

  For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided Encryption Keys) in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :request_payer (String) —

  Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :part_number (Integer) —

  Part number of the object being read. This is a positive integer between 1 and 10,000. Effectively performs a 'ranged' GET request for the part specified. Useful for downloading just a part of an object.

• :expected_bucket_owner (String) —

  The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

• :checksum_mode (String) —

  To retrieve the checksum, this mode must be enabled.

Returns:

• (Types::GetObjectOutput)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 1863

def get(options = {}, &block)
  options = options.merge(
    bucket: @bucket_name,
    key: @key
  )
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.get_object(options, &block)
  end
  resp.data
end

#head(options = {}) ⇒ Types::HeadObjectOutput

Examples:

Request syntax with placeholder values

object.head({
  if_match: "IfMatch",
  if_modified_since: Time.now,
  if_none_match: "IfNoneMatch",
  if_unmodified_since: Time.now,
  range: "Range",
  response_cache_control: "ResponseCacheControl",
  response_content_disposition: "ResponseContentDisposition",
  response_content_encoding: "ResponseContentEncoding",
  response_content_language: "ResponseContentLanguage",
  response_content_type: "ResponseContentType",
  response_expires: Time.now,
  version_id: "ObjectVersionId",
  sse_customer_algorithm: "SSECustomerAlgorithm",
  sse_customer_key: "SSECustomerKey",
  sse_customer_key_md5: "SSECustomerKeyMD5",
  request_payer: "requester", # accepts requester
  part_number: 1,
  expected_bucket_owner: "AccountId",
  checksum_mode: "ENABLED", # accepts ENABLED
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :if_match (String) —

  Return the object only if its entity tag (ETag) is the same as the one specified; otherwise, return a 412 (precondition failed) error.

  If both of the If-Match and If-Unmodified-Since headers are present in the request as follows:

  • If-Match condition evaluates to true, and;

  • If-Unmodified-Since condition evaluates to false;

  Then Amazon S3 returns 200 OK and the data requested.

  For more information about conditional requests, see RFC 7232.

• :if_modified_since (Time, DateTime, Date, Integer, String) —

  Return the object only if it has been modified since the specified time; otherwise, return a 304 (not modified) error.

  If both of the If-None-Match and If-Modified-Since headers are present in the request as follows:

  • If-None-Match condition evaluates to false, and;

  • If-Modified-Since condition evaluates to true;

  Then Amazon S3 returns the 304 Not Modified response code.

  For more information about conditional requests, see RFC 7232.

• :if_none_match (String) —

  Return the object only if its entity tag (ETag) is different from the one specified; otherwise, return a 304 (not modified) error.

  If both of the If-None-Match and If-Modified-Since headers are present in the request as follows:

  • If-None-Match condition evaluates to false, and;

  • If-Modified-Since condition evaluates to true;

  Then Amazon S3 returns the 304 Not Modified response code.

  For more information about conditional requests, see RFC 7232.

• :if_unmodified_since (Time, DateTime, Date, Integer, String) —

  Return the object only if it has not been modified since the specified time; otherwise, return a 412 (precondition failed) error.

  If both of the If-Match and If-Unmodified-Since headers are present in the request as follows:

  • If-Match condition evaluates to true, and;

  • If-Unmodified-Since condition evaluates to false;

  Then Amazon S3 returns 200 OK and the data requested.

  For more information about conditional requests, see RFC 7232.

• :range (String) —

  HeadObject returns only the metadata for an object. If the Range is satisfiable, only the ContentLength is affected in the response. If the Range is not satisfiable, S3 returns a 416 - Requested Range Not Satisfiable error.

• :response_cache_control (String) —

  Sets the Cache-Control header of the response.

• :response_content_disposition (String) —

  Sets the Content-Disposition header of the response.

• :response_content_encoding (String) —

  Sets the Content-Encoding header of the response.

• :response_content_language (String) —

  Sets the Content-Language header of the response.

• :response_content_type (String) —

  Sets the Content-Type header of the response.

• :response_expires (Time, DateTime, Date, Integer, String) —

  Sets the Expires header of the response.

• :version_id (String) —

  Version ID used to reference a specific version of the object.

  For directory buckets in this API operation, only the null value of the version ID is supported.

• :sse_customer_algorithm (String) —

  Specifies the algorithm to use when encrypting the object (for example, AES256).

  This functionality is not supported for directory buckets.

• :sse_customer_key (String) —

  Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.

  This functionality is not supported for directory buckets.

• :sse_customer_key_md5 (String) —

  Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

  This functionality is not supported for directory buckets.

• :request_payer (String) —

  Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :part_number (Integer) —

  Part number of the object being read. This is a positive integer between 1 and 10,000. Effectively performs a 'ranged' HEAD request for the part specified. Useful querying about the size of the part and the number of parts in this object.

• :expected_bucket_owner (String) —

  The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

• :checksum_mode (String) —

  To retrieve the checksum, this parameter must be enabled.

  General purpose buckets - If you enable checksum mode and the object is uploaded with a checksum and encrypted with an Key Management Service (KMS) key, you must have permission to use the kms:Decrypt action to retrieve the checksum.

  Directory buckets - If you enable ChecksumMode and the object is encrypted with Amazon Web Services Key Management Service (Amazon Web Services KMS), you must also have the kms:GenerateDataKey and kms:Decrypt permissions in IAM identity-based policies and KMS key policies for the KMS key to retrieve the checksum of the object.

Returns:

• (Types::HeadObjectOutput)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 3416

def head(options = {})
  options = options.merge(
    bucket: @bucket_name,
    key: @key
  )
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.head_object(options)
  end
  resp.data
end

#initiate_multipart_upload(options = {}) ⇒ MultipartUpload

Examples:

Request syntax with placeholder values

multipartupload = object.initiate_multipart_upload({
  acl: "private", # accepts private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, bucket-owner-full-control
  cache_control: "CacheControl",
  content_disposition: "ContentDisposition",
  content_encoding: "ContentEncoding",
  content_language: "ContentLanguage",
  content_type: "ContentType",
  expires: Time.now,
  grant_full_control: "GrantFullControl",
  grant_read: "GrantRead",
  grant_read_acp: "GrantReadACP",
  grant_write_acp: "GrantWriteACP",
  metadata: {
    "MetadataKey" => "MetadataValue",
  },
  server_side_encryption: "AES256", # accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
  storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS
  website_redirect_location: "WebsiteRedirectLocation",
  sse_customer_algorithm: "SSECustomerAlgorithm",
  sse_customer_key: "SSECustomerKey",
  sse_customer_key_md5: "SSECustomerKeyMD5",
  ssekms_key_id: "SSEKMSKeyId",
  ssekms_encryption_context: "SSEKMSEncryptionContext",
  bucket_key_enabled: false,
  request_payer: "requester", # accepts requester
  tagging: "TaggingHeader",
  object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
  object_lock_retain_until_date: Time.now,
  object_lock_legal_hold_status: "ON", # accepts ON, OFF
  expected_bucket_owner: "AccountId",
  checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
  checksum_type: "COMPOSITE", # accepts COMPOSITE, FULL_OBJECT
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :acl (String) —

  The canned ACL to apply to the object. Amazon S3 supports a set of predefined ACLs, known as canned ACLs. Each canned ACL has a predefined set of grantees and permissions. For more information, see Canned ACL in the Amazon S3 User Guide.

  By default, all objects are private. Only the owner has full access control. When uploading an object, you can grant access permissions to individual Amazon Web Services accounts or to predefined groups defined by Amazon S3. These permissions are then added to the access control list (ACL) on the new object. For more information, see Using ACLs. One way to grant the permissions using the request headers is to specify a canned ACL with the x-amz-acl request header.

