var s3 = new AWS.S3({apiVersion: '2006-03-01'});

Options Hash (options):

• params(map) —

  An optional map of parameters to bind to everyrequest sent by this service object. For more information on bound parameters,see"Working with Services" in the Getting Started Guide.

• endpoint(String|AWS.Endpoint) —

  The endpoint URI to send requeststo. The default endpoint is built from the configuredregion.The endpoint should be a string like'https://{service}.{region}.amazonaws.com' or anEndpoint object.

• useDualstack(Boolean) —

  Enables IPv6/IPv4 dualstack endpoint.When a DNS lookup is performed on an endpoint of this type, it returns an “A” record withan IPv4 address and an “AAAA” record with an IPv6 address. In most cases the network stackin the client environment will automatically prefer the AAAA record and make a connectionusing the IPv6 address. Note, however, that currently on Windows, the IPv4 address will bepreferred.

• accessKeyId(String) —

  your AWS access key ID.

• secretAccessKey(String) —

  your AWS secret access key.

• sessionToken(AWS.Credentials) —

  the optional AWSsession token to sign requests with.

• credentials(AWS.Credentials) —

  the AWS credentialsto sign requests with. You can either specify this object, orspecify the accessKeyId and secretAccessKey options directly.

• credentialProvider(AWS.CredentialProviderChain) —

  theprovider chain used to resolve credentials if no staticcredentialsproperty is set.

• region(String) —

  the region to send service requests to.See AWS.S3.region for more information.

• maxRetries(Integer) —

  the maximum amount of retries toattempt with a request. See AWS.S3.maxRetries for more information.

• maxRedirects(Integer) —

  the maximum amount of redirects tofollow with a request. See AWS.S3.maxRedirects for more information.

• sslEnabled(Boolean) —

  whether to enable SSL forrequests.

• paramValidation(Boolean|map) —

  whether input parametersshould be validated against the operation description before sendingthe request. Defaults to true. Pass a map to enable any of thefollowing specific validation features:

  • min [Boolean] — Validates that a value meets the minconstraint. This is enabled by default when paramValidation is settotrue.
  • max [Boolean] — Validates that a value meets the maxconstraint.
  • pattern [Boolean] — Validates that a string value matches aregular expression.
  • enum [Boolean] — Validates that a string value matches oneof the allowable enum values.
• computeChecksums(Boolean) —

  whether to compute checksumsfor payload bodies when the service accepts it (currently supportedin S3 only)

• convertResponseTypes(Boolean) —

  whether types are convertedwhen parsing response data. Currently only supported for JSON basedservices. Turning this off may improve performance on large responsepayloads. Defaults totrue.

• correctClockSkew(Boolean) —

  whether to apply a clock skewcorrection and retry requests that fail because of an skewed clientclock. Defaults tofalse.

• s3ForcePathStyle(Boolean) —

  whether to force pathstyle URLs for S3 objects.

• s3BucketEndpoint(Boolean) —

  whether the provided endpointaddresses an individual bucket (false if it addresses the root APIendpoint). Note that setting this configuration option requires anendpoint to be provided explicitly to the service constructor.

• s3DisableBodySigning(Boolean) —

  whether S3 body signingshould be disabled when using signature versionv4. Body signingcan only be disabled when using https. Defaults totrue.

• s3UsEast1RegionalEndpoint('legacy'|'regional') —

  when regionis set to 'us-east-1', whether to send s3 request to global endpoints or'us-east-1' regional endpoints. This config is only applicable to S3 client.Defaults tolegacy

• s3UseArnRegion(Boolean) —

  whether to override the request regionwith the region inferred from requested resource's ARN. Only available for S3 bucketsDefaults totrue

• retryDelayOptions(map) —

  A set of options to configurethe retry delay on retryable errors. Currently supported options are:

  • base [Integer] — The base number of milliseconds to use in theexponential backoff for operation retries. Defaults to 100 ms for allservices except DynamoDB, where it defaults to 50ms.
  • customBackoff [function] — A custom function that accepts aretry count and error and returns the amount of time to delay inmilliseconds. If the result is a non-zero negative value, no furtherretry attempts will be made. Thebase option will be ignored if thisoption is supplied. The function is only called for retryable errors.
• httpOptions(map) —

  A set of options to pass to the low-levelHTTP request. Currently supported options are:

  • proxy [String] — the URL to proxy requests through
  • agent [http.Agent, https.Agent] — the Agent object to performHTTP requests with. Used for connection pooling. Defaults to the globalagent (http.globalAgent) for non-SSL connections. Note that forSSL connections, a special Agent object is used in order to enablepeer certificate verification. This feature is only available in theNode.js environment.
  • connectTimeout [Integer] — Sets the socket to timeout afterfailing to establish a connection with the server afterconnectTimeout milliseconds. This timeout has no effect once a socketconnection has been established.
  • timeout [Integer] — Sets the socket to timeout after timeoutmilliseconds of inactivity on the socket. Defaults to two minutes(120000).
  • xhrAsync [Boolean] — Whether the SDK will send asynchronousHTTP requests. Used in the browser environment only. Set to false tosend requests synchronously. Defaults to true (async on).
  • xhrWithCredentials [Boolean] — Sets the "withCredentials"property of an XMLHttpRequest object. Used in the browser environmentonly. Defaults to false.
• apiVersion(String,Date) —

  a String in YYYY-MM-DD format(or a date) that represents the latest possible API version that can beused in all services (unless overridden byapiVersions). Specify'latest' to use the latest possible version.

• apiVersions(map<String, String|Date>) —

  a map of serviceidentifiers (the lowercase service class name) with the API version touse when instantiating a service. Specify 'latest' for each individualthat can use the latest available version.

