Class: Aws::S3::ObjectSummary

Inherits:

Object

• Object
• Aws::S3::ObjectSummary

Defined in:

gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb,
gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object_summary.rb

Defined Under Namespace

Classes: Collection

Read-Only Attributes

• #bucket_name ⇒ String
• #checksum_algorithm ⇒ Array<String>

  The algorithm that was used to create a checksum of the object.

• #checksum_type ⇒ String

  The checksum type that is used to calculate the object’s checksum value.

• #etag ⇒ String

  The entity tag is a hash of the object.

• #key ⇒ String
• #last_modified ⇒ Time

  Creation date of the object.

• #owner ⇒ Types::Owner

  The owner of the object.

• #restore_status ⇒ Types::RestoreStatus

  Specifies the restoration status of an object.

• #size ⇒ Integer (also: #content_length)

  Size in bytes of the object.

• #storage_class ⇒ String

  The class of storage used to store the object.

Actions

• #copy_from(source, options = {}) ⇒ Object
• #delete(options = {}) ⇒ Types::DeleteObjectOutput
• #get(options = {}, &block) ⇒ Types::GetObjectOutput
• #initiate_multipart_upload(options = {}) ⇒ MultipartUpload
• #put(options = {}) ⇒ Types::PutObjectOutput
• #restore_object(options = {}) ⇒ Types::RestoreObjectOutput

Associations

• #acl ⇒ ObjectAcl
• #bucket ⇒ Bucket
• #multipart_upload(id) ⇒ MultipartUpload
• #object ⇒ Object
• #version(id) ⇒ ObjectVersion

Instance Method Summary

• #client ⇒ Client
• #copy_to(target, options = {}) ⇒ Object
• #data ⇒ Types::Object

  Returns the data for this ObjectSummary.

• #data_loaded? ⇒ Boolean

  Returns true if this resource is loaded.

• #download_file(destination, options = {}) ⇒ Boolean

  Returns true when the file is downloaded without any errors.

• #exists?(options = {}) ⇒ Boolean

  Returns true if the ObjectSummary exists.

• #initialize(*args) ⇒ ObjectSummary constructor

  A new instance of ObjectSummary.

• #move_to(target, options = {}) ⇒ void
• #presigned_post(options = {}) ⇒ PresignedPost
• #presigned_url(http_method, params = {}) ⇒ String
• #public_url(options = {}) ⇒ String
• #upload_file(source, options = {}) ⇒ Boolean

  Returns true when the object is uploaded without any errors.

• #upload_stream(options = {}, &block) ⇒ Boolean

  Returns true when the object is uploaded without any errors.

• #wait_until(options = {}) {|resource| ... } ⇒ Resource deprecated Deprecated.

  Use [Aws::S3::Client] #wait_until instead

• #wait_until_exists(options = {}, &block) ⇒ ObjectSummary
• #wait_until_not_exists(options = {}, &block) ⇒ ObjectSummary

Constructor Details

#initialize(bucket_name, key, options = {}) ⇒ ObjectSummary #initialize(options = {}) ⇒ ObjectSummary

Returns a new instance of ObjectSummary.

Overloads:

• #initialize(bucket_name, key, options = {}) ⇒ ObjectSummary

  Parameters:

  • bucket_name (String)
  • key (String)

  Options Hash (options):

  • :client (Client)
• #initialize(options = {}) ⇒ ObjectSummary

  Options Hash (options):

  • :bucket_name (required, String)
  • :key (required, String)
  • :client (Client)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 24

def initialize(*args)
  options = Hash === args.last ? args.pop.dup : {}
  @bucket_name = extract_bucket_name(args, options)
  @key = extract_key(args, options)
  @data = options.delete(:data)
  @client = options.delete(:client) || Client.new(options)
  @waiter_block_warned = false
end

Instance Method Details

#acl ⇒ ObjectAcl

Returns:

• (ObjectAcl)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 2799

def acl
  ObjectAcl.new(
    bucket_name: @bucket_name,
    object_key: @key,
    client: @client
  )
end

#bucket ⇒ Bucket

Returns:

• (Bucket)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 2808

def bucket
  Bucket.new(
    name: @bucket_name,
    client: @client
  )
end

#bucket_name ⇒ String

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 36

def bucket_name
  @bucket_name
end

#checksum_algorithm ⇒ Array<String>

The algorithm that was used to create a checksum of the object.

Returns:

• (Array<String>)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 83

def checksum_algorithm
  data[:checksum_algorithm]
end

#checksum_type ⇒ String

The checksum type that is used to calculate the object’s checksum value. For more information, see Checking object integrity in the Amazon S3 User Guide.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 95

def checksum_type
  data[:checksum_type]
end

#client ⇒ Client

Returns:

• (Client)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 153

def client
  @client
end

#copy_from(source, options = {}) ⇒ Object

Parameters:

• source (S3::Object, S3::ObjectVersion, S3::ObjectSummary, String, Hash) —

  Where to copy object data from. source must be one of the following:

  • Aws::S3::Object
  • Aws::S3::ObjectSummary
  • Aws::S3::ObjectVersion
  • Hash - with :bucket and :key and optional :version_id
  • String - formatted like "source-bucket-name/uri-escaped-key" or "source-bucket-name/uri-escaped-key?versionId=version-id"
• options (Hash) (defaults to: {}) —

  a customizable set of options

See Also:

• Aws::S3::Object#copy_from

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 1066

def copy_from(options = {})
  options = options.merge(
    bucket: @bucket_name,
    key: @key
  )
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.copy_object(options)
  end
  resp.data
end

#copy_to(target, options = {}) ⇒ Object

Parameters:

• target (S3::Object, String, Hash) —

  Where to copy the object data to. target must be one of the following:

  • Aws::S3::Object
  • Hash - with :bucket and :key
  • String - formatted like "target-bucket-name/target-key"

See Also:

• Aws::S3::Object#copy_to

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object_summary.rb', line 24

def copy_to(target, options = {})
  object.copy_to(target, options)
end

#data ⇒ Types::Object

Returns the data for this Aws::S3::ObjectSummary.

Returns:

• (Types::Object) —

  Returns the data for this Aws::S3::ObjectSummary.

Raises:

• (NotImplementedError) —

  Raises when #data_loaded? is false.

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 168

def data
  load unless @data
  @data
end

#data_loaded? ⇒ Boolean

Returns true if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.

Returns:

• (Boolean) —

  Returns true if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 176

def data_loaded?
  !!@data
end

#delete(options = {}) ⇒ Types::DeleteObjectOutput

Examples:

Request syntax with placeholder values

object_summary.delete({
  mfa: "MFA",
  version_id: "ObjectVersionId",
  request_payer: "requester", # accepts requester
  bypass_governance_retention: false,
  expected_bucket_owner: "AccountId",
  if_match: "IfMatch",
  if_match_last_modified_time: Time.now,
  if_match_size: 1,
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :mfa (String) —

  The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device. Required to permanently delete a versioned object if versioning is configured with MFA delete enabled.