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :cache_control (String) —

  Specifies caching behavior along the request/reply chain.

• :content_disposition (String) —

  Specifies presentational information for the object.

• :content_encoding (String) —

  Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.

  For directory buckets, only the aws-chunked value is supported in this header field.

• :content_language (String) —

  The language that the content is in.

• :content_type (String) —

  A standard MIME type describing the format of the object data.

• :expires (Time, DateTime, Date, Integer, String) —

  The date and time at which the object is no longer cacheable.

• :grant_full_control (String) —

  Specify access permissions explicitly to give the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.

  By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see Access Control List (ACL) Overview in the Amazon S3 User Guide.

  You specify each grantee as a type=value pair, where the type is one of the following:

  • id – if the value specified is the canonical user ID of an Amazon Web Services account

  • uri – if you are granting permissions to a predefined group

  • emailAddress – if the value specified is the email address of an Amazon Web Services account

    Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

    • US East (N. Virginia)

    • US West (N. California)

    • US West (Oregon)

    • Asia Pacific (Singapore)

    • Asia Pacific (Sydney)

    • Asia Pacific (Tokyo)

    • Europe (Ireland)

    • South America (São Paulo)

    For a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.

  For example, the following x-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

  x-amz-grant-read: id="11112222333", id="444455556666"

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :grant_read (String) —

  Specify access permissions explicitly to allow grantee to read the object data and its metadata.

  By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see Access Control List (ACL) Overview in the Amazon S3 User Guide.

  You specify each grantee as a type=value pair, where the type is one of the following:

  • id – if the value specified is the canonical user ID of an Amazon Web Services account

  • uri – if you are granting permissions to a predefined group

  • emailAddress – if the value specified is the email address of an Amazon Web Services account

    Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

    • US East (N. Virginia)

    • US West (N. California)

    • US West (Oregon)

    • Asia Pacific (Singapore)

    • Asia Pacific (Sydney)

    • Asia Pacific (Tokyo)

    • Europe (Ireland)

    • South America (São Paulo)

    For a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.

  For example, the following x-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

  x-amz-grant-read: id="11112222333", id="444455556666"

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :grant_read_acp (String) —

  Specify access permissions explicitly to allows grantee to read the object ACL.

  By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see Access Control List (ACL) Overview in the Amazon S3 User Guide.

  You specify each grantee as a type=value pair, where the type is one of the following:

  • id – if the value specified is the canonical user ID of an Amazon Web Services account

  • uri – if you are granting permissions to a predefined group

  • emailAddress – if the value specified is the email address of an Amazon Web Services account

    Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

    • US East (N. Virginia)

    • US West (N. California)

    • US West (Oregon)

    • Asia Pacific (Singapore)

    • Asia Pacific (Sydney)

    • Asia Pacific (Tokyo)

    • Europe (Ireland)

    • South America (São Paulo)

    For a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.

  For example, the following x-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

  x-amz-grant-read: id="11112222333", id="444455556666"

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :grant_write_acp (String) —

  Specify access permissions explicitly to allows grantee to allow grantee to write the ACL for the applicable object.

  By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see Access Control List (ACL) Overview in the Amazon S3 User Guide.

  You specify each grantee as a type=value pair, where the type is one of the following:

  • id – if the value specified is the canonical user ID of an Amazon Web Services account

  • uri – if you are granting permissions to a predefined group

  • emailAddress – if the value specified is the email address of an Amazon Web Services account

    Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

    • US East (N. Virginia)

    • US West (N. California)

    • US West (Oregon)

    • Asia Pacific (Singapore)

    • Asia Pacific (Sydney)

    • Asia Pacific (Tokyo)

    • Europe (Ireland)

    • South America (São Paulo)

    For a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.

  For example, the following x-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

  x-amz-grant-read: id="11112222333", id="444455556666"

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :metadata (Hash<String,String>) —

  A map of metadata to store with the object in S3.

• :server_side_encryption (String) —

  The server-side encryption algorithm used when you store this object in Amazon S3 or Amazon FSx.

  • Directory buckets - For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your CreateSession requests or PUT object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information, see Protecting data with server-side encryption in the Amazon S3 User Guide. For more information about the encryption overriding behaviors in directory buckets, see Specifying server-side encryption with KMS for new object uploads.

    In the Zonal endpoint API calls (except CopyObject and UploadPartCopy) using the REST API, the encryption request headers must match the encryption settings that are specified in the CreateSession request. You can't override the values of the encryption settings (x-amz-server-side-encryption, x-amz-server-side-encryption-aws-kms-key-id, x-amz-server-side-encryption-context, and x-amz-server-side-encryption-bucket-key-enabled) that are specified in the CreateSession request. You don't need to explicitly specify these encryption settings values in Zonal endpoint API calls, and Amazon S3 will use the encryption settings values from the CreateSession request to protect new objects in the directory bucket.

    When you use the CLI or the Amazon Web Services SDKs, for CreateSession, the session token refreshes automatically to avoid service interruptions when a session expires. The CLI or the Amazon Web Services SDKs use the bucket's default encryption configuration for the CreateSession request. It's not supported to override the encryption settings values in the CreateSession request. So in the Zonal endpoint API calls (except CopyObject and UploadPartCopy), the encryption request headers must match the default encryption configuration of the directory bucket.

  • S3 access points for Amazon FSx - When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is aws:fsx. All Amazon FSx file systems have encryption configured by default and are encrypted at rest. Data is automatically encrypted before being written to the file system, and automatically decrypted as it is read. These processes are handled transparently by Amazon FSx.

• :storage_class (String) —

  By default, Amazon S3 uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. Depending on performance needs, you can specify a different Storage Class. For more information, see Storage Classes in the Amazon S3 User Guide.

  * Directory buckets only support EXPRESS_ONEZONE (the S3 Express One Zone storage class) in Availability Zones and ONEZONE_IA (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.

  • Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.

• :website_redirect_location (String) —

  If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.

  This functionality is not supported for directory buckets.

• :sse_customer_algorithm (String) —

  Specifies the algorithm to use when encrypting the object (for example, AES256).

  This functionality is not supported for directory buckets.

• :sse_customer_key (String) —

  Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.

  This functionality is not supported for directory buckets.

• :sse_customer_key_md5 (String) —

  Specifies the 128-bit MD5 digest of the customer-provided encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

  This functionality is not supported for directory buckets.

• :ssekms_key_id (String) —

  Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for object encryption. If the KMS key doesn't exist in the same account that's issuing the command, you must use the full Key ARN not the Key ID.

  General purpose buckets - If you specify x-amz-server-side-encryption with aws:kms or aws:kms:dsse, this header specifies the ID (Key ID, Key ARN, or Key Alias) of the KMS key to use. If you specify x-amz-server-side-encryption:aws:kms or x-amz-server-side-encryption:aws:kms:dsse, but do not provide x-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the Amazon Web Services managed key (aws/s3) to protect the data.

  Directory buckets - To encrypt data using SSE-KMS, it's recommended to specify the x-amz-server-side-encryption header to aws:kms. Then, the x-amz-server-side-encryption-aws-kms-key-id header implicitly uses the bucket's default KMS customer managed key ID. If you want to explicitly set the x-amz-server-side-encryption-aws-kms-key-id header, it must match the bucket's default customer managed key (using key ID or ARN, not alias). Your SSE-KMS configuration can only support 1 customer managed key per directory bucket's lifetime. The Amazon Web Services managed key (aws/s3) isn't supported. Incorrect key specification results in an HTTP 400 Bad Request error.

• :ssekms_encryption_context (String) —

  Specifies the Amazon Web Services KMS Encryption Context to use for object encryption. The value of this header is a Base64 encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs.