• logger(#write,#log) —

  an object that responds to .write()(like a stream) or .log() (like the console object) in order to loginformation about requests

• systemClockOffset(Number) —

  an offset value in millisecondsto apply to all signing times. Use this to compensate for clock skewwhen your system may be out of sync with the service time. Note thatthis configuration option can only be applied to the globalAWS.configobject and cannot be overridden in service-specific configuration.Defaults to 0 milliseconds.

• signatureVersion(String) —

  the signature version to signrequests with (overriding the API configuration). Possible values are:'v2', 'v3', 'v4'.

• signatureCache(Boolean) —

  whether the signature to signrequests with (overriding the API configuration) is cached. Only appliesto the signature version 'v4'. Defaults totrue.

• dynamoDbCrc32(Boolean) —

  whether to validate the CRC32checksum of HTTP response bodies returned by DynamoDB. Default:true.

• useAccelerateEndpoint(Boolean) —

  Whether to use theS3 Transfer Acceleration endpoint with the S3 service. Default:false.

• clientSideMonitoring(Boolean) —

  whether to collect andpublish this client's performance metrics of all its API requests.

• endpointDiscoveryEnabled(Boolean|undefined) —

  whether tocall operations with endpoints given by service dynamically. Setting this

• endpointCacheSize(Number) —

  the size of the global cache storingendpoints from endpoint discovery operations. Once endpoint cache is created,updating this setting cannot change existing cache size.Defaults to 1000

• hostPrefixEnabled(Boolean) —

  whether to marshal requestparameters to the prefix of hostname.Defaults totrue.

• stsRegionalEndpoints('legacy'|'regional') —

  whether to send sts requestto global endpoints or regional endpoints.Defaults to 'legacy'.

• useFipsEndpoint(Boolean) —

  Enables FIPS compatible endpoints.Defaults tofalse.

• useDualstackEndpoint(Boolean) —

  Enables IPv6 dualstack endpoint.Defaults tofalse.

Returns:

• (AWS.Endpoint) —

  an Endpoint object representing the endpoint URLfor service requests.

/* The following example aborts a multipart upload. */ var params = {  Bucket: "examplebucket",   Key: "bigobject",   UploadId: "xadcOB_7YPBOJuoFiQ9cz4P3Pe6FIZwO4f7wN93uHsNBEw97pl5eNwzExg0LAT2dUN91cOmrEQHDsP3WA60CEg--" }; s3.abortMultipartUpload(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response   /*   data = {   }   */ });

var params = {  Bucket: 'STRING_VALUE', /* required */  Key: 'STRING_VALUE', /* required */  UploadId: 'STRING_VALUE', /* required */  ExpectedBucketOwner: 'STRING_VALUE',  RequestPayer: requester};s3.abortMultipartUpload(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    The bucket name to which the upload was taking place.

    Directory buckets - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the formatBucket_name.s3express-az_id.region.amazonaws.com. Path-style requests are not supported. Directory bucket names must be unique in the chosen Availability Zone. Bucket names must follow the formatbucket_base_name--az-id--x-s3 (for example,DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about bucket naming restrictions, seeDirectory bucket naming rules in theAmazon S3 User Guide.

    Access points - When you use this action with an access point, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the formAccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this action with an access point through the Amazon Web Services SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, seeUsing access points in theAmazon S3 User Guide.

    Note: Access points and Object Lambda access points are not supported by directory buckets.

    S3 on Outposts - When you use this action with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the formAccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When you use this action with S3 on Outposts through the Amazon Web Services SDKs, you provide the Outposts access point ARN in place of the bucket name. For more information about S3 on Outposts ARNs, seeWhat is S3 on Outposts? in theAmazon S3 User Guide.

  • Key — (String)

    Key of the object for which the multipart upload was initiated.

  • UploadId — (String)

    Upload ID that identifies the multipart upload.

  • RequestPayer — (String)

    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, seeDownloading Objects in Requester Pays Buckets in theAmazon S3 User Guide.

    Note: This functionality is not supported for directory buckets.
    Possible values include:
    • "requester"
  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.Thedata object has the following properties:

    • RequestCharged — (String)

      If present, indicates that the requester was successfully charged for the request.

      Note: This functionality is not supported for directory buckets.
      Possible values include:
      • "requester"

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

/* The following example completes a multipart upload. */ var params = {  Bucket: "examplebucket",   Key: "bigobject",   MultipartUpload: {   Parts: [      {     ETag: "\"d8c2eafd90c266e19ab9dcacc479f8af\"",      PartNumber: 1    },       {     ETag: "\"d8c2eafd90c266e19ab9dcacc479f8af\"",      PartNumber: 2    }   ]  },   UploadId: "7YPBOJuoFiQ9cz4P3Pe6FIZwO4f7wN93uHsNBEw97pl5eNwzExg0LAT2dUN91cOmrEQHDsP3WA60CEg--" }; s3.completeMultipartUpload(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response   /*   data = {    Bucket: "acexamplebucket",     ETag: "\"4d9031c7644d8081c2829f4ea23c55f7-2\"",     Key: "bigobject",     Location: "https://examplebucket.s3.<Region>.amazonaws.com/bigobject"   }   */ });

var params = {  Bucket: 'STRING_VALUE', /* required */  Key: 'STRING_VALUE', /* required */  UploadId: 'STRING_VALUE', /* required */  ChecksumCRC32: 'STRING_VALUE',  ChecksumCRC32C: 'STRING_VALUE',  ChecksumSHA1: 'STRING_VALUE',  ChecksumSHA256: 'STRING_VALUE',  ExpectedBucketOwner: 'STRING_VALUE',  IfNoneMatch: 'STRING_VALUE',  MultipartUpload: {    Parts: [      {        ChecksumCRC32: 'STRING_VALUE',        ChecksumCRC32C: 'STRING_VALUE',        ChecksumSHA1: 'STRING_VALUE',        ChecksumSHA256: 'STRING_VALUE',        ETag: 'STRING_VALUE',        PartNumber: 'NUMBER_VALUE'      },      /* more items */    ]  },  RequestPayer: requester,  SSECustomerAlgorithm: 'STRING_VALUE',  SSECustomerKey: Buffer.from('...') || 'STRING_VALUE' /* Strings will be Base-64 encoded on your behalf */,  SSECustomerKeyMD5: 'STRING_VALUE'};s3.completeMultipartUpload(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    Name of the bucket to which the multipart upload was initiated.