  This functionality is not supported for directory buckets.

• :version_id (String) —

  Version ID used to reference a specific version of the object.

  For directory buckets in this API operation, only the null value of the version ID is supported.

• :request_payer (String) —

  Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :bypass_governance_retention (Boolean) —

  Indicates whether S3 Object Lock should bypass Governance-mode restrictions to process this operation. To use this header, you must have the s3:BypassGovernanceRetention permission.

  This functionality is not supported for directory buckets.

• :expected_bucket_owner (String) —

  The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

• :if_match (String) —

  The If-Match header field makes the request method conditional on ETags. If the ETag value does not match, the operation returns a 412 Precondition Failed error. If the ETag matches or if the object doesn't exist, the operation will return a 204 Success (No Content) response.

  For more information about conditional requests, see RFC 7232.

  This functionality is only supported for directory buckets.

• :if_match_last_modified_time (Time, DateTime, Date, Integer, String) —

  If present, the object is deleted only if its modification times matches the provided Timestamp. If the Timestamp values do not match, the operation returns a 412 Precondition Failed error. If the Timestamp matches or if the object doesn’t exist, the operation returns a 204 Success (No Content) response.

  This functionality is only supported for directory buckets.

• :if_match_size (Integer) —

  If present, the object is deleted only if its size matches the provided size in bytes. If the Size value does not match, the operation returns a 412 Precondition Failed error. If the Size matches or if the object doesn’t exist, the operation returns a 204 Success (No Content) response.

  This functionality is only supported for directory buckets.

  You can use the If-Match, x-amz-if-match-last-modified-time and x-amz-if-match-size conditional headers in conjunction with each-other or individually.

Returns:

• (Types::DeleteObjectOutput)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 1175

def delete(options = {})
  options = options.merge(
    bucket: @bucket_name,
    key: @key
  )
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.delete_object(options)
  end
  resp.data
end

#download_file(destination, options = {}) ⇒ Boolean

Returns true when the file is downloaded without any errors.

Parameters:

• destination (String, Pathname, File, Tempfile) —

  Where to download the file to. This can either be a String or Pathname to the file, an open File object, or an open Tempfile object. If you pass an open File or Tempfile object, then you are responsible for closing it after the download completes.

• options (Hash) (defaults to: {}) —

  Additional options for Client#get_object and #Client#head_object may be provided.

Returns:

• (Boolean) —

  Returns true when the file is downloaded without any errors.

See Also:

• Aws::S3::Object#download_file

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object_summary.rb', line 79

def download_file(destination, options = {})
  object.download_file(destination, options)
end

#etag ⇒ String

The entity tag is a hash of the object. The ETag reflects changes only to the contents of an object, not its metadata. The ETag may or may not be an MD5 digest of the object data. Whether or not it is depends on how the object was created and how it is encrypted as described below:

• Objects created by the PUT Object, POST Object, or Copy operation, or through the Amazon Web Services Management Console, and are encrypted by SSE-S3 or plaintext, have ETags that are an MD5 digest of their object data.

• Objects created by the PUT Object, POST Object, or Copy operation, or through the Amazon Web Services Management Console, and are encrypted by SSE-C or SSE-KMS, have ETags that are not an MD5 digest of their object data.

• If an object is created by either the Multipart Upload or Part Copy operation, the ETag is not an MD5 digest, regardless of the method of encryption. If an object is larger than 16 MB, the Amazon Web Services Management Console will upload or copy that object as a Multipart Upload, and therefore the ETag will not be an MD5 digest.

Directory buckets - MD5 is not supported by directory buckets.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 77

def etag
  data[:etag]
end

#exists?(options = {}) ⇒ Boolean

Returns true if the ObjectSummary exists.

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (Boolean) —

  Returns true if the ObjectSummary exists.

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 183

def exists?(options = {})
  begin
    wait_until_exists(options.merge(max_attempts: 1))
    true
  rescue Aws::Waiters::Errors::UnexpectedError => e
    raise e.error
  rescue Aws::Waiters::Errors::WaiterFailed
    false
  end
end

#get(options = {}, &block) ⇒ Types::GetObjectOutput

Examples:

Request syntax with placeholder values

object_summary.get({
  if_match: "IfMatch",
  if_modified_since: Time.now,
  if_none_match: "IfNoneMatch",
  if_unmodified_since: Time.now,
  range: "Range",
  response_cache_control: "ResponseCacheControl",
  response_content_disposition: "ResponseContentDisposition",
  response_content_encoding: "ResponseContentEncoding",
  response_content_language: "ResponseContentLanguage",
  response_content_type: "ResponseContentType",
  response_expires: Time.now,
  version_id: "ObjectVersionId",
  sse_customer_algorithm: "SSECustomerAlgorithm",
  sse_customer_key: "SSECustomerKey",
  sse_customer_key_md5: "SSECustomerKeyMD5",
  request_payer: "requester", # accepts requester
  part_number: 1,
  expected_bucket_owner: "AccountId",
  checksum_mode: "ENABLED", # accepts ENABLED
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :if_match (String) —

  Return the object only if its entity tag (ETag) is the same as the one specified in this header; otherwise, return a 412 Precondition Failed error.

  If both of the If-Match and If-Unmodified-Since headers are present in the request as follows: If-Match condition evaluates to true, and; If-Unmodified-Since condition evaluates to false; then, S3 returns 200 OK and the data requested.

  For more information about conditional requests, see RFC 7232.

• :if_modified_since (Time, DateTime, Date, Integer, String) —

  Return the object only if it has been modified since the specified time; otherwise, return a 304 Not Modified error.

  If both of the If-None-Match and If-Modified-Since headers are present in the request as follows:If-None-Match condition evaluates to false, and; If-Modified-Since condition evaluates to true; then, S3 returns 304 Not Modified status code.

  For more information about conditional requests, see RFC 7232.

• :if_none_match (String) —

  Return the object only if its entity tag (ETag) is different from the one specified in this header; otherwise, return a 304 Not Modified error.

  If both of the If-None-Match and If-Modified-Since headers are present in the request as follows:If-None-Match condition evaluates to false, and; If-Modified-Since condition evaluates to true; then, S3 returns 304 Not Modified HTTP status code.

  For more information about conditional requests, see RFC 7232.

• :if_unmodified_since (Time, DateTime, Date, Integer, String) —

  Return the object only if it has not been modified since the specified time; otherwise, return a 412 Precondition Failed error.

  If both of the If-Match and If-Unmodified-Since headers are present in the request as follows: If-Match condition evaluates to true, and; If-Unmodified-Since condition evaluates to false; then, S3 returns 200 OK and the data requested.

  For more information about conditional requests, see RFC 7232.

• :range (String) —

  Downloads the specified byte range of an object. For more information about the HTTP Range header, see https://www.rfc-editor.org/rfc/rfc9110.html#name-range.

  Amazon S3 doesn't support retrieving multiple ranges of data per GET request.

• :response_cache_control (String) —

  Sets the Cache-Control header of the response.