  Directory buckets - You can optionally provide an explicit encryption context value. The value must match the default encryption context - the bucket Amazon Resource Name (ARN). An additional encryption context value is not supported.

• :bucket_key_enabled (Boolean) —

  Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using Key Management Service (KMS) keys (SSE-KMS).

  General purpose buckets - Setting this header to true causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS. Also, specifying this header with a PUT action doesn't affect bucket-level settings for S3 Bucket Key.

  Directory buckets - S3 Bucket Keys are always enabled for GET and PUT operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through CopyObject, UploadPartCopy, the Copy operation in Batch Operations, or the import jobs. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.

• :request_payer (String) —

  Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :tagging (String) —

  The tag-set for the object. The tag-set must be encoded as URL Query parameters.

  This functionality is not supported for directory buckets.

• :object_lock_mode (String) —

  Specifies the Object Lock mode that you want to apply to the uploaded object.

  This functionality is not supported for directory buckets.

• :object_lock_retain_until_date (Time, DateTime, Date, Integer, String) —

  Specifies the date and time when you want the Object Lock to expire.

  This functionality is not supported for directory buckets.

• :object_lock_legal_hold_status (String) —

  Specifies whether you want to apply a legal hold to the uploaded object.

  This functionality is not supported for directory buckets.

• :expected_bucket_owner (String) —

  The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

• :checksum_algorithm (String) —

  Indicates the algorithm that you want Amazon S3 to use to create the checksum for the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

• :checksum_type (String) —

  Indicates the checksum type that you want Amazon S3 to use to calculate the object’s checksum value. For more information, see Checking object integrity in the Amazon S3 User Guide.

Returns:

• (MultipartUpload)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 2447

def initiate_multipart_upload(options = {})
  options = options.merge(
    bucket: @bucket_name,
    key: @key
  )
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.create_multipart_upload(options)
  end
  MultipartUpload.new(
    bucket_name: @bucket_name,
    object_key: @key,
    id: resp.data.upload_id,
    client: @client
  )
end

#key ⇒ String

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 41

def key
  @key
end

#last_modified ⇒ Time

Date and time when the object was last modified.

Returns:

• (Time)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 128

def last_modified
  data[:last_modified]
end

#load ⇒ self Also known as: reload

Loads, or reloads #data for the current Aws::S3::Object. Returns self making it possible to chain methods.

object.reload.data

Returns:

• (self)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 556

def load
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.head_object(
    bucket: @bucket_name,
    key: @key
  )
  end
  @data = resp.data
  self
end

#metadata ⇒ Hash<String,String>

A map of metadata to store with the object in S3.

Returns:

• (Hash<String,String>)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 340

def metadata
  data[:metadata]
end

#missing_meta ⇒ Integer

This is set to the number of metadata entries not returned in x-amz-meta headers. This can happen if you create metadata using an API like SOAP that supports more flexible metadata than the REST API. For example, using SOAP, you can create metadata whose values are not legal HTTP headers.

This functionality is not supported for directory buckets.

Returns:

• (Integer)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 250

def missing_meta
  data[:missing_meta]
end

#move_to(target, options = {}) ⇒ void

This method returns an undefined value.

Copies and deletes the current object. The object will only be deleted if the copy operation succeeds.

Parameters:

• target (S3::Object, String, Hash) —

  Where to copy the object data to. target must be one of the following:

  • Aws::S3::Object
  • Hash - with :bucket and :key
  • String - formatted like "target-bucket-name/target-key"

See Also:

• #copy_to
• #delete

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object.rb', line 135

def move_to(target, options = {})
  copy_to(target, options)
  delete
end

#multipart_upload(id) ⇒ MultipartUpload

Parameters:

• id (String)

Returns:

• (MultipartUpload)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 3448

def multipart_upload(id)
  MultipartUpload.new(
    bucket_name: @bucket_name,
    object_key: @key,
    id: id,
    client: @client
  )
end

#object_lock_legal_hold_status ⇒ String

Specifies whether a legal hold is in effect for this object. This header is only returned if the requester has the s3:GetObjectLegalHold permission. This header is not returned if the specified version of this object has never had a legal hold applied. For more information about S3 Object Lock, see Object Lock.

This functionality is not supported for directory buckets.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 539

def object_lock_legal_hold_status
  data[:object_lock_legal_hold_status]
end

#object_lock_mode ⇒ String

The Object Lock mode, if any, that's in effect for this object. This header is only returned if the requester has the s3:GetObjectRetention permission. For more information about S3 Object Lock, see Object Lock.

This functionality is not supported for directory buckets.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 509

def object_lock_mode
  data[:object_lock_mode]
end

#object_lock_retain_until_date ⇒ Time

The date and time when the Object Lock retention period expires. This header is only returned if the requester has the s3:GetObjectRetention permission.

This functionality is not supported for directory buckets.

Returns:

• (Time)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 521

def object_lock_retain_until_date
  data[:object_lock_retain_until_date]
end

#parts_count ⇒ Integer

The count of parts this object has. This value is only returned if you specify partNumber in your request and the object was uploaded as a multipart upload.

Returns:

• (Integer)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 474

def parts_count
  data[:parts_count]
end

#presigned_post(options = {}) ⇒ PresignedPost

Creates a PresignedPost that makes it easy to upload a file from a web browser direct to Amazon S3 using an HTML post form with a file field.

See the PresignedPost documentation for more information.

Parameters:

• options (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (options):

• :use_accelerate_endpoint (Boolean) — default: false —

  When true, PresignedPost will attempt to use accelerated endpoint.

• :url (String) —

  See PresignedPost#url.

• :allow_any (Sting, Array<String>) —

  See PresignedPost#allow_any.

• :signature_expiration (Time) —

  Specify when the signature on the post will expire. Defaults to one hour from creation of the presigned post. May not exceed one week from creation time.

• :key (String) —

  See PresignedPost#key.

• :key_starts_with (String) —

  See PresignedPost#key_starts_with.

• :acl (String) —

  See PresignedPost#acl.

• :acl_starts_with (String) —

  See PresignedPost#acl_starts_with.

• :cache_control (String) —

  See PresignedPost#cache_control.

• :cache_control_starts_with (String) —

  See PresignedPost#cache_control_starts_with.

• :content_type (String) —

  See PresignedPost#content_type.

• :content_type_starts_with (String) —

  See PresignedPost#content_type_starts_with.

• :content_disposition (String) —

  See PresignedPost#content_disposition.

• :content_disposition_starts_with (String) —

  See PresignedPost#content_disposition_starts_with.

• :content_encoding (String) —

  See PresignedPost#content_encoding.

• :content_encoding_starts_with (String) —

  See PresignedPost#content_encoding_starts_with.

• :expires (Time) —

  See PresignedPost#expires.

• :expires_starts_with (String) —

  See PresignedPost#expires_starts_with.

• :content_length_range (Range<Integer>) —

  See PresignedPost#content_length_range.

• :success_action_redirect (String) —

  See PresignedPost#success_action_redirect.

• :success_action_redirect_starts_with (String) —

  See PresignedPost#success_action_redirect_starts_with.

• :success_action_status (String) —

  See PresignedPost#success_action_status.

• :storage_class (String) —

  See PresignedPost#storage_class.

• :website_redirect_location (String) —

  See PresignedPost#website_redirect_location.

• :metadata (Hash<String,String>) —

  See PresignedPost#metadata.

• :metadata_starts_with (Hash<String,String>) —

  See PresignedPost#metadata_starts_with.

• :server_side_encryption (String) —

  See PresignedPost#server_side_encryption.

• :server_side_encryption_aws_kms_key_id (String) —

  See PresignedPost#server_side_encryption_aws_kms_key_id.