    Directory buckets - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the formatBucket_name.s3express-az_id.region.amazonaws.com. Path-style requests are not supported. Directory bucket names must be unique in the chosen Availability Zone. Bucket names must follow the formatbucket_base_name--az-id--x-s3 (for example,DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about bucket naming restrictions, seeDirectory bucket naming rules in theAmazon S3 User Guide.

    Access points - When you use this action with an access point, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the formAccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this action with an access point through the Amazon Web Services SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, seeUsing access points in theAmazon S3 User Guide.

    Note: Access points and Object Lambda access points are not supported by directory buckets.

    S3 on Outposts - When you use this action with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the formAccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When you use this action with S3 on Outposts through the Amazon Web Services SDKs, you provide the Outposts access point ARN in place of the bucket name. For more information about S3 on Outposts ARNs, seeWhat is S3 on Outposts? in theAmazon S3 User Guide.

  • Key — (String)

    Object key for which the multipart upload was initiated.

  • MultipartUpload — (map)

    The container for the multipart upload request information.

    • Parts — (Array<map>)

      Array of CompletedPart data types.

      If you do not supply a validPart with your request, the service sends back an HTTP 400 response.

      • ETag — (String)

        Entity tag returned when the part was uploaded.

      • ChecksumCRC32 — (String)

        The base64-encoded, 32-bit CRC-32 checksum of the object. This will only be present if it was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in theAmazon S3 User Guide.

      • ChecksumCRC32C — (String)

        The base64-encoded, 32-bit CRC-32C checksum of the object. This will only be present if it was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in theAmazon S3 User Guide.

      • ChecksumSHA1 — (String)

        The base64-encoded, 160-bit SHA-1 digest of the object. This will only be present if it was uploaded with the object. When you use the API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in theAmazon S3 User Guide.

      • ChecksumSHA256 — (String)

        The base64-encoded, 256-bit SHA-256 digest of the object. This will only be present if it was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in theAmazon S3 User Guide.

      • PartNumber — (Integer)

        Part number that identifies the part. This is a positive integer between 1 and 10,000.

        Note:

        • General purpose buckets - InCompleteMultipartUpload, when a additional checksum (includingx-amz-checksum-crc32,x-amz-checksum-crc32c,x-amz-checksum-sha1, orx-amz-checksum-sha256) is applied to each part, thePartNumber must start at 1 and the part numbers must be consecutive. Otherwise, Amazon S3 generates an HTTP400 Bad Request status code and anInvalidPartOrder error code.
        • Directory buckets - InCompleteMultipartUpload, thePartNumber must start at 1 and the part numbers must be consecutive.
  • UploadId — (String)

    ID for the initiated multipart upload.

  • ChecksumCRC32 — (String)

    This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the base64-encoded, 32-bit CRC-32 checksum of the object. For more information, seeChecking object integrity in theAmazon S3 User Guide.

  • ChecksumCRC32C — (String)

    This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the base64-encoded, 32-bit CRC-32C checksum of the object. For more information, seeChecking object integrity in theAmazon S3 User Guide.

  • ChecksumSHA1 — (String)

    This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the base64-encoded, 160-bit SHA-1 digest of the object. For more information, seeChecking object integrity in theAmazon S3 User Guide.

  • ChecksumSHA256 — (String)

    This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the base64-encoded, 256-bit SHA-256 digest of the object. For more information, seeChecking object integrity in theAmazon S3 User Guide.

  • RequestPayer — (String)

    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, seeDownloading Objects in Requester Pays Buckets in theAmazon S3 User Guide.

    Note: This functionality is not supported for directory buckets.
    Possible values include:
    • "requester"
  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

  • IfNoneMatch — (String)

    Uploads the object only if the object key name does not already exist in the bucket specified. Otherwise, Amazon S3 returns a412 Precondition Failed error.

    If a conflicting operation occurs during the upload S3 returns a409 ConditionalRequestConflict response. On a 409 failure you should re-initiate the multipart upload withCreateMultipartUpload and re-upload each part.

    Expects the '*' (asterisk) character.

    For more information about conditional requests, seeRFC 7232, orConditional requests in theAmazon S3 User Guide.

  • SSECustomerAlgorithm — (String)

    The server-side encryption (SSE) algorithm used to encrypt the object. This parameter is required only when the object was created using a checksum algorithm or if your bucket policy requires the use of SSE-C. For more information, seeProtecting data using SSE-C keys in theAmazon S3 User Guide.

    Note: This functionality is not supported for directory buckets.
  • SSECustomerKey — (Buffer, Typed Array, Blob, String)

    The server-side encryption (SSE) customer managed key. This parameter is needed only when the object was created using a checksum algorithm. For more information, seeProtecting data using SSE-C keys in theAmazon S3 User Guide.

    Note: This functionality is not supported for directory buckets.
  • SSECustomerKeyMD5 — (String)

    The MD5 server-side encryption (SSE) customer managed key. This parameter is needed only when the object was created using a checksum algorithm. For more information, seeProtecting data using SSE-C keys in theAmazon S3 User Guide.

    Note: This functionality is not supported for directory buckets.