• :response_content_disposition (String) —

  Sets the Content-Disposition header of the response.

• :response_content_encoding (String) —

  Sets the Content-Encoding header of the response.

• :response_content_language (String) —

  Sets the Content-Language header of the response.

• :response_content_type (String) —

  Sets the Content-Type header of the response.

• :response_expires (Time, DateTime, Date, Integer, String) —

  Sets the Expires header of the response.

• :version_id (String) —

  Version ID used to reference a specific version of the object.

  By default, the GetObject operation returns the current version of an object. To return a different version, use the versionId subresource.

  * If you include a versionId in your request header, you must have the s3:GetObjectVersion permission to access a specific version of an object. The s3:GetObject permission is not required in this scenario.

  • If you request the current version of an object without a specific versionId in the request header, only the s3:GetObject permission is required. The s3:GetObjectVersion permission is not required in this scenario.

  • Directory buckets - S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the null value of the version ID is supported by directory buckets. You can only specify null to the versionId query parameter in the request.

  For more information about versioning, see PutBucketVersioning.

• :sse_customer_algorithm (String) —

  Specifies the algorithm to use when decrypting the object (for example, AES256).

  If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in Amazon S3, then when you GET the object, you must use the following headers:

  • x-amz-server-side-encryption-customer-algorithm

  • x-amz-server-side-encryption-customer-key

  • x-amz-server-side-encryption-customer-key-MD5

  For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided Encryption Keys) in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :sse_customer_key (String) —

  Specifies the customer-provided encryption key that you originally provided for Amazon S3 to encrypt the data before storing it. This value is used to decrypt the object when recovering it and must match the one used when storing the data. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.

  If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in Amazon S3, then when you GET the object, you must use the following headers:

  • x-amz-server-side-encryption-customer-algorithm

  • x-amz-server-side-encryption-customer-key

  • x-amz-server-side-encryption-customer-key-MD5

  For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided Encryption Keys) in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :sse_customer_key_md5 (String) —

  Specifies the 128-bit MD5 digest of the customer-provided encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

  If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in Amazon S3, then when you GET the object, you must use the following headers:

  • x-amz-server-side-encryption-customer-algorithm

  • x-amz-server-side-encryption-customer-key

  • x-amz-server-side-encryption-customer-key-MD5

  For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided Encryption Keys) in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :request_payer (String) —

  Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :part_number (Integer) —

  Part number of the object being read. This is a positive integer between 1 and 10,000. Effectively performs a 'ranged' GET request for the part specified. Useful for downloading just a part of an object.

• :expected_bucket_owner (String) —

  The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

• :checksum_mode (String) —

  To retrieve the checksum, this mode must be enabled.

Returns:

• (Types::GetObjectOutput)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 1431

def get(options = {}, &block)
  options = options.merge(
    bucket: @bucket_name,
    key: @key
  )
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.get_object(options, &block)
  end
  resp.data
end

#initiate_multipart_upload(options = {}) ⇒ MultipartUpload

Examples:

Request syntax with placeholder values

multipartupload = object_summary.initiate_multipart_upload({
  acl: "private", # accepts private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, bucket-owner-full-control
  cache_control: "CacheControl",
  content_disposition: "ContentDisposition",
  content_encoding: "ContentEncoding",
  content_language: "ContentLanguage",
  content_type: "ContentType",
  expires: Time.now,
  grant_full_control: "GrantFullControl",
  grant_read: "GrantRead",
  grant_read_acp: "GrantReadACP",
  grant_write_acp: "GrantWriteACP",
  metadata: {
    "MetadataKey" => "MetadataValue",
  },
  server_side_encryption: "AES256", # accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
  storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS
  website_redirect_location: "WebsiteRedirectLocation",
  sse_customer_algorithm: "SSECustomerAlgorithm",
  sse_customer_key: "SSECustomerKey",
  sse_customer_key_md5: "SSECustomerKeyMD5",
  ssekms_key_id: "SSEKMSKeyId",
  ssekms_encryption_context: "SSEKMSEncryptionContext",
  bucket_key_enabled: false,
  request_payer: "requester", # accepts requester
  tagging: "TaggingHeader",
  object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
  object_lock_retain_until_date: Time.now,
  object_lock_legal_hold_status: "ON", # accepts ON, OFF
  expected_bucket_owner: "AccountId",
  checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
  checksum_type: "COMPOSITE", # accepts COMPOSITE, FULL_OBJECT
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :acl (String) —

  The canned ACL to apply to the object. Amazon S3 supports a set of predefined ACLs, known as canned ACLs. Each canned ACL has a predefined set of grantees and permissions. For more information, see Canned ACL in the Amazon S3 User Guide.

  By default, all objects are private. Only the owner has full access control. When uploading an object, you can grant access permissions to individual Amazon Web Services accounts or to predefined groups defined by Amazon S3. These permissions are then added to the access control list (ACL) on the new object. For more information, see Using ACLs. One way to grant the permissions using the request headers is to specify a canned ACL with the x-amz-acl request header.

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :cache_control (String) —

  Specifies caching behavior along the request/reply chain.

• :content_disposition (String) —

  Specifies presentational information for the object.

• :content_encoding (String) —

  Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.

  For directory buckets, only the aws-chunked value is supported in this header field.

• :content_language (String) —

  The language that the content is in.

• :content_type (String) —

  A standard MIME type describing the format of the object data.

• :expires (Time, DateTime, Date, Integer, String) —

  The date and time at which the object is no longer cacheable.

• :grant_full_control (String) —

  Specify access permissions explicitly to give the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.

  By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see Access Control List (ACL) Overview in the Amazon S3 User Guide.

  You specify each grantee as a type=value pair, where the type is one of the following:

  • id – if the value specified is the canonical user ID of an Amazon Web Services account

  • uri – if you are granting permissions to a predefined group

  • emailAddress – if the value specified is the email address of an Amazon Web Services account

    Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

    • US East (N. Virginia)

    • US West (N. California)

    • US West (Oregon)

    • Asia Pacific (Singapore)

    • Asia Pacific (Sydney)

    • Asia Pacific (Tokyo)

    • Europe (Ireland)

    • South America (São Paulo)

    For a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.

  For example, the following x-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

  x-amz-grant-read: id="11112222333", id="444455556666"

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :grant_read (String) —

  Specify access permissions explicitly to allow grantee to read the object data and its metadata.

  By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see Access Control List (ACL) Overview in the Amazon S3 User Guide.

  You specify each grantee as a type=value pair, where the type is one of the following:

  • id – if the value specified is the canonical user ID of an Amazon Web Services account

  • uri – if you are granting permissions to a predefined group

  • emailAddress – if the value specified is the email address of an Amazon Web Services account

    Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

    • US East (N. Virginia)

    • US West (N. California)

    • US West (Oregon)

    • Asia Pacific (Singapore)

    • Asia Pacific (Sydney)

    • Asia Pacific (Tokyo)

    • Europe (Ireland)

    • South America (São Paulo)

    For a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.