• :server_side_encryption_customer_algorithm (String) —

  See PresignedPost#server_side_encryption_customer_algorithm.

• :server_side_encryption_customer_key (String) —

  See PresignedPost#server_side_encryption_customer_key.

• :server_side_encryption_customer_key_starts_with (String) —

  See PresignedPost#server_side_encryption_customer_key_starts_with.

Returns:

• (PresignedPost)

See Also:

• PresignedPost

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object.rb', line 149

def presigned_post(options = {})
  PresignedPost.new(
    client.config.credentials,
    client.config.region,
    bucket_name,
    { key: key, url: bucket.url }.merge(options)
  )
end

#presigned_request(method, params = {}) ⇒ String, Hash

Allows you to create presigned URL requests for S3 operations. This method returns a tuple containing the URL and the signed X-amz-* headers to be used with the presigned url.

Examples:

Pre-signed GET URL, valid for one hour

obj.presigned_request(:get, expires_in: 3600)
#=> ["https://bucket-name.s3.amazonaws.com/object-key?...", {}]

Pre-signed PUT with a canned ACL

# the object uploaded using this URL will be publicly accessible
obj.presigned_request(:put, acl: 'public-read')
#=> ["https://bucket-name.s3.amazonaws.com/object-key?...",
 {"x-amz-acl"=>"public-read"}]

Parameters:

• method (Symbol) —

  The S3 operation to generate a presigned request for. Valid values are :get, :put, :head, :delete, :create_multipart_upload, :list_multipart_uploads, :complete_multipart_upload, :abort_multipart_upload, :list_parts, and :upload_part.

• params (Hash) (defaults to: {}) —

  Additional request parameters to use when generating the pre-signed request. See the related documentation in Client for accepted params.

  Method	Client Method
  :get	Client#get_object
  :put	Client#put_object
  :head	Client#head_object
  :delete	Client#delete_object
  :create_multipart_upload	Client#create_multipart_upload
  :list_multipart_uploads	Client#list_multipart_uploads
  :complete_multipart_upload	Client#complete_multipart_upload
  :abort_multipart_upload	Client#abort_multipart_upload
  :list_parts	Client#list_parts
  :upload_part	Client#upload_part

Options Hash (params):

• :virtual_host (Boolean) — default: false —

  When true the presigned URL will use the bucket name as a virtual host.

  bucket = Aws::S3::Bucket.new('my.bucket.com') bucket.object('key').presigned_request(virtual_host: true) #=> ["http://my.bucket.com/key?...", {}]

• :expires_in (Integer) — default: 900 —

  Number of seconds before the pre-signed URL expires. This may not exceed one week (604800 seconds). Note that the pre-signed URL is also only valid as long as credentials used to sign it are. For example, when using IAM roles, temporary tokens generated for signing also have a default expiration which will affect the effective expiration of the pre-signed URL.

Returns:

• (String, Hash) —

  A tuple with a presigned URL and headers that should be included with the request.

Raises:

• (ArgumentError) —

  Raised if :expires_in exceeds one week (604800 seconds).

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object.rb', line 293

def presigned_request(method, params = {})
  presigner = Presigner.new(client: client)

  if %w(delete head get put).include?(method.to_s)
    method = "#{method}_object".to_sym
  end

  presigner.presigned_request(
    method.downcase,
    params.merge(bucket: bucket_name, key: key)
  )
end

#presigned_url(method, params = {}) ⇒ String

Generates a pre-signed URL for this object.

Examples:

Pre-signed GET URL, valid for one hour

obj.presigned_url(:get, expires_in: 3600)
#=> "https://bucket-name.s3.amazonaws.com/object-key?..."

Pre-signed PUT with a canned ACL

# the object uploaded using this URL will be publicly accessible
obj.presigned_url(:put, acl: 'public-read')
#=> "https://bucket-name.s3.amazonaws.com/object-key?..."

Pre-signed UploadPart PUT

# the object uploaded using this URL will be publicly accessible
obj.presigned_url(:upload_part, part_number: 1, upload_id: 'uploadIdToken')
#=> "https://bucket-name.s3.amazonaws.com/object-key?..."

Parameters:

• method (Symbol) —

  The S3 operation to generate a presigned URL for. Valid values are :get, :put, :head, :delete, :create_multipart_upload, :list_multipart_uploads, :complete_multipart_upload, :abort_multipart_upload, :list_parts, and :upload_part.

• params (Hash) (defaults to: {}) —

  Additional request parameters to use when generating the pre-signed URL. See the related documentation in Client for accepted params.

  Method	Client Method
  :get	Client#get_object
  :put	Client#put_object
  :head	Client#head_object
  :delete	Client#delete_object
  :create_multipart_upload	Client#create_multipart_upload
  :list_multipart_uploads	Client#list_multipart_uploads
  :complete_multipart_upload	Client#complete_multipart_upload
  :abort_multipart_upload	Client#abort_multipart_upload
  :list_parts	Client#list_parts
  :upload_part	Client#upload_part

Options Hash (params):

• :virtual_host (Boolean) — default: false —

  When true the presigned URL will use the bucket name as a virtual host.

  bucket = Aws::S3::Bucket.new('my.bucket.com') bucket.object('key').presigned_url(virtual_host: true) #=> "http://my.bucket.com/key?..."

• :expires_in (Integer) — default: 900 —

  Number of seconds before the pre-signed URL expires. This may not exceed one week (604800 seconds). Note that the pre-signed URL is also only valid as long as credentials used to sign it are. For example, when using IAM roles, temporary tokens generated for signing also have a default expiration which will affect the effective expiration of the pre-signed URL.

Returns:

• (String)

Raises:

• (ArgumentError) —

  Raised if :expires_in exceeds one week (604800 seconds).

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object.rb', line 220

def presigned_url(method, params = {})
  presigner = Presigner.new(client: client)

  if %w(delete head get put).include?(method.to_s)
    method = "#{method}_object".to_sym
  end

  presigner.presigned_url(
    method.downcase,
    params.merge(bucket: bucket_name, key: key)
  )
end

#public_url(options = {}) ⇒ String

Returns the public (un-signed) URL for this object.

s3.bucket('bucket-name').object('obj-key').public_url
#=> "https://bucket-name.s3.amazonaws.com/obj-key"

To use virtual hosted bucket url. Uses https unless secure: false is set. If the bucket name contains dots (.) then you will need to set secure: false.

s3.bucket('my-bucket.com').object('key')
  .public_url(virtual_host: true)
#=> "https://my-bucket.com/key"

Parameters:

• options (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (options):

• :virtual_host (Boolean) — default: false —

  When true, the bucket name will be used as the host name. This is useful when you have a CNAME configured for the bucket.