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.Thedata object has the following properties:

    • Location — (String)

      The URI that identifies the newly created object.

    • Bucket — (String)

      The name of the bucket that contains the newly created object. Does not return the access point ARN or access point alias if used.

      Note: Access points are not supported by directory buckets.
    • Key — (String)

      The object key of the newly created object.

    • Expiration — (String)

      If the object expiration is configured, this will contain the expiration date (expiry-date) and rule ID (rule-id). The value ofrule-id is URL-encoded.

      Note: This functionality is not supported for directory buckets.
    • ETag — (String)

      Entity tag that identifies the newly created object's data. Objects with different object data will have different entity tags. The entity tag is an opaque string. The entity tag may or may not be an MD5 digest of the object data. If the entity tag is not an MD5 digest of the object data, it will contain one or more nonhexadecimal characters and/or will consist of less than 32 or more than 32 hexadecimal digits. For more information about how the entity tag is calculated, seeChecking object integrity in theAmazon S3 User Guide.

    • ChecksumCRC32 — (String)

      The base64-encoded, 32-bit CRC-32 checksum of the object. This will only be present if it was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in theAmazon S3 User Guide.

    • ChecksumCRC32C — (String)

      The base64-encoded, 32-bit CRC-32C checksum of the object. This will only be present if it was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in theAmazon S3 User Guide.

    • ChecksumSHA1 — (String)

      The base64-encoded, 160-bit SHA-1 digest of the object. This will only be present if it was uploaded with the object. When you use the API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in theAmazon S3 User Guide.

    • ChecksumSHA256 — (String)

      The base64-encoded, 256-bit SHA-256 digest of the object. This will only be present if it was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in theAmazon S3 User Guide.

    • ServerSideEncryption — (String)

      The server-side encryption algorithm used when storing this object in Amazon S3 (for example,AES256,aws:kms).

      Possible values include:
      • "AES256"
      • "aws:kms"
      • "aws:kms:dsse"
    • VersionId — (String)

      Version ID of the newly created object, in case the bucket has versioning turned on.

      Note: This functionality is not supported for directory buckets.
    • SSEKMSKeyId — (String)

      If present, indicates the ID of the KMS key that was used for object encryption.

    • BucketKeyEnabled — (Boolean)

      Indicates whether the multipart upload uses an S3 Bucket Key for server-side encryption with Key Management Service (KMS) keys (SSE-KMS).

    • RequestCharged — (String)

      If present, indicates that the requester was successfully charged for the request.

      Note: This functionality is not supported for directory buckets.
      Possible values include:
      • "requester"

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

/* The following example copies an object from one bucket to another. */ var params = {  Bucket: "destinationbucket",   CopySource: "/sourcebucket/HappyFacejpg",   Key: "HappyFaceCopyjpg" }; s3.copyObject(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response   /*   data = {    CopyObjectResult: {     ETag: "\"6805f2cfc46c0f04559748bb039d69ae\"",      LastModified: <Date Representation>    }   }   */ });

var params = {  Bucket: 'STRING_VALUE', /* required */  CopySource: 'STRING_VALUE', /* required */  Key: 'STRING_VALUE', /* required */  ACL: private | public-read | public-read-write | authenticated-read | aws-exec-read | bucket-owner-read | bucket-owner-full-control,  BucketKeyEnabled: true || false,  CacheControl: 'STRING_VALUE',  ChecksumAlgorithm: CRC32 | CRC32C | SHA1 | SHA256,  ContentDisposition: 'STRING_VALUE',  ContentEncoding: 'STRING_VALUE',  ContentLanguage: 'STRING_VALUE',  ContentType: 'STRING_VALUE',  CopySourceIfMatch: 'STRING_VALUE',  CopySourceIfModifiedSince: new Date || 'Wed Dec 31 1969 16:00:00 GMT-0800 (PST)' || 123456789,  CopySourceIfNoneMatch: 'STRING_VALUE',  CopySourceIfUnmodifiedSince: new Date || 'Wed Dec 31 1969 16:00:00 GMT-0800 (PST)' || 123456789,  CopySourceSSECustomerAlgorithm: 'STRING_VALUE',  CopySourceSSECustomerKey: Buffer.from('...') || 'STRING_VALUE' /* Strings will be Base-64 encoded on your behalf */,  CopySourceSSECustomerKeyMD5: 'STRING_VALUE',  ExpectedBucketOwner: 'STRING_VALUE',  ExpectedSourceBucketOwner: 'STRING_VALUE',  Expires: new Date || 'Wed Dec 31 1969 16:00:00 GMT-0800 (PST)' || 123456789,  GrantFullControl: 'STRING_VALUE',  GrantRead: 'STRING_VALUE',  GrantReadACP: 'STRING_VALUE',  GrantWriteACP: 'STRING_VALUE',  Metadata: {    '<MetadataKey>': 'STRING_VALUE',    /* '<MetadataKey>': ... */  },  MetadataDirective: COPY | REPLACE,  ObjectLockLegalHoldStatus: ON | OFF,  ObjectLockMode: GOVERNANCE | COMPLIANCE,  ObjectLockRetainUntilDate: new Date || 'Wed Dec 31 1969 16:00:00 GMT-0800 (PST)' || 123456789,  RequestPayer: requester,  SSECustomerAlgorithm: 'STRING_VALUE',  SSECustomerKey: Buffer.from('...') || 'STRING_VALUE' /* Strings will be Base-64 encoded on your behalf */,  SSECustomerKeyMD5: 'STRING_VALUE',  SSEKMSEncryptionContext: 'STRING_VALUE',  SSEKMSKeyId: 'STRING_VALUE',  ServerSideEncryption: AES256 | aws:kms | aws:kms:dsse,  StorageClass: STANDARD | REDUCED_REDUNDANCY | STANDARD_IA | ONEZONE_IA | INTELLIGENT_TIERING | GLACIER | DEEP_ARCHIVE | OUTPOSTS | GLACIER_IR | SNOW | EXPRESS_ONEZONE,  Tagging: 'STRING_VALUE',  TaggingDirective: COPY | REPLACE,  WebsiteRedirectLocation: 'STRING_VALUE'};s3.copyObject(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • ACL — (String)

    The canned access control list (ACL) to apply to the object.