  For example, the following x-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

  x-amz-grant-read: id="11112222333", id="444455556666"

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :grant_read_acp (String) —

  Specify access permissions explicitly to allows grantee to read the object ACL.

  By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see Access Control List (ACL) Overview in the Amazon S3 User Guide.

  You specify each grantee as a type=value pair, where the type is one of the following:

  • id – if the value specified is the canonical user ID of an Amazon Web Services account

  • uri – if you are granting permissions to a predefined group

  • emailAddress – if the value specified is the email address of an Amazon Web Services account

    Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

    • US East (N. Virginia)

    • US West (N. California)

    • US West (Oregon)

    • Asia Pacific (Singapore)

    • Asia Pacific (Sydney)

    • Asia Pacific (Tokyo)

    • Europe (Ireland)

    • South America (São Paulo)

    For a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.

  For example, the following x-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

  x-amz-grant-read: id="11112222333", id="444455556666"

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :grant_write_acp (String) —

  Specify access permissions explicitly to allows grantee to allow grantee to write the ACL for the applicable object.

  By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see Access Control List (ACL) Overview in the Amazon S3 User Guide.

  You specify each grantee as a type=value pair, where the type is one of the following:

  • id – if the value specified is the canonical user ID of an Amazon Web Services account

  • uri – if you are granting permissions to a predefined group

  • emailAddress – if the value specified is the email address of an Amazon Web Services account

    Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

    • US East (N. Virginia)

    • US West (N. California)

    • US West (Oregon)

    • Asia Pacific (Singapore)

    • Asia Pacific (Sydney)

    • Asia Pacific (Tokyo)

    • Europe (Ireland)

    • South America (São Paulo)

    For a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.

  For example, the following x-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

  x-amz-grant-read: id="11112222333", id="444455556666"

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :metadata (Hash<String,String>) —

  A map of metadata to store with the object in S3.

• :server_side_encryption (String) —

  The server-side encryption algorithm used when you store this object in Amazon S3 or Amazon FSx.

  • Directory buckets - For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your CreateSession requests or PUT object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information, see Protecting data with server-side encryption in the Amazon S3 User Guide. For more information about the encryption overriding behaviors in directory buckets, see Specifying server-side encryption with KMS for new object uploads.

    In the Zonal endpoint API calls (except CopyObject and UploadPartCopy) using the REST API, the encryption request headers must match the encryption settings that are specified in the CreateSession request. You can't override the values of the encryption settings (x-amz-server-side-encryption, x-amz-server-side-encryption-aws-kms-key-id, x-amz-server-side-encryption-context, and x-amz-server-side-encryption-bucket-key-enabled) that are specified in the CreateSession request. You don't need to explicitly specify these encryption settings values in Zonal endpoint API calls, and Amazon S3 will use the encryption settings values from the CreateSession request to protect new objects in the directory bucket.

    When you use the CLI or the Amazon Web Services SDKs, for CreateSession, the session token refreshes automatically to avoid service interruptions when a session expires. The CLI or the Amazon Web Services SDKs use the bucket's default encryption configuration for the CreateSession request. It's not supported to override the encryption settings values in the CreateSession request. So in the Zonal endpoint API calls (except CopyObject and UploadPartCopy), the encryption request headers must match the default encryption configuration of the directory bucket.

  • S3 access points for Amazon FSx - When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is aws:fsx. All Amazon FSx file systems have encryption configured by default and are encrypted at rest. Data is automatically encrypted before being written to the file system, and automatically decrypted as it is read. These processes are handled transparently by Amazon FSx.

• :storage_class (String) —

  By default, Amazon S3 uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. Depending on performance needs, you can specify a different Storage Class. For more information, see Storage Classes in the Amazon S3 User Guide.

  * Directory buckets only support EXPRESS_ONEZONE (the S3 Express One Zone storage class) in Availability Zones and ONEZONE_IA (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.

  • Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.

• :website_redirect_location (String) —

  If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.

  This functionality is not supported for directory buckets.

• :sse_customer_algorithm (String) —

  Specifies the algorithm to use when encrypting the object (for example, AES256).

  This functionality is not supported for directory buckets.

• :sse_customer_key (String) —

  Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.

  This functionality is not supported for directory buckets.

• :sse_customer_key_md5 (String) —

  Specifies the 128-bit MD5 digest of the customer-provided encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

  This functionality is not supported for directory buckets.

• :ssekms_key_id (String) —

  Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for object encryption. If the KMS key doesn't exist in the same account that's issuing the command, you must use the full Key ARN not the Key ID.

  General purpose buckets - If you specify x-amz-server-side-encryption with aws:kms or aws:kms:dsse, this header specifies the ID (Key ID, Key ARN, or Key Alias) of the KMS key to use. If you specify x-amz-server-side-encryption:aws:kms or x-amz-server-side-encryption:aws:kms:dsse, but do not provide x-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the Amazon Web Services managed key (aws/s3) to protect the data.

  Directory buckets - To encrypt data using SSE-KMS, it's recommended to specify the x-amz-server-side-encryption header to aws:kms. Then, the x-amz-server-side-encryption-aws-kms-key-id header implicitly uses the bucket's default KMS customer managed key ID. If you want to explicitly set the x-amz-server-side-encryption-aws-kms-key-id header, it must match the bucket's default customer managed key (using key ID or ARN, not alias). Your SSE-KMS configuration can only support 1 customer managed key per directory bucket's lifetime. The Amazon Web Services managed key (aws/s3) isn't supported. Incorrect key specification results in an HTTP 400 Bad Request error.

• :ssekms_encryption_context (String) —

  Specifies the Amazon Web Services KMS Encryption Context to use for object encryption. The value of this header is a Base64 encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs.

  Directory buckets - You can optionally provide an explicit encryption context value. The value must match the default encryption context - the bucket Amazon Resource Name (ARN). An additional encryption context value is not supported.

• :bucket_key_enabled (Boolean) —

  Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using Key Management Service (KMS) keys (SSE-KMS).

  General purpose buckets - Setting this header to true causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS. Also, specifying this header with a PUT action doesn't affect bucket-level settings for S3 Bucket Key.

  Directory buckets - S3 Bucket Keys are always enabled for GET and PUT operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through CopyObject, UploadPartCopy, the Copy operation in Batch Operations, or the import jobs. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.

• :request_payer (String) —

  Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :tagging (String) —

  The tag-set for the object. The tag-set must be encoded as URL Query parameters.

  This functionality is not supported for directory buckets.

• :object_lock_mode (String) —

  Specifies the Object Lock mode that you want to apply to the uploaded object.

  This functionality is not supported for directory buckets.

• :object_lock_retain_until_date (Time, DateTime, Date, Integer, String) —

  Specifies the date and time when you want the Object Lock to expire.

  This functionality is not supported for directory buckets.

• :object_lock_legal_hold_status (String) —

  Specifies whether you want to apply a legal hold to the uploaded object.

  This functionality is not supported for directory buckets.