• :secure (Boolean) — default: true —

  When false, http will be used with virtual_host. This is required when the bucket name has a dot (.) in it.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object.rb', line 328

def public_url(options = {})
  url = URI.parse(bucket.url(options))
  url.path += '/' unless url.path[-1] == '/'
  url.path += key.gsub(/[^\/]+/) { |s| Seahorse::Util.uri_escape(s) }
  url.to_s
end

#put(options = {}) ⇒ Types::PutObjectOutput

Examples:

Request syntax with placeholder values

object.put({
  acl: "private", # accepts private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, bucket-owner-full-control
  body: source_file,
  cache_control: "CacheControl",
  content_disposition: "ContentDisposition",
  content_encoding: "ContentEncoding",
  content_language: "ContentLanguage",
  content_length: 1,
  content_md5: "ContentMD5",
  content_type: "ContentType",
  checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
  checksum_crc32: "ChecksumCRC32",
  checksum_crc32c: "ChecksumCRC32C",
  checksum_crc64nvme: "ChecksumCRC64NVME",
  checksum_sha1: "ChecksumSHA1",
  checksum_sha256: "ChecksumSHA256",
  expires: Time.now,
  if_match: "IfMatch",
  if_none_match: "IfNoneMatch",
  grant_full_control: "GrantFullControl",
  grant_read: "GrantRead",
  grant_read_acp: "GrantReadACP",
  grant_write_acp: "GrantWriteACP",
  write_offset_bytes: 1,
  metadata: {
    "MetadataKey" => "MetadataValue",
  },
  server_side_encryption: "AES256", # accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
  storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS
  website_redirect_location: "WebsiteRedirectLocation",
  sse_customer_algorithm: "SSECustomerAlgorithm",
  sse_customer_key: "SSECustomerKey",
  sse_customer_key_md5: "SSECustomerKeyMD5",
  ssekms_key_id: "SSEKMSKeyId",
  ssekms_encryption_context: "SSEKMSEncryptionContext",
  bucket_key_enabled: false,
  request_payer: "requester", # accepts requester
  tagging: "TaggingHeader",
  object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
  object_lock_retain_until_date: Time.now,
  object_lock_legal_hold_status: "ON", # accepts ON, OFF
  expected_bucket_owner: "AccountId",
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :acl (String) —

  The canned ACL to apply to the object. For more information, see Canned ACL in the Amazon S3 User Guide.

  When adding a new object, you can use headers to grant ACL-based permissions to individual Amazon Web Services accounts or to predefined groups defined by Amazon S3. These permissions are then added to the ACL on the object. By default, all objects are private. Only the owner has full access control. For more information, see Access Control List (ACL) Overview and Managing ACLs Using the REST API in the Amazon S3 User Guide.

  If the bucket that you're uploading objects to uses the bucket owner enforced setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. Buckets that use this setting only accept PUT requests that don't specify an ACL or PUT requests that specify bucket owner full control ACLs, such as the bucket-owner-full-control canned ACL or an equivalent form of this ACL expressed in the XML format. PUT requests that contain other ACLs (for example, custom grants to certain Amazon Web Services accounts) fail and return a 400 error with the error code AccessControlListNotSupported. For more information, see Controlling ownership of objects and disabling ACLs in the Amazon S3 User Guide.

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :body (String, StringIO, File) —

  Object data.

• :cache_control (String) —

  Can be used to specify caching behavior along the request/reply chain. For more information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.

• :content_disposition (String) —

  Specifies presentational information for the object. For more information, see https://www.rfc-editor.org/rfc/rfc6266#section-4.

• :content_encoding (String) —

  Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. For more information, see https://www.rfc-editor.org/rfc/rfc9110.html#field.content-encoding.

• :content_language (String) —

  The language the content is in.

• :content_length (Integer) —

  Size of the body in bytes. This parameter is useful when the size of the body cannot be determined automatically. For more information, see https://www.rfc-editor.org/rfc/rfc9110.html#name-content-length.

• :content_md5 (String) —

  The Base64 encoded 128-bit MD5 digest of the message (without the headers) according to RFC 1864. This header can be used as a message integrity check to verify that the data is the same data that was originally sent. Although it is optional, we recommend using the Content-MD5 mechanism as an end-to-end integrity check. For more information about REST request authentication, see REST Authentication.

  The Content-MD5 or x-amz-sdk-checksum-algorithm header is required for any request to upload an object with a retention period configured using Amazon S3 Object Lock. For more information, see Uploading objects to an Object Lock enabled bucket in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :content_type (String) —

  A standard MIME type describing the format of the contents. For more information, see https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type.

• :checksum_algorithm (String) —

  Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding x-amz-checksum-algorithm or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the HTTP status code 400 Bad Request.

  For the x-amz-checksum-algorithm header, replace algorithm with the supported algorithm from the following list:

  • CRC32

  • CRC32C

  • CRC64NVME

  • SHA1

  • SHA256

  For more information, see Checking object integrity in the Amazon S3 User Guide.

  If the individual checksum value you provide through x-amz-checksum-algorithm doesn't match the checksum algorithm you set through x-amz-sdk-checksum-algorithm, Amazon S3 fails the request with a BadDigest error.

  The Content-MD5 or x-amz-sdk-checksum-algorithm header is required for any request to upload an object with a retention period configured using Amazon S3 Object Lock. For more information, see Uploading objects to an Object Lock enabled bucket in the Amazon S3 User Guide.

  For directory buckets, when you use Amazon Web Services SDKs, CRC32 is the default checksum algorithm that's used for performance.

• :checksum_crc32 (String) —

  This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 32-bit CRC32 checksum of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

• :checksum_crc32c (String) —

  This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 32-bit CRC32C checksum of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

• :checksum_crc64nvme (String) —

  This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 64-bit CRC64NVME checksum of the object. The CRC64NVME checksum is always a full object checksum. For more information, see Checking object integrity in the Amazon S3 User Guide.

• :checksum_sha1 (String) —

  This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 160-bit SHA1 digest of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

• :checksum_sha256 (String) —

  This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 256-bit SHA256 digest of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

• :expires (Time, DateTime, Date, Integer, String) —

  The date and time at which the object is no longer cacheable. For more information, see https://www.rfc-editor.org/rfc/rfc7234#section-5.3.

• :if_match (String) —

  Uploads the object only if the ETag (entity tag) value provided during the WRITE operation matches the ETag of the object in S3. If the ETag values do not match, the operation returns a 412 Precondition Failed error.

  If a conflicting operation occurs during the upload S3 returns a 409 ConditionalRequestConflict response. On a 409 failure you should fetch the object's ETag and retry the upload.

  Expects the ETag value as a string.

  For more information about conditional requests, see RFC 7232, or Conditional requests in the Amazon S3 User Guide.

• :if_none_match (String) —

  Uploads the object only if the object key name does not already exist in the bucket specified. Otherwise, Amazon S3 returns a 412 Precondition Failed error.

  If a conflicting operation occurs during the upload S3 returns a 409 ConditionalRequestConflict response. On a 409 failure you should retry the upload.

  Expects the '*' (asterisk) character.

  For more information about conditional requests, see RFC 7232, or Conditional requests in the Amazon S3 User Guide.

• :grant_full_control (String) —

  Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :grant_read (String) —

  Allows grantee to read the object data and its metadata.

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :grant_read_acp (String) —

  Allows grantee to read the object ACL.

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :grant_write_acp (String) —

  Allows grantee to write the ACL for the applicable object.

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :write_offset_bytes (Integer) —

  Specifies the offset for appending data to existing objects in bytes. The offset must be equal to the size of the existing object being appended to. If no object exists, setting this header to 0 will create a new object.

  This functionality is only supported for objects in the Amazon S3 Express One Zone storage class in directory buckets.

• :metadata (Hash<String,String>) —

  A map of metadata to store with the object in S3.

• :server_side_encryption (String) —

  The server-side encryption algorithm that was used when you store this object in Amazon S3 or Amazon FSx.

  • General purpose buckets - You have four mutually exclusive options to protect data using server-side encryption in Amazon S3, depending on how you choose to manage the encryption keys. Specifically, the encryption key options are Amazon S3 managed keys (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or DSSE-KMS), and customer-provided keys (SSE-C). Amazon S3 encrypts data with server-side encryption by using Amazon S3 managed keys (SSE-S3) by default. You can optionally tell Amazon S3 to encrypt data at rest by using server-side encryption with other key options. For more information, see Using Server-Side Encryption in the Amazon S3 User Guide.

  • Directory buckets - For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your CreateSession requests or PUT object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information, see Protecting data with server-side encryption in the Amazon S3 User Guide. For more information about the encryption overriding behaviors in directory buckets, see Specifying server-side encryption with KMS for new object uploads.