    When you copy an object, the ACL metadata is not preserved and is set toprivate by default. Only the owner has full access control. To override the default ACL setting, specify a new ACL when you generate a copy request. For more information, seeUsing ACLs.

    If the destination bucket that you're copying objects to uses the bucket owner enforced setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. Buckets that use this setting only acceptPUT requests that don't specify an ACL orPUT requests that specify bucket owner full control ACLs, such as thebucket-owner-full-control canned ACL or an equivalent form of this ACL expressed in the XML format. For more information, seeControlling ownership of objects and disabling ACLs in theAmazon S3 User Guide.

    Note:

    • If your destination bucket uses the bucket owner enforced setting for Object Ownership, all objects written to the bucket by any account will be owned by the bucket owner.
    • This functionality is not supported for directory buckets.
    • This functionality is not supported for Amazon S3 on Outposts.
    Possible values include:
    • "private"
    • "public-read"
    • "public-read-write"
    • "authenticated-read"
    • "aws-exec-read"
    • "bucket-owner-read"
    • "bucket-owner-full-control"
  • Bucket — (String)

    The name of the destination bucket.

    Directory buckets - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the formatBucket_name.s3express-az_id.region.amazonaws.com. Path-style requests are not supported. Directory bucket names must be unique in the chosen Availability Zone. Bucket names must follow the formatbucket_base_name--az-id--x-s3 (for example,DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about bucket naming restrictions, seeDirectory bucket naming rules in theAmazon S3 User Guide.

    Access points - When you use this action with an access point, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the formAccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this action with an access point through the Amazon Web Services SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, seeUsing access points in theAmazon S3 User Guide.

    Note: Access points and Object Lambda access points are not supported by directory buckets.

    S3 on Outposts - When you use this action with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the formAccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When you use this action with S3 on Outposts through the Amazon Web Services SDKs, you provide the Outposts access point ARN in place of the bucket name. For more information about S3 on Outposts ARNs, seeWhat is S3 on Outposts? in theAmazon S3 User Guide.

  • CacheControl — (String)

    Specifies the caching behavior along the request/reply chain.

  • ChecksumAlgorithm — (String)

    Indicates the algorithm that you want Amazon S3 to use to create the checksum for the object. For more information, seeChecking object integrity in theAmazon S3 User Guide.

    When you copy an object, if the source object has a checksum, that checksum value will be copied to the new object by default. If theCopyObject request does not include thisx-amz-checksum-algorithm header, the checksum algorithm will be copied from the source object to the destination object (if it's present on the source object). You can optionally specify a different checksum algorithm to use with thex-amz-checksum-algorithm header. Unrecognized or unsupported values will respond with the HTTP status code400 Bad Request.

    Note: For directory buckets, when you use Amazon Web Services SDKs,CRC32 is the default checksum algorithm that's used for performance.
    Possible values include:
    • "CRC32"
    • "CRC32C"
    • "SHA1"
    • "SHA256"
  • ContentDisposition — (String)

    Specifies presentational information for the object. Indicates whether an object should be displayed in a web browser or downloaded as a file. It allows specifying the desired filename for the downloaded file.

  • ContentEncoding — (String)

    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.

    Note: For directory buckets, only theaws-chunked value is supported in this header field.
  • ContentLanguage — (String)

    The language the content is in.

  • ContentType — (String)

    A standard MIME type that describes the format of the object data.

  • CopySource — (String)

    Specifies the source object for the copy operation. The source object can be up to 5 GB. If the source object is an object that was uploaded by using a multipart upload, the object copy will be a single part object after the source object is copied to the destination bucket.

    You specify the value of the copy source in one of two formats, depending on whether you want to access the source object through anaccess point:

    • For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (/). For example, to copy the objectreports/january.pdf from the general purpose bucketawsexamplebucket, useawsexamplebucket/reports/january.pdf. The value must be URL-encoded. To copy the objectreports/january.pdf from the directory bucketawsexamplebucket--use1-az5--x-s3, useawsexamplebucket--use1-az5--x-s3/reports/january.pdf. The value must be URL-encoded.

    • For objects accessed through access points, specify the Amazon Resource Name (ARN) of the object as accessed through the access point, in the formatarn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>. For example, to copy the objectreports/january.pdf through access pointmy-access-point owned by account123456789012 in Regionus-west-2, use the URL encoding ofarn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf. The value must be URL encoded.

      Note:

      • Amazon S3 supports copy operations using Access points only when the source and destination buckets are in the same Amazon Web Services Region.
      • Access points are not supported by directory buckets.

      Alternatively, for objects accessed through Amazon S3 on Outposts, specify the ARN of the object as accessed in the formatarn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/object/<key>. For example, to copy the objectreports/january.pdf through outpostmy-outpost owned by account123456789012 in Regionus-west-2, use the URL encoding ofarn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf. The value must be URL-encoded.

    If your source bucket versioning is enabled, thex-amz-copy-source header by default identifies the current version of an object to copy. If the current version is a delete marker, Amazon S3 behaves as if the object was deleted. To copy a different version, use theversionId query parameter. Specifically, append?versionId=<version-id> to the value (for example,awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893). If you don't specify a version ID, Amazon S3 copies the latest version of the source object.

    If you enable versioning on the destination bucket, Amazon S3 generates a unique version ID for the copied object. This version ID is different from the version ID of the source object. Amazon S3 returns the version ID of the copied object in thex-amz-version-id response header in the response.