• :expected_bucket_owner (String) —

  The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

• :checksum_algorithm (String) —

  Indicates the algorithm that you want Amazon S3 to use to create the checksum for the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

• :checksum_type (String) —

  Indicates the checksum type that you want Amazon S3 to use to calculate the object’s checksum value. For more information, see Checking object integrity in the Amazon S3 User Guide.

Returns:

• (MultipartUpload)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 2015

def initiate_multipart_upload(options = {})
  options = options.merge(
    bucket: @bucket_name,
    key: @key
  )
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.create_multipart_upload(options)
  end
  MultipartUpload.new(
    bucket_name: @bucket_name,
    object_key: @key,
    id: resp.data.upload_id,
    client: @client
  )
end

#key ⇒ String

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 41

def key
  @key
end

#last_modified ⇒ Time

Creation date of the object.

Returns:

• (Time)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 47

def last_modified
  data[:last_modified]
end

#move_to(target, options = {}) ⇒ void

This method returns an undefined value.

Parameters:

• target (S3::Object, String, Hash) —

  Where to copy the object data to. target must be one of the following:

  • Aws::S3::Object
  • Hash - with :bucket and :key
  • String - formatted like "target-bucket-name/target-key"

See Also:

• Aws::S3::Object#move_to

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object_summary.rb', line 32

def move_to(target, options = {})
  object.move_to(target, options)
end

#multipart_upload(id) ⇒ MultipartUpload

Parameters:

• id (String)

Returns:

• (MultipartUpload)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 2817

def multipart_upload(id)
  MultipartUpload.new(
    bucket_name: @bucket_name,
    object_key: @key,
    id: id,
    client: @client
  )
end

#object ⇒ Object

Returns:

• (Object)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 2827

def object
  Object.new(
    bucket_name: @bucket_name,
    key: @key,
    client: @client
  )
end

#owner ⇒ Types::Owner

The owner of the object

Directory buckets - The bucket owner is returned as the object owner.

Returns:

• (Types::Owner)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 125

def owner
  data[:owner]
end

#presigned_post(options = {}) ⇒ PresignedPost

Parameters:

• options (Hash) (defaults to: {}) —

  a customizable set of options

Returns:

• (PresignedPost)

See Also:

• Aws::S3::Object#presigned_post

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object_summary.rb', line 40

def presigned_post(options = {})
  object.presigned_post(options)
end

#presigned_url(http_method, params = {}) ⇒ String

Parameters:

• method (Symbol) —

  The S3 operation to generate a presigned URL for. Valid values are :get, :put, :head, :delete, :create_multipart_upload, :list_multipart_uploads, :complete_multipart_upload, :abort_multipart_upload, :list_parts, and :upload_part.

• params (Hash) (defaults to: {}) —

  Additional request parameters to use when generating the pre-signed URL. See the related documentation in Client for accepted params.

  Method	Client Method
  :get	Client#get_object
  :put	Client#put_object
  :head	Client#head_object
  :delete	Client#delete_object
  :create_multipart_upload	Client#create_multipart_upload
  :list_multipart_uploads	Client#list_multipart_uploads
  :complete_multipart_upload	Client#complete_multipart_upload
  :abort_multipart_upload	Client#abort_multipart_upload
  :list_parts	Client#list_parts
  :upload_part	Client#upload_part

Returns:

• (String)

See Also:

• Aws::S3::Object#presigned_url

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object_summary.rb', line 48

def presigned_url(http_method, params = {})
  object.presigned_url(http_method, params)
end

#public_url(options = {}) ⇒ String

Parameters:

• options (Hash) (defaults to: {}) —

  a customizable set of options

Returns:

• (String)

See Also:

• Aws::S3::Object#public_url

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object_summary.rb', line 56

def public_url(options = {})
  object.public_url(options)
end

#put(options = {}) ⇒ Types::PutObjectOutput

Examples:

Request syntax with placeholder values

object_summary.put({
  acl: "private", # accepts private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, bucket-owner-full-control
  body: source_file,
  cache_control: "CacheControl",
  content_disposition: "ContentDisposition",
  content_encoding: "ContentEncoding",
  content_language: "ContentLanguage",
  content_length: 1,
  content_md5: "ContentMD5",
  content_type: "ContentType",
  checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
  checksum_crc32: "ChecksumCRC32",
  checksum_crc32c: "ChecksumCRC32C",
  checksum_crc64nvme: "ChecksumCRC64NVME",
  checksum_sha1: "ChecksumSHA1",
  checksum_sha256: "ChecksumSHA256",
  expires: Time.now,
  if_match: "IfMatch",
  if_none_match: "IfNoneMatch",
  grant_full_control: "GrantFullControl",
  grant_read: "GrantRead",
  grant_read_acp: "GrantReadACP",
  grant_write_acp: "GrantWriteACP",
  write_offset_bytes: 1,
  metadata: {
    "MetadataKey" => "MetadataValue",
  },
  server_side_encryption: "AES256", # accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
  storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS
  website_redirect_location: "WebsiteRedirectLocation",
  sse_customer_algorithm: "SSECustomerAlgorithm",
  sse_customer_key: "SSECustomerKey",
  sse_customer_key_md5: "SSECustomerKeyMD5",
  ssekms_key_id: "SSEKMSKeyId",
  ssekms_encryption_context: "SSEKMSEncryptionContext",
  bucket_key_enabled: false,
  request_payer: "requester", # accepts requester
  tagging: "TaggingHeader",
  object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
  object_lock_retain_until_date: Time.now,
  object_lock_legal_hold_status: "ON", # accepts ON, OFF
  expected_bucket_owner: "AccountId",
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :acl (String) —

  The canned ACL to apply to the object. For more information, see Canned ACL in the Amazon S3 User Guide.

  When adding a new object, you can use headers to grant ACL-based permissions to individual Amazon Web Services accounts or to predefined groups defined by Amazon S3. These permissions are then added to the ACL on the object. By default, all objects are private. Only the owner has full access control. For more information, see Access Control List (ACL) Overview and Managing ACLs Using the REST API in the Amazon S3 User Guide.

  If the bucket that you're uploading objects to uses the bucket owner enforced setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. Buckets that use this setting only accept PUT requests that don't specify an ACL or PUT requests that specify bucket owner full control ACLs, such as the bucket-owner-full-control canned ACL or an equivalent form of this ACL expressed in the XML format. PUT requests that contain other ACLs (for example, custom grants to certain Amazon Web Services accounts) fail and return a 400 error with the error code AccessControlListNotSupported. For more information, see Controlling ownership of objects and disabling ACLs in the Amazon S3 User Guide.

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :body (String, StringIO, File) —

  Object data.

• :cache_control (String) —

  Can be used to specify caching behavior along the request/reply chain. For more information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.

• :content_disposition (String) —

  Specifies presentational information for the object. For more information, see https://www.rfc-editor.org/rfc/rfc6266#section-4.

• :content_encoding (String) —

  Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. For more information, see https://www.rfc-editor.org/rfc/rfc9110.html#field.content-encoding.