    In the Zonal endpoint API calls (except CopyObject and UploadPartCopy) using the REST API, the encryption request headers must match the encryption settings that are specified in the CreateSession request. You can't override the values of the encryption settings (x-amz-server-side-encryption, x-amz-server-side-encryption-aws-kms-key-id, x-amz-server-side-encryption-context, and x-amz-server-side-encryption-bucket-key-enabled) that are specified in the CreateSession request. You don't need to explicitly specify these encryption settings values in Zonal endpoint API calls, and Amazon S3 will use the encryption settings values from the CreateSession request to protect new objects in the directory bucket.

    When you use the CLI or the Amazon Web Services SDKs, for CreateSession, the session token refreshes automatically to avoid service interruptions when a session expires. The CLI or the Amazon Web Services SDKs use the bucket's default encryption configuration for the CreateSession request. It's not supported to override the encryption settings values in the CreateSession request. So in the Zonal endpoint API calls (except CopyObject and UploadPartCopy), the encryption request headers must match the default encryption configuration of the directory bucket.

  • S3 access points for Amazon FSx - When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is aws:fsx. All Amazon FSx file systems have encryption configured by default and are encrypted at rest. Data is automatically encrypted before being written to the file system, and automatically decrypted as it is read. These processes are handled transparently by Amazon FSx.

• :storage_class (String) —

  By default, Amazon S3 uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. Depending on performance needs, you can specify a different Storage Class. For more information, see Storage Classes in the Amazon S3 User Guide.

  * Directory buckets only support EXPRESS_ONEZONE (the S3 Express One Zone storage class) in Availability Zones and ONEZONE_IA (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.

  • Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.

• :website_redirect_location (String) —

  If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata. For information about object metadata, see Object Key and Metadata in the Amazon S3 User Guide.

  In the following example, the request header sets the redirect to an object (anotherPage.html) in the same bucket:

  x-amz-website-redirect-location: /anotherPage.html

  In the following example, the request header sets the object redirect to another website:

  x-amz-website-redirect-location: http://www.example.com/

  For more information about website hosting in Amazon S3, see Hosting Websites on Amazon S3 and How to Configure Website Page Redirects in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :sse_customer_algorithm (String) —

  Specifies the algorithm to use when encrypting the object (for example, AES256).

  This functionality is not supported for directory buckets.

• :sse_customer_key (String) —

  Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.

  This functionality is not supported for directory buckets.

• :sse_customer_key_md5 (String) —

  Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

  This functionality is not supported for directory buckets.

• :ssekms_key_id (String) —

  Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for object encryption. If the KMS key doesn't exist in the same account that's issuing the command, you must use the full Key ARN not the Key ID.

  General purpose buckets - If you specify x-amz-server-side-encryption with aws:kms or aws:kms:dsse, this header specifies the ID (Key ID, Key ARN, or Key Alias) of the KMS key to use. If you specify x-amz-server-side-encryption:aws:kms or x-amz-server-side-encryption:aws:kms:dsse, but do not provide x-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the Amazon Web Services managed key (aws/s3) to protect the data.

  Directory buckets - To encrypt data using SSE-KMS, it's recommended to specify the x-amz-server-side-encryption header to aws:kms. Then, the x-amz-server-side-encryption-aws-kms-key-id header implicitly uses the bucket's default KMS customer managed key ID. If you want to explicitly set the x-amz-server-side-encryption-aws-kms-key-id header, it must match the bucket's default customer managed key (using key ID or ARN, not alias). Your SSE-KMS configuration can only support 1 customer managed key per directory bucket's lifetime. The Amazon Web Services managed key (aws/s3) isn't supported. Incorrect key specification results in an HTTP 400 Bad Request error.

• :ssekms_encryption_context (String) —

  Specifies the Amazon Web Services KMS Encryption Context as an additional encryption context to use for object encryption. The value of this header is a Base64 encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs. This value is stored as object metadata and automatically gets passed on to Amazon Web Services KMS for future GetObject operations on this object.

  General purpose buckets - This value must be explicitly added during CopyObject operations if you want an additional encryption context for your object. For more information, see Encryption context in the Amazon S3 User Guide.

  Directory buckets - You can optionally provide an explicit encryption context value. The value must match the default encryption context - the bucket Amazon Resource Name (ARN). An additional encryption context value is not supported.

• :bucket_key_enabled (Boolean) —

  Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using Key Management Service (KMS) keys (SSE-KMS).

  General purpose buckets - Setting this header to true causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS. Also, specifying this header with a PUT action doesn't affect bucket-level settings for S3 Bucket Key.

  Directory buckets - S3 Bucket Keys are always enabled for GET and PUT operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through CopyObject, UploadPartCopy, the Copy operation in Batch Operations, or the import jobs. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.

• :request_payer (String) —

  Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :tagging (String) —

  The tag-set for the object. The tag-set must be encoded as URL Query parameters. (For example, "Key1=Value1")

  This functionality is not supported for directory buckets.

• :object_lock_mode (String) —

  The Object Lock mode that you want to apply to this object.

  This functionality is not supported for directory buckets.

• :object_lock_retain_until_date (Time, DateTime, Date, Integer, String) —

  The date and time when you want this object's Object Lock to expire. Must be formatted as a timestamp parameter.

  This functionality is not supported for directory buckets.

• :object_lock_legal_hold_status (String) —

  Specifies whether a legal hold will be applied to this object. For more information about S3 Object Lock, see Object Lock in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :expected_bucket_owner (String) —

  The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

Returns:

• (Types::PutObjectOutput)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 3076

def put(options = {})
  options = options.merge(
    bucket: @bucket_name,
    key: @key
  )
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.put_object(options)
  end
  resp.data
end

#replication_status ⇒ String

Amazon S3 can return this header if your request involves a bucket that is either a source or a destination in a replication rule.

In replication, you have a source bucket on which you configure replication and destination bucket or buckets where Amazon S3 stores object replicas. When you request an object (GetObject) or object metadata (HeadObject) from these buckets, Amazon S3 will return the x-amz-replication-status header in the response as follows:

• If requesting an object from the source bucket, Amazon S3 will return the x-amz-replication-status header if the object in your request is eligible for replication.

  For example, suppose that in your replication configuration, you specify object prefix TaxDocs requesting Amazon S3 to replicate objects with key prefix TaxDocs. Any objects you upload with this key name prefix, for example TaxDocs/document1.pdf, are eligible for replication. For any object request with this key name prefix, Amazon S3 will return the x-amz-replication-status header with value PENDING, COMPLETED or FAILED indicating object replication status.

• If requesting an object from a destination bucket, Amazon S3 will return the x-amz-replication-status header with value REPLICA if the object in your request is a replica that Amazon S3 created and there is no replica modification replication in progress.

• When replicating objects to multiple destination buckets, the x-amz-replication-status header acts differently. The header of the source object will only return a value of COMPLETED when replication is successful to all destinations. The header will remain at value PENDING until replication has completed for all destinations. If one or more destinations fails replication the header will return FAILED.

For more information, see Replication.

This functionality is not supported for directory buckets.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 466

def replication_status
  data[:replication_status]
end

#request_charged ⇒ String

If present, indicates that the requester was successfully charged for the request. For more information, see Using Requester Pays buckets for storage transfers and usage in the Amazon Simple Storage Service user guide.

This functionality is not supported for directory buckets.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 417

def request_charged
  data[:request_charged]
end

#restore ⇒ String

If the object is an archived object (an object whose storage class is GLACIER), the response includes this header if either the archive restoration is in progress (see RestoreObject or an archive copy is already restored.