    If you do not enable versioning or suspend it on the destination bucket, the version ID that Amazon S3 generates in thex-amz-version-id response header is always null.

    Note:Directory buckets - S3 Versioning isn't enabled and supported for directory buckets.
  • CopySourceIfMatch — (String)

    Copies the object if its entity tag (ETag) matches the specified tag.

    If both thex-amz-copy-source-if-match andx-amz-copy-source-if-unmodified-since headers are present in the request and evaluate as follows, Amazon S3 returns200 OK and copies the data:

    • x-amz-copy-source-if-match condition evaluates to true

    • x-amz-copy-source-if-unmodified-since condition evaluates to false

  • CopySourceIfModifiedSince — (Date)

    Copies the object if it has been modified since the specified time.

    If both thex-amz-copy-source-if-none-match andx-amz-copy-source-if-modified-since headers are present in the request and evaluate as follows, Amazon S3 returns the412 Precondition Failed response code:

    • x-amz-copy-source-if-none-match condition evaluates to false

    • x-amz-copy-source-if-modified-since condition evaluates to true

  • CopySourceIfNoneMatch — (String)

    Copies the object if its entity tag (ETag) is different than the specified ETag.

    If both thex-amz-copy-source-if-none-match andx-amz-copy-source-if-modified-since headers are present in the request and evaluate as follows, Amazon S3 returns the412 Precondition Failed response code:

    • x-amz-copy-source-if-none-match condition evaluates to false

    • x-amz-copy-source-if-modified-since condition evaluates to true

  • CopySourceIfUnmodifiedSince — (Date)

    Copies the object if it hasn't been modified since the specified time.

    If both thex-amz-copy-source-if-match andx-amz-copy-source-if-unmodified-since headers are present in the request and evaluate as follows, Amazon S3 returns200 OK and copies the data:

    • x-amz-copy-source-if-match condition evaluates to true

    • x-amz-copy-source-if-unmodified-since condition evaluates to false

  • Expires — (Date)

    The date and time at which the object is no longer cacheable.

  • GrantFullControl — (String)

    Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.

    Note:

    • This functionality is not supported for directory buckets.
    • This functionality is not supported for Amazon S3 on Outposts.
  • GrantRead — (String)

    Allows grantee to read the object data and its metadata.

    Note:

    • This functionality is not supported for directory buckets.
    • This functionality is not supported for Amazon S3 on Outposts.
  • GrantReadACP — (String)

    Allows grantee to read the object ACL.

    Note:

    • This functionality is not supported for directory buckets.
    • This functionality is not supported for Amazon S3 on Outposts.
  • GrantWriteACP — (String)

    Allows grantee to write the ACL for the applicable object.

    Note:

    • This functionality is not supported for directory buckets.
    • This functionality is not supported for Amazon S3 on Outposts.
  • Key — (String)

    The key of the destination object.

  • Metadata — (map<String>)

    A map of metadata to store with the object in S3.

  • MetadataDirective — (String)

    Specifies whether the metadata is copied from the source object or replaced with metadata that's provided in the request. When copying an object, you can preserve all metadata (the default) or specify new metadata. If this header isn’t specified,COPY is the default behavior.

    General purpose bucket - For general purpose buckets, when you grant permissions, you can use thes3:x-amz-metadata-directive condition key to enforce certain metadata behavior when objects are uploaded. For more information, seeAmazon S3 condition key examples in theAmazon S3 User Guide.

    Note:x-amz-website-redirect-location is unique to each object and is not copied when using thex-amz-metadata-directive header. To copy the value, you must specifyx-amz-website-redirect-location in the request header.
    Possible values include:
    • "COPY"
    • "REPLACE"
  • TaggingDirective — (String)

    Specifies whether the object tag-set is copied from the source object or replaced with the tag-set that's provided in the request.

    The default value isCOPY.

    Note:Directory buckets - For directory buckets in aCopyObject operation, only the empty tag-set is supported. Any requests that attempt to write non-empty tags into directory buckets will receive a501 Not Implemented status code. When the destination bucket is a directory bucket, you will receive a501 Not Implemented response in any of the following situations:

    • When you attempt toCOPY the tag-set from an S3 source object that has non-empty tags.
    • When you attempt toREPLACE the tag-set of a source object and set a non-empty value tox-amz-tagging.
    • When you don't set thex-amz-tagging-directive header and the source object has non-empty tags. This is because the default value ofx-amz-tagging-directive isCOPY.

    Because only the empty tag-set is supported for directory buckets in aCopyObject operation, the following situations are allowed:

    • When you attempt toCOPY the tag-set from a directory bucket source object that has no tags to a general purpose bucket. It copies an empty tag-set to the destination object.
    • When you attempt toREPLACE the tag-set of a directory bucket source object and set thex-amz-tagging value of the directory bucket destination object to empty.
    • When you attempt toREPLACE the tag-set of a general purpose bucket source object that has non-empty tags and set thex-amz-tagging value of the directory bucket destination object to empty.
    • When you attempt toREPLACE the tag-set of a directory bucket source object and don't set thex-amz-tagging value of the directory bucket destination object. This is because the default value ofx-amz-tagging is the empty value.
    Possible values include:
    • "COPY"
    • "REPLACE"
  • ServerSideEncryption — (String)

    The server-side encryption algorithm used when storing this object in Amazon S3. Unrecognized or unsupported values won’t write a destination object and will receive a400 Bad Request response.

    Amazon S3 automatically encrypts all new objects that are copied to an S3 bucket. When copying an object, if you don't specify encryption information in your copy request, the encryption setting of the target object is set to the default encryption configuration of the destination bucket. By default, all buckets have a base level of encryption configuration that uses server-side encryption with Amazon S3 managed keys (SSE-S3). If the destination bucket has a different default encryption configuration, Amazon S3 uses the corresponding encryption key to encrypt the target object copy.