• :content_language (String) —

  The language the content is in.

• :content_length (Integer) —

  Size of the body in bytes. This parameter is useful when the size of the body cannot be determined automatically. For more information, see https://www.rfc-editor.org/rfc/rfc9110.html#name-content-length.

• :content_md5 (String) —

  The Base64 encoded 128-bit MD5 digest of the message (without the headers) according to RFC 1864. This header can be used as a message integrity check to verify that the data is the same data that was originally sent. Although it is optional, we recommend using the Content-MD5 mechanism as an end-to-end integrity check. For more information about REST request authentication, see REST Authentication.

  The Content-MD5 or x-amz-sdk-checksum-algorithm header is required for any request to upload an object with a retention period configured using Amazon S3 Object Lock. For more information, see Uploading objects to an Object Lock enabled bucket in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :content_type (String) —

  A standard MIME type describing the format of the contents. For more information, see https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type.

• :checksum_algorithm (String) —

  Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding x-amz-checksum-algorithm or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the HTTP status code 400 Bad Request.

  For the x-amz-checksum-algorithm header, replace algorithm with the supported algorithm from the following list:

  • CRC32

  • CRC32C

  • CRC64NVME

  • SHA1

  • SHA256

  For more information, see Checking object integrity in the Amazon S3 User Guide.

  If the individual checksum value you provide through x-amz-checksum-algorithm doesn't match the checksum algorithm you set through x-amz-sdk-checksum-algorithm, Amazon S3 fails the request with a BadDigest error.

  The Content-MD5 or x-amz-sdk-checksum-algorithm header is required for any request to upload an object with a retention period configured using Amazon S3 Object Lock. For more information, see Uploading objects to an Object Lock enabled bucket in the Amazon S3 User Guide.

  For directory buckets, when you use Amazon Web Services SDKs, CRC32 is the default checksum algorithm that's used for performance.

• :checksum_crc32 (String) —

  This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 32-bit CRC32 checksum of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

• :checksum_crc32c (String) —

  This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 32-bit CRC32C checksum of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

• :checksum_crc64nvme (String) —

  This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 64-bit CRC64NVME checksum of the object. The CRC64NVME checksum is always a full object checksum. For more information, see Checking object integrity in the Amazon S3 User Guide.

• :checksum_sha1 (String) —

  This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 160-bit SHA1 digest of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

• :checksum_sha256 (String) —

  This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 256-bit SHA256 digest of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

• :expires (Time, DateTime, Date, Integer, String) —

  The date and time at which the object is no longer cacheable. For more information, see https://www.rfc-editor.org/rfc/rfc7234#section-5.3.

• :if_match (String) —

  Uploads the object only if the ETag (entity tag) value provided during the WRITE operation matches the ETag of the object in S3. If the ETag values do not match, the operation returns a 412 Precondition Failed error.

  If a conflicting operation occurs during the upload S3 returns a 409 ConditionalRequestConflict response. On a 409 failure you should fetch the object's ETag and retry the upload.

  Expects the ETag value as a string.

  For more information about conditional requests, see RFC 7232, or Conditional requests in the Amazon S3 User Guide.

• :if_none_match (String) —

  Uploads the object only if the object key name does not already exist in the bucket specified. Otherwise, Amazon S3 returns a 412 Precondition Failed error.

  If a conflicting operation occurs during the upload S3 returns a 409 ConditionalRequestConflict response. On a 409 failure you should retry the upload.

  Expects the '*' (asterisk) character.

  For more information about conditional requests, see RFC 7232, or Conditional requests in the Amazon S3 User Guide.

• :grant_full_control (String) —

  Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :grant_read (String) —

  Allows grantee to read the object data and its metadata.

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :grant_read_acp (String) —

  Allows grantee to read the object ACL.

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :grant_write_acp (String) —

  Allows grantee to write the ACL for the applicable object.

  * This functionality is not supported for directory buckets.

  • This functionality is not supported for Amazon S3 on Outposts.

• :write_offset_bytes (Integer) —

  Specifies the offset for appending data to existing objects in bytes. The offset must be equal to the size of the existing object being appended to. If no object exists, setting this header to 0 will create a new object.

  This functionality is only supported for objects in the Amazon S3 Express One Zone storage class in directory buckets.

• :metadata (Hash<String,String>) —

  A map of metadata to store with the object in S3.

• :server_side_encryption (String) —

  The server-side encryption algorithm that was used when you store this object in Amazon S3 or Amazon FSx.

  • General purpose buckets - You have four mutually exclusive options to protect data using server-side encryption in Amazon S3, depending on how you choose to manage the encryption keys. Specifically, the encryption key options are Amazon S3 managed keys (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or DSSE-KMS), and customer-provided keys (SSE-C). Amazon S3 encrypts data with server-side encryption by using Amazon S3 managed keys (SSE-S3) by default. You can optionally tell Amazon S3 to encrypt data at rest by using server-side encryption with other key options. For more information, see Using Server-Side Encryption in the Amazon S3 User Guide.

  • Directory buckets - For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your CreateSession requests or PUT object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information, see Protecting data with server-side encryption in the Amazon S3 User Guide. For more information about the encryption overriding behaviors in directory buckets, see Specifying server-side encryption with KMS for new object uploads.

    In the Zonal endpoint API calls (except CopyObject and UploadPartCopy) using the REST API, the encryption request headers must match the encryption settings that are specified in the CreateSession request. You can't override the values of the encryption settings (x-amz-server-side-encryption, x-amz-server-side-encryption-aws-kms-key-id, x-amz-server-side-encryption-context, and x-amz-server-side-encryption-bucket-key-enabled) that are specified in the CreateSession request. You don't need to explicitly specify these encryption settings values in Zonal endpoint API calls, and Amazon S3 will use the encryption settings values from the CreateSession request to protect new objects in the directory bucket.

    When you use the CLI or the Amazon Web Services SDKs, for CreateSession, the session token refreshes automatically to avoid service interruptions when a session expires. The CLI or the Amazon Web Services SDKs use the bucket's default encryption configuration for the CreateSession request. It's not supported to override the encryption settings values in the CreateSession request. So in the Zonal endpoint API calls (except CopyObject and UploadPartCopy), the encryption request headers must match the default encryption configuration of the directory bucket.

  • S3 access points for Amazon FSx - When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is aws:fsx. All Amazon FSx file systems have encryption configured by default and are encrypted at rest. Data is automatically encrypted before being written to the file system, and automatically decrypted as it is read. These processes are handled transparently by Amazon FSx.

• :storage_class (String) —

  By default, Amazon S3 uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. Depending on performance needs, you can specify a different Storage Class. For more information, see Storage Classes in the Amazon S3 User Guide.

  * Directory buckets only support EXPRESS_ONEZONE (the S3 Express One Zone storage class) in Availability Zones and ONEZONE_IA (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.

  • Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.

• :website_redirect_location (String) —

  If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata. For information about object metadata, see Object Key and Metadata in the Amazon S3 User Guide.