If an archive copy is already restored, the header value indicates when Amazon S3 is scheduled to delete the object copy. For example:

x-amz-restore: ongoing-request="false", expiry-date="Fri, 21 Dec 2012 00:00:00 GMT"

If the object restoration is in progress, the header returns the value ongoing-request="true".

For more information about archiving objects, see Transitioning Objects: General Considerations.

This functionality is not supported for directory buckets. Directory buckets only support EXPRESS_ONEZONE (the S3 Express One Zone storage class) in Availability Zones and ONEZONE_IA (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 112

def restore
  data[:restore]
end

#restore_object(options = {}) ⇒ Types::RestoreObjectOutput

Examples:

Request syntax with placeholder values

object.restore_object({
  version_id: "ObjectVersionId",
  restore_request: {
    days: 1,
    glacier_job_parameters: {
      tier: "Standard", # required, accepts Standard, Bulk, Expedited
    },
    type: "SELECT", # accepts SELECT
    tier: "Standard", # accepts Standard, Bulk, Expedited
    description: "Description",
    select_parameters: {
      input_serialization: { # required
        csv: {
          file_header_info: "USE", # accepts USE, IGNORE, NONE
          comments: "Comments",
          quote_escape_character: "QuoteEscapeCharacter",
          record_delimiter: "RecordDelimiter",
          field_delimiter: "FieldDelimiter",
          quote_character: "QuoteCharacter",
          allow_quoted_record_delimiter: false,
        },
        compression_type: "NONE", # accepts NONE, GZIP, BZIP2
        json: {
          type: "DOCUMENT", # accepts DOCUMENT, LINES
        },
        parquet: {
        },
      },
      expression_type: "SQL", # required, accepts SQL
      expression: "Expression", # required
      output_serialization: { # required
        csv: {
          quote_fields: "ALWAYS", # accepts ALWAYS, ASNEEDED
          quote_escape_character: "QuoteEscapeCharacter",
          record_delimiter: "RecordDelimiter",
          field_delimiter: "FieldDelimiter",
          quote_character: "QuoteCharacter",
        },
        json: {
          record_delimiter: "RecordDelimiter",
        },
      },
    },
    output_location: {
      s3: {
        bucket_name: "BucketName", # required
        prefix: "LocationPrefix", # required
        encryption: {
          encryption_type: "AES256", # required, accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
          kms_key_id: "SSEKMSKeyId",
          kms_context: "KMSContext",
        },
        canned_acl: "private", # accepts private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, bucket-owner-full-control
        access_control_list: [
          {
            grantee: {
              display_name: "DisplayName",
              email_address: "EmailAddress",
              id: "ID",
              type: "CanonicalUser", # required, accepts CanonicalUser, AmazonCustomerByEmail, Group
              uri: "URI",
            },
            permission: "FULL_CONTROL", # accepts FULL_CONTROL, WRITE, WRITE_ACP, READ, READ_ACP
          },
        ],
        tagging: {
          tag_set: [ # required
            {
              key: "ObjectKey", # required
              value: "Value", # required
            },
          ],
        },
        user_metadata: [
          {
            name: "MetadataKey",
            value: "MetadataValue",
          },
        ],
        storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS
      },
    },
  },
  request_payer: "requester", # accepts requester
  checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
  expected_bucket_owner: "AccountId",
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :version_id (String) —

  VersionId used to reference a specific version of the object.

• :restore_request (Types::RestoreRequest) —

  Container for restore job parameters.

• :request_payer (String) —

  Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :checksum_algorithm (String) —

  Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the HTTP status code 400 Bad Request. For more information, see Checking object integrity in the Amazon S3 User Guide.

  If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm parameter.

• :expected_bucket_owner (String) —

  The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

Returns:

• (Types::RestoreObjectOutput)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 3217

def restore_object(options = {})
  options = options.merge(
    bucket: @bucket_name,
    key: @key
  )
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.restore_object(options)
  end
  resp.data
end

#server_side_encryption ⇒ String

The server-side encryption algorithm used when you store this object in Amazon S3 or Amazon FSx.

When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is aws:fsx.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 334

def server_side_encryption
  data[:server_side_encryption]
end

#sse_customer_algorithm ⇒ String

If server-side encryption with a customer-provided encryption key was requested, the response will include this header to confirm the encryption algorithm that's used.

This functionality is not supported for directory buckets.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 352

def sse_customer_algorithm
  data[:sse_customer_algorithm]
end

#sse_customer_key_md5 ⇒ String

If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide the round-trip message integrity verification of the customer-provided encryption key.

This functionality is not supported for directory buckets.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 365

def sse_customer_key_md5
  data[:sse_customer_key_md5]
end

#ssekms_key_id ⇒ String

If present, indicates the ID of the KMS key that was used for object encryption.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 372

def ssekms_key_id
  data[:ssekms_key_id]
end

#storage_class ⇒ String

Provides storage class information of the object. Amazon S3 returns this header for all objects except for S3 Standard storage class objects.

For more information, see Storage Classes.

Directory buckets - Directory buckets only support EXPRESS_ONEZONE (the S3 Express One Zone storage class) in Availability Zones and ONEZONE_IA (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 400

def storage_class
  data[:storage_class]
end

#tag_count ⇒ Integer

The number of tags, if any, on the object, when you have the relevant permission to read object tags.

You can use GetObjectTagging to retrieve the tag set associated with an object.

This functionality is not supported for directory buckets.

Returns:

• (Integer)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 492

def tag_count
  data[:tag_count]
end

#upload_file(source, options = {}) {|response| ... } ⇒ Boolean

Uploads a file from disk to the current object in S3.

# small files are uploaded in a single API call
obj.upload_file('/path/to/file')

Files larger than or equal to :multipart_threshold are uploaded using the Amazon S3 multipart upload APIs.

# large files are automatically split into parts
# and the parts are uploaded in parallel
obj.upload_file('/path/to/very_large_file')

The response of the S3 upload API is yielded if a block given.

# API response will have etag value of the file
obj.upload_file('/path/to/file') do |response|
  etag = response.etag
end

You can provide a callback to monitor progress of the upload:

# bytes and totals are each an array with 1 entry per part
progress = proc do |bytes, totals|
  puts bytes.map.with_index { |b, i| "Part #{i+1}: #{b} / #{totals[i]}"}.join(' ') + "Total: #{100.0 * bytes.sum / totals.sum }%"
end
obj.upload_file('/path/to/file', progress_callback: progress)

Parameters:

• source (String, Pathname, File, Tempfile) —

  A file on the local file system that will be uploaded as this object. This can either be a String or Pathname to the file, an open File object, or an open Tempfile object. If you pass an open File or Tempfile object, then you are responsible for closing it after the upload completes. When using an open Tempfile, rewind it before uploading or else the object will be empty.

• options (Hash) (defaults to: {}) —

  Additional options for Client#put_object when file sizes below the multipart threshold. For files larger than the multipart threshold, options for Client#create_multipart_upload, Client#complete_multipart_upload, and Client#upload_part can be provided.

Options Hash (options):

• :multipart_threshold (Integer) — default: 104857600 —

  Files larger han or equal to :multipart_threshold are uploaded using the S3 multipart APIs. Default threshold is 100MB.

• :thread_count (Integer) — default: 10 —

  The number of parallel multipart uploads. This option is not used if the file is smaller than :multipart_threshold.

• :progress_callback (Proc) —

  A Proc that will be called when each chunk of the upload is sent. It will be invoked with [bytes_read], [total_sizes]

Yields:

• (response)

Returns:

• (Boolean) —

  Returns true when the object is uploaded without any errors.