    With server-side encryption, Amazon S3 encrypts your data as it writes your data to disks in its data centers and decrypts the data when you access it. For more information about server-side encryption, seeUsing Server-Side Encryption in theAmazon S3 User Guide.

    General purpose buckets

    • For general purpose buckets, there are the following supported options for server-side encryption: server-side encryption with Key Management Service (KMS) keys (SSE-KMS), dual-layer server-side encryption with Amazon Web Services KMS keys (DSSE-KMS), and server-side encryption with customer-provided encryption keys (SSE-C). Amazon S3 uses the corresponding KMS key, or a customer-provided key to encrypt the target object copy.

    • When you perform aCopyObject operation, if you want to use a different type of encryption setting for the target object, you can specify appropriate encryption-related headers to encrypt the target object with an Amazon S3 managed key, a KMS key, or a customer-provided key. If the encryption setting in your request is different from the default encryption configuration of the destination bucket, the encryption setting in your request takes precedence.

    Directory buckets

    • For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in yourCreateSession requests orPUT object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information, seeProtecting data with server-side encryption in theAmazon S3 User Guide. For more information about the encryption overriding behaviors in directory buckets, seeSpecifying server-side encryption with KMS for new object uploads.

    • To encrypt new object copies to a directory bucket with SSE-KMS, we recommend you specify SSE-KMS as the directory bucket's default encryption configuration with a KMS key (specifically, acustomer managed key). TheAmazon Web Services managed key (aws/s3) isn't supported. Your SSE-KMS configuration can only support 1customer managed key per directory bucket for the lifetime of the bucket. After you specify a customer managed key for SSE-KMS, you can't override the customer managed key for the bucket's SSE-KMS configuration. Then, when you perform aCopyObject operation and want to specify server-side encryption settings for new object copies with SSE-KMS in the encryption-related request headers, you must ensure the encryption key is the same customer managed key that you specified for the directory bucket's default encryption configuration.

    Possible values include:
    • "AES256"
    • "aws:kms"
    • "aws:kms:dsse"
  • StorageClass — (String)

    If thex-amz-storage-class header is not used, the copied object will be stored in theSTANDARD Storage Class by default. TheSTANDARD storage class provides high durability and high availability. Depending on performance needs, you can specify a different Storage Class.

    Note:

    • Directory buckets - For directory buckets, only the S3 Express One Zone storage class is supported to store newly created objects. Unsupported storage class values won't write a destination object and will respond with the HTTP status code400 Bad Request.
    • Amazon S3 on Outposts - S3 on Outposts only uses theOUTPOSTS Storage Class.

    You can use theCopyObject action to change the storage class of an object that is already stored in Amazon S3 by using thex-amz-storage-class header. For more information, seeStorage Classes in theAmazon S3 User Guide.

    Before using an object as a source object for the copy operation, you must restore a copy of it if it meets any of the following conditions:

    • The storage class of the source object isGLACIER orDEEP_ARCHIVE.

    • The storage class of the source object isINTELLIGENT_TIERING and it'sS3 Intelligent-Tiering access tier isArchive Access orDeep Archive Access.

    For more information, seeRestoreObject andCopying Objects in theAmazon S3 User Guide.

    Possible values include:
    • "STANDARD"
    • "REDUCED_REDUNDANCY"
    • "STANDARD_IA"
    • "ONEZONE_IA"
    • "INTELLIGENT_TIERING"
    • "GLACIER"
    • "DEEP_ARCHIVE"
    • "OUTPOSTS"
    • "GLACIER_IR"
    • "SNOW"
    • "EXPRESS_ONEZONE"
  • WebsiteRedirectLocation — (String)

    If the destination bucket is configured as a website, redirects requests for this object copy to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata. This value is unique to each object and is not copied when using thex-amz-metadata-directive header. Instead, you may opt to provide this header in combination with thex-amz-metadata-directive header.

    Note: This functionality is not supported for directory buckets.
  • SSECustomerAlgorithm — (String)

    Specifies the algorithm to use when encrypting the object (for example,AES256).

    When you perform aCopyObject operation, if you want to use a different type of encryption setting for the target object, you can specify appropriate encryption-related headers to encrypt the target object with an Amazon S3 managed key, a KMS key, or a customer-provided key. If the encryption setting in your request is different from the default encryption configuration of the destination bucket, the encryption setting in your request takes precedence.

    Note: This functionality is not supported when the destination bucket is a directory bucket.
  • SSECustomerKey — (Buffer, Typed Array, Blob, String)

    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded. Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in thex-amz-server-side-encryption-customer-algorithm header.

    Note: This functionality is not supported when the destination bucket is a directory bucket.
  • SSECustomerKeyMD5 — (String)

    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

    Note: This functionality is not supported when the destination bucket is a directory bucket.
  • SSEKMSKeyId — (String)

    Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for object encryption. All GET and PUT requests for an object protected by KMS will fail if they're not made via SSL or using SigV4. For information about configuring any of the officially supported Amazon Web Services SDKs and Amazon Web Services CLI, seeSpecifying the Signature Version in Request Authentication in theAmazon S3 User Guide.

    Directory buckets - If you specifyx-amz-server-side-encryption withaws:kms, the x-amz-server-side-encryption-aws-kms-key-id header is implicitly assigned the ID of the KMS symmetric encryption customer managed key that's configured for your directory bucket's default encryption setting. If you want to specify the x-amz-server-side-encryption-aws-kms-key-id header explicitly, you can only specify it with the ID (Key ID or Key ARN) of the KMS customer managed key that's configured for your directory bucket's default encryption setting. Otherwise, you get an HTTP400 Bad Request error. Only use the key ID or key ARN. The key alias format of the KMS key isn't supported. Your SSE-KMS configuration can only support 1customer managed key per directory bucket for the lifetime of the bucket. TheAmazon Web Services managed key (aws/s3) isn't supported.