  In the following example, the request header sets the redirect to an object (anotherPage.html) in the same bucket:

  x-amz-website-redirect-location: /anotherPage.html

  In the following example, the request header sets the object redirect to another website:

  x-amz-website-redirect-location: http://www.example.com/

  For more information about website hosting in Amazon S3, see Hosting Websites on Amazon S3 and How to Configure Website Page Redirects in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :sse_customer_algorithm (String) —

  Specifies the algorithm to use when encrypting the object (for example, AES256).

  This functionality is not supported for directory buckets.

• :sse_customer_key (String) —

  Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.

  This functionality is not supported for directory buckets.

• :sse_customer_key_md5 (String) —

  Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

  This functionality is not supported for directory buckets.

• :ssekms_key_id (String) —

  Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for object encryption. If the KMS key doesn't exist in the same account that's issuing the command, you must use the full Key ARN not the Key ID.

  General purpose buckets - If you specify x-amz-server-side-encryption with aws:kms or aws:kms:dsse, this header specifies the ID (Key ID, Key ARN, or Key Alias) of the KMS key to use. If you specify x-amz-server-side-encryption:aws:kms or x-amz-server-side-encryption:aws:kms:dsse, but do not provide x-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the Amazon Web Services managed key (aws/s3) to protect the data.

  Directory buckets - To encrypt data using SSE-KMS, it's recommended to specify the x-amz-server-side-encryption header to aws:kms. Then, the x-amz-server-side-encryption-aws-kms-key-id header implicitly uses the bucket's default KMS customer managed key ID. If you want to explicitly set the x-amz-server-side-encryption-aws-kms-key-id header, it must match the bucket's default customer managed key (using key ID or ARN, not alias). Your SSE-KMS configuration can only support 1 customer managed key per directory bucket's lifetime. The Amazon Web Services managed key (aws/s3) isn't supported. Incorrect key specification results in an HTTP 400 Bad Request error.

• :ssekms_encryption_context (String) —

  Specifies the Amazon Web Services KMS Encryption Context as an additional encryption context to use for object encryption. The value of this header is a Base64 encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs. This value is stored as object metadata and automatically gets passed on to Amazon Web Services KMS for future GetObject operations on this object.

  General purpose buckets - This value must be explicitly added during CopyObject operations if you want an additional encryption context for your object. For more information, see Encryption context in the Amazon S3 User Guide.

  Directory buckets - You can optionally provide an explicit encryption context value. The value must match the default encryption context - the bucket Amazon Resource Name (ARN). An additional encryption context value is not supported.

• :bucket_key_enabled (Boolean) —

  Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using Key Management Service (KMS) keys (SSE-KMS).

  General purpose buckets - Setting this header to true causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS. Also, specifying this header with a PUT action doesn't affect bucket-level settings for S3 Bucket Key.

  Directory buckets - S3 Bucket Keys are always enabled for GET and PUT operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through CopyObject, UploadPartCopy, the Copy operation in Batch Operations, or the import jobs. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.

• :request_payer (String) —

  Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :tagging (String) —

  The tag-set for the object. The tag-set must be encoded as URL Query parameters. (For example, "Key1=Value1")

  This functionality is not supported for directory buckets.

• :object_lock_mode (String) —

  The Object Lock mode that you want to apply to this object.

  This functionality is not supported for directory buckets.

• :object_lock_retain_until_date (Time, DateTime, Date, Integer, String) —

  The date and time when you want this object's Object Lock to expire. Must be formatted as a timestamp parameter.

  This functionality is not supported for directory buckets.

• :object_lock_legal_hold_status (String) —

  Specifies whether a legal hold will be applied to this object. For more information about S3 Object Lock, see Object Lock in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :expected_bucket_owner (String) —

  The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

Returns:

• (Types::PutObjectOutput)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 2644

def put(options = {})
  options = options.merge(
    bucket: @bucket_name,
    key: @key
  )
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.put_object(options)
  end
  resp.data
end

#restore_object(options = {}) ⇒ Types::RestoreObjectOutput

Examples:

Request syntax with placeholder values

object_summary.restore_object({
  version_id: "ObjectVersionId",
  restore_request: {
    days: 1,
    glacier_job_parameters: {
      tier: "Standard", # required, accepts Standard, Bulk, Expedited
    },
    type: "SELECT", # accepts SELECT
    tier: "Standard", # accepts Standard, Bulk, Expedited
    description: "Description",
    select_parameters: {
      input_serialization: { # required
        csv: {
          file_header_info: "USE", # accepts USE, IGNORE, NONE
          comments: "Comments",
          quote_escape_character: "QuoteEscapeCharacter",
          record_delimiter: "RecordDelimiter",
          field_delimiter: "FieldDelimiter",
          quote_character: "QuoteCharacter",
          allow_quoted_record_delimiter: false,
        },
        compression_type: "NONE", # accepts NONE, GZIP, BZIP2
        json: {
          type: "DOCUMENT", # accepts DOCUMENT, LINES
        },
        parquet: {
        },
      },
      expression_type: "SQL", # required, accepts SQL
      expression: "Expression", # required
      output_serialization: { # required
        csv: {
          quote_fields: "ALWAYS", # accepts ALWAYS, ASNEEDED
          quote_escape_character: "QuoteEscapeCharacter",
          record_delimiter: "RecordDelimiter",
          field_delimiter: "FieldDelimiter",
          quote_character: "QuoteCharacter",
        },
        json: {
          record_delimiter: "RecordDelimiter",
        },
      },
    },
    output_location: {
      s3: {
        bucket_name: "BucketName", # required
        prefix: "LocationPrefix", # required
        encryption: {
          encryption_type: "AES256", # required, accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
          kms_key_id: "SSEKMSKeyId",
          kms_context: "KMSContext",
        },
        canned_acl: "private", # accepts private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, bucket-owner-full-control
        access_control_list: [
          {
            grantee: {
              display_name: "DisplayName",
              email_address: "EmailAddress",
              id: "ID",
              type: "CanonicalUser", # required, accepts CanonicalUser, AmazonCustomerByEmail, Group
              uri: "URI",
            },
            permission: "FULL_CONTROL", # accepts FULL_CONTROL, WRITE, WRITE_ACP, READ, READ_ACP
          },
        ],
        tagging: {
          tag_set: [ # required
            {
              key: "ObjectKey", # required
              value: "Value", # required
            },
          ],
        },
        user_metadata: [
          {
            name: "MetadataKey",
            value: "MetadataValue",
          },
        ],
        storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS
      },
    },
  },
  request_payer: "requester", # accepts requester
  checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
  expected_bucket_owner: "AccountId",
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :version_id (String) —

  VersionId used to reference a specific version of the object.

• :restore_request (Types::RestoreRequest) —

  Container for restore job parameters.

• :request_payer (String) —

  Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

  This functionality is not supported for directory buckets.

• :checksum_algorithm (String) —

  Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the HTTP status code 400 Bad Request. For more information, see Checking object integrity in the Amazon S3 User Guide.