Raises:

• (MultipartUploadError) —

  If an object is being uploaded in parts, and the upload can not be completed, then the upload is aborted and this error is raised. The raised error has a #errors method that returns the failures that caused the upload to be aborted.

See Also:

• Client#put_object
• Client#create_multipart_upload
• Client#complete_multipart_upload
• Client#upload_part

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object.rb', line 459

def upload_file(source, options = {})
  upload_opts = options.merge(bucket: bucket_name, key: key)
  executor = DefaultExecutor.new(max_threads: upload_opts.delete(:thread_count))
  uploader = FileUploader.new(
    client: client,
    executor: executor,
    multipart_threshold: upload_opts.delete(:multipart_threshold)
  )
  response = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    uploader.upload(source, upload_opts)
  end
  yield response if block_given?
  executor.shutdown
  true
end

#upload_stream(options = {}, &block) ⇒ Boolean

Uploads a stream in a streaming fashion to the current object in S3.

Passed chunks automatically split into multipart upload parts and the parts are uploaded in parallel. This allows for streaming uploads that never touch the disk.

Note that this is known to have issues in JRuby until jruby-9.1.15.0, so avoid using this with older versions of JRuby.

Examples:

Streaming chunks of data

obj.upload_stream do |write_stream|
  10.times { write_stream << 'foo' }
end

Streaming chunks of data

obj.upload_stream do |write_stream|
  IO.copy_stream(IO.popen('ls'), write_stream)
end

Streaming chunks of data

obj.upload_stream do |write_stream|
  IO.copy_stream(STDIN, write_stream)
end

Parameters:

• options (Hash) (defaults to: {}) —

  Additional options for Client#create_multipart_upload, Client#complete_multipart_upload, and Client#upload_part can be provided.

Options Hash (options):

• :thread_count (Integer) — default: 10 —

  The number of parallel multipart uploads. An additional thread is used internally for task coordination.

• :tempfile (Boolean) — default: false —

  Normally read data is stored in memory when building the parts in order to complete the underlying multipart upload. By passing :tempfile => true data read will be temporarily stored on disk reducing the memory footprint vastly.

• :part_size (Integer) — default: 5242880 —

  Define how big each part size but the last should be. Default :part_size is 5 * 1024 * 1024.

Returns:

• (Boolean) —

  Returns true when the object is uploaded without any errors.

Raises:

• (MultipartUploadError) —

  If an object is being uploaded in parts, and the upload can not be completed, then the upload is aborted and this error is raised. The raised error has a #errors method that returns the failures that caused the upload to be aborted.

See Also:

• Client#create_multipart_upload
• Client#complete_multipart_upload
• Client#upload_part

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object.rb', line 385

def upload_stream(options = {}, &block)
  upload_opts = options.merge(bucket: bucket_name, key: key)
  executor = DefaultExecutor.new(max_threads: upload_opts.delete(:thread_count))
  uploader = MultipartStreamUploader.new(
    client: client,
    executor: executor,
    tempfile: upload_opts.delete(:tempfile),
    part_size: upload_opts.delete(:part_size)
  )
  Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    uploader.upload(upload_opts, &block)
  end
  executor.shutdown
  true
end

#version(id) ⇒ ObjectVersion

Parameters:

• id (String)

Returns:

• (ObjectVersion)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 3459

def version(id)
  ObjectVersion.new(
    bucket_name: @bucket_name,
    object_key: @key,
    id: id,
    client: @client
  )
end

#version_id ⇒ String

Version ID of the object.

This functionality is not supported for directory buckets.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 260

def version_id
  data[:version_id]
end

#wait_until(options = {}) {|resource| ... } ⇒ Resource

Deprecated.

Use [Aws::S3::Client] #wait_until instead

Note:

The waiting operation is performed on a copy. The original resource remains unchanged.

Waiter polls an API operation until a resource enters a desired state.

Basic Usage

Waiter will polls until it is successful, it fails by entering a terminal state, or until a maximum number of attempts are made.

# polls in a loop until condition is true
resource.wait_until(options) {|resource| condition}

Example

instance.wait_until(max_attempts:10, delay:5) do |instance|
  instance.state.name == 'running'
end

Configuration

You can configure the maximum number of polling attempts, and the delay (in seconds) between each polling attempt. The waiting condition is set by passing a block to #wait_until:

# poll for ~25 seconds
resource.wait_until(max_attempts:5,delay:5) {|resource|...}

Callbacks

You can be notified before each polling attempt and before each delay. If you throw :success or :failure from these callbacks, it will terminate the waiter.

started_at = Time.now
# poll for 1 hour, instead of a number of attempts
proc = Proc.new do |attempts, response|
  throw :failure if Time.now - started_at > 3600
end

  # disable max attempts
instance.wait_until(before_wait:proc, max_attempts:nil) {...}

Handling Errors

When a waiter is successful, it returns the Resource. When a waiter fails, it raises an error.

begin
  resource.wait_until(...)
rescue Aws::Waiters::Errors::WaiterFailed
  # resource did not enter the desired state in time
end

attempts attempt in seconds invoked before each attempt invoked before each wait

Parameters:

• options (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (options):

• :max_attempts (Integer) — default: 10 —

  Maximum number of

• :delay (Integer) — default: 10 —

  Delay between each

• :before_attempt (Proc) — default: nil —

  Callback

• :before_wait (Proc) — default: nil —

  Callback

Yield Parameters:

• resource (Resource) —

  to be used in the waiting condition.

Returns:

• (Resource) —

  if the waiter was successful

Raises:

• (Aws::Waiters::Errors::FailureStateError) —

  Raised when the waiter terminates because the waiter has entered a state that it will not transition out of, preventing success.

  yet successful.

• (Aws::Waiters::Errors::UnexpectedError) —

  Raised when an error is encountered while polling for a resource that is not expected.

• (NotImplementedError) —

  Raised when the resource does not

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 719

def wait_until(options = {}, &block)
  self_copy = self.dup
  attempts = 0
  options[:max_attempts] = 10 unless options.key?(:max_attempts)
  options[:delay] ||= 10
  options[:poller] = Proc.new do
    attempts += 1
    if block.call(self_copy)
      [:success, self_copy]
    else
      self_copy.reload unless attempts == options[:max_attempts]
      :retry
    end
  end
  Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    Aws::Waiters::Waiter.new(options).wait({})
  end
end

#wait_until_exists(options = {}, &block) ⇒ Object

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :max_attempts (Integer) — default: 20
• :delay (Float) — default: 5
• :before_attempt (Proc)
• :before_wait (Proc)

Returns:

• (Object)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 603

def wait_until_exists(options = {}, &block)
  options, params = separate_params_and_options(options)
  waiter = Waiters::ObjectExists.new(options)
  yield_waiter_and_warn(waiter, &block) if block_given?
  Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    waiter.wait(params.merge(bucket: @bucket_name,
    key: @key))
  end
  Object.new({
    bucket_name: @bucket_name,
    key: @key,
    client: @client
  })
end

#wait_until_not_exists(options = {}, &block) ⇒ Object

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :max_attempts (Integer) — default: 20
• :delay (Float) — default: 5
• :before_attempt (Proc)
• :before_wait (Proc)

Returns:

• (Object)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 624

def wait_until_not_exists(options = {}, &block)
  options, params = separate_params_and_options(options)
  waiter = Waiters::ObjectNotExists.new(options)
  yield_waiter_and_warn(waiter, &block) if block_given?
  Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    waiter.wait(params.merge(bucket: @bucket_name,
    key: @key))
  end
  Object.new({
    bucket_name: @bucket_name,
    key: @key,
    client: @client
  })
end

#website_redirect_location ⇒ String

If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.

This functionality is not supported for directory buckets.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object.rb', line 322

def website_redirect_location
  data[:website_redirect_location]
end