  If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm parameter.

• :expected_bucket_owner (String) —

  The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

Returns:

• (Types::RestoreObjectOutput)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 2785

def restore_object(options = {})
  options = options.merge(
    bucket: @bucket_name,
    key: @key
  )
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.restore_object(options)
  end
  resp.data
end

#restore_status ⇒ Types::RestoreStatus

Specifies the restoration status of an object. Objects in certain storage classes must be restored before they can be retrieved. For more information about these storage classes and how to work with archived objects, see Working with archived objects in the Amazon S3 User Guide.

This functionality is not supported for directory buckets. Directory buckets only support EXPRESS_ONEZONE (the S3 Express One Zone storage class) in Availability Zones and ONEZONE_IA (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.

Returns:

• (Types::RestoreStatus)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 146

def restore_status
  data[:restore_status]
end

#size ⇒ Integer Also known as: content_length

Size in bytes of the object

Returns:

• (Integer)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 101

def size
  data[:size]
end

#storage_class ⇒ String

The class of storage used to store the object.

Directory buckets - Directory buckets only support EXPRESS_ONEZONE (the S3 Express One Zone storage class) in Availability Zones and ONEZONE_IA (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 114

def storage_class
  data[:storage_class]
end

#upload_file(source, options = {}) ⇒ Boolean

Returns true when the object is uploaded without any errors.

Parameters:

• source (String, Pathname, File, Tempfile) —

  A file on the local file system that will be uploaded as this object. This can either be a String or Pathname to the file, an open File object, or an open Tempfile object. If you pass an open File or Tempfile object, then you are responsible for closing it after the upload completes. When using an open Tempfile, rewind it before uploading or else the object will be empty.

• options (Hash) (defaults to: {}) —

  Additional options for Client#put_object when file sizes below the multipart threshold. For files larger than the multipart threshold, options for Client#create_multipart_upload, Client#complete_multipart_upload, and Client#upload_part can be provided.

Returns:

• (Boolean) —

  Returns true when the object is uploaded without any errors.

See Also:

• Aws::S3::Object#upload_file

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object_summary.rb', line 64

def upload_file(source, options = {})
  object.upload_file(source, options)
end

#upload_stream(options = {}, &block) ⇒ Boolean

Returns true when the object is uploaded without any errors.

Returns:

• (Boolean) —

  Returns true when the object is uploaded without any errors.

See Also:

• Aws::S3::Object#upload_stream

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/customizations/object_summary.rb', line 71

def upload_stream(options = {}, &block)
  object.upload_stream(options, &block)
end

#version(id) ⇒ ObjectVersion

Parameters:

• id (String)

Returns:

• (ObjectVersion)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 2837

def version(id)
  ObjectVersion.new(
    bucket_name: @bucket_name,
    object_key: @key,
    id: id,
    client: @client
  )
end

#wait_until(options = {}) {|resource| ... } ⇒ Resource

Deprecated.

Use [Aws::S3::Client] #wait_until instead

Note:

The waiting operation is performed on a copy. The original resource remains unchanged.

Waiter polls an API operation until a resource enters a desired state.

Basic Usage

Waiter will polls until it is successful, it fails by entering a terminal state, or until a maximum number of attempts are made.

# polls in a loop until condition is true
resource.wait_until(options) {|resource| condition}

Example

instance.wait_until(max_attempts:10, delay:5) do |instance|
  instance.state.name == 'running'
end

Configuration

You can configure the maximum number of polling attempts, and the delay (in seconds) between each polling attempt. The waiting condition is set by passing a block to #wait_until:

# poll for ~25 seconds
resource.wait_until(max_attempts:5,delay:5) {|resource|...}

Callbacks

You can be notified before each polling attempt and before each delay. If you throw :success or :failure from these callbacks, it will terminate the waiter.

started_at = Time.now
# poll for 1 hour, instead of a number of attempts
proc = Proc.new do |attempts, response|
  throw :failure if Time.now - started_at > 3600
end

  # disable max attempts
instance.wait_until(before_wait:proc, max_attempts:nil) {...}

Handling Errors

When a waiter is successful, it returns the Resource. When a waiter fails, it raises an error.

begin
  resource.wait_until(...)
rescue Aws::Waiters::Errors::WaiterFailed
  # resource did not enter the desired state in time
end

attempts attempt in seconds invoked before each attempt invoked before each wait

Parameters:

• options (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (options):

• :max_attempts (Integer) — default: 10 —

  Maximum number of

• :delay (Integer) — default: 10 —

  Delay between each

• :before_attempt (Proc) — default: nil —

  Callback

• :before_wait (Proc) — default: nil —

  Callback

Yield Parameters:

• resource (Resource) —

  to be used in the waiting condition.

Returns:

• (Resource) —

  if the waiter was successful

Raises:

• (Aws::Waiters::Errors::FailureStateError) —

  Raised when the waiter terminates because the waiter has entered a state that it will not transition out of, preventing success.

  yet successful.

• (Aws::Waiters::Errors::UnexpectedError) —

  Raised when an error is encountered while polling for a resource that is not expected.

• (NotImplementedError) —

  Raised when the resource does not

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 316

def wait_until(options = {}, &block)
  self_copy = self.dup
  attempts = 0
  options[:max_attempts] = 10 unless options.key?(:max_attempts)
  options[:delay] ||= 10
  options[:poller] = Proc.new do
    attempts += 1
    if block.call(self_copy)
      [:success, self_copy]
    else
      self_copy.reload unless attempts == options[:max_attempts]
      :retry
    end
  end
  Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    Aws::Waiters::Waiter.new(options).wait({})
  end
end

#wait_until_exists(options = {}, &block) ⇒ ObjectSummary

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :max_attempts (Integer) — default: 20
• :delay (Float) — default: 5
• :before_attempt (Proc)
• :before_wait (Proc)

Returns:

• (ObjectSummary)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 200

def wait_until_exists(options = {}, &block)
  options, params = separate_params_and_options(options)
  waiter = Waiters::ObjectExists.new(options)
  yield_waiter_and_warn(waiter, &block) if block_given?
  Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    waiter.wait(params.merge(bucket: @bucket_name,
    key: @key))
  end
  ObjectSummary.new({
    bucket_name: @bucket_name,
    key: @key,
    client: @client
  })
end

#wait_until_not_exists(options = {}, &block) ⇒ ObjectSummary

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :max_attempts (Integer) — default: 20
• :delay (Float) — default: 5
• :before_attempt (Proc)
• :before_wait (Proc)

Returns:

• (ObjectSummary)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/object_summary.rb', line 221

def wait_until_not_exists(options = {}, &block)
  options, params = separate_params_and_options(options)
  waiter = Waiters::ObjectNotExists.new(options)
  yield_waiter_and_warn(waiter, &block) if block_given?
  Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    waiter.wait(params.merge(bucket: @bucket_name,
    key: @key))
  end
  ObjectSummary.new({
    bucket_name: @bucket_name,
    key: @key,
    client: @client
  })
end