  • SSEKMSEncryptionContext — (String)

    Specifies the Amazon Web Services KMS Encryption Context as an additional encryption context to use for the destination object encryption. The value of this header is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.

    General purpose buckets - This value must be explicitly added to specify encryption context forCopyObject requests if you want an additional encryption context for your destination object. The additional encryption context of the source object won't be copied to the destination object. For more information, seeEncryption context in theAmazon S3 User Guide.

    Directory buckets - You can optionally provide an explicit encryption context value. The value must match the default encryption context - the bucket Amazon Resource Name (ARN). An additional encryption context value is not supported.

  • BucketKeyEnabled — (Boolean)

    Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). If a target object uses SSE-KMS, you can enable an S3 Bucket Key for the object.

    Setting this header totrue causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS. Specifying this header with a COPY action doesn’t affect bucket-level settings for S3 Bucket Key.

    For more information, seeAmazon S3 Bucket Keys in theAmazon S3 User Guide.

    Note:Directory buckets - S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, throughCopyObject. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.
  • CopySourceSSECustomerAlgorithm — (String)

    Specifies the algorithm to use when decrypting the source object (for example,AES256).

    If the source object for the copy is stored in Amazon S3 using SSE-C, you must provide the necessary encryption information in your request so that Amazon S3 can decrypt the object for copying.

    Note: This functionality is not supported when the source object is in a directory bucket.
  • CopySourceSSECustomerKey — (Buffer, Typed Array, Blob, String)

    Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be the same one that was used when the source object was created.

    If the source object for the copy is stored in Amazon S3 using SSE-C, you must provide the necessary encryption information in your request so that Amazon S3 can decrypt the object for copying.

    Note: This functionality is not supported when the source object is in a directory bucket.
  • CopySourceSSECustomerKeyMD5 — (String)

    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

    If the source object for the copy is stored in Amazon S3 using SSE-C, you must provide the necessary encryption information in your request so that Amazon S3 can decrypt the object for copying.

    Note: This functionality is not supported when the source object is in a directory bucket.
  • RequestPayer — (String)

    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, seeDownloading Objects in Requester Pays Buckets in theAmazon S3 User Guide.

    Note: This functionality is not supported for directory buckets.
    Possible values include:
    • "requester"
  • Tagging — (String)

    The tag-set for the object copy in the destination bucket. This value must be used in conjunction with thex-amz-tagging-directive if you chooseREPLACE for thex-amz-tagging-directive. If you chooseCOPY for thex-amz-tagging-directive, you don't need to set thex-amz-tagging header, because the tag-set will be copied from the source object directly. The tag-set must be encoded as URL Query parameters.

    The default value is the empty value.

    Note:Directory buckets - For directory buckets in aCopyObject operation, only the empty tag-set is supported. Any requests that attempt to write non-empty tags into directory buckets will receive a501 Not Implemented status code. When the destination bucket is a directory bucket, you will receive a501 Not Implemented response in any of the following situations:

    • When you attempt toCOPY the tag-set from an S3 source object that has non-empty tags.
    • When you attempt toREPLACE the tag-set of a source object and set a non-empty value tox-amz-tagging.
    • When you don't set thex-amz-tagging-directive header and the source object has non-empty tags. This is because the default value ofx-amz-tagging-directive isCOPY.

    Because only the empty tag-set is supported for directory buckets in aCopyObject operation, the following situations are allowed:

    • When you attempt toCOPY the tag-set from a directory bucket source object that has no tags to a general purpose bucket. It copies an empty tag-set to the destination object.
    • When you attempt toREPLACE the tag-set of a directory bucket source object and set thex-amz-tagging value of the directory bucket destination object to empty.
    • When you attempt toREPLACE the tag-set of a general purpose bucket source object that has non-empty tags and set thex-amz-tagging value of the directory bucket destination object to empty.
    • When you attempt toREPLACE the tag-set of a directory bucket source object and don't set thex-amz-tagging value of the directory bucket destination object. This is because the default value ofx-amz-tagging is the empty value.
  • ObjectLockMode — (String)

    The Object Lock mode that you want to apply to the object copy.

    Note: This functionality is not supported for directory buckets.
    Possible values include:
    • "GOVERNANCE"
    • "COMPLIANCE"
  • ObjectLockRetainUntilDate — (Date)

    The date and time when you want the Object Lock of the object copy to expire.

    Note: This functionality is not supported for directory buckets.
  • ObjectLockLegalHoldStatus — (String)

    Specifies whether you want to apply a legal hold to the object copy.

    Note: This functionality is not supported for directory buckets.
    Possible values include:
    • "ON"
    • "OFF"
  • ExpectedBucketOwner — (String)

    The account ID of the expected destination bucket owner. If the account ID that you provide does not match the actual owner of the destination bucket, the request fails with the HTTP status code403 Forbidden (access denied).

  • ExpectedSourceBucketOwner — (String)

    The account ID of the expected source bucket owner. If the account ID that you provide does not match the actual owner of the source bucket, the request fails with the HTTP status code403 Forbidden (access denied).

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.Thedata object has the following properties:

    • CopyObjectResult — (map)

      Container for all response elements.

      • ETag — (String)

        Returns the ETag of the new object. The ETag reflects only changes to the contents of an object, not its metadata.

      • LastModified — (Date)

        Creation date of the object.

      • ChecksumCRC32 — (String)

        The base64-encoded, 32-bit CRC-32 checksum of the object. This will only be present if it was uploaded with the object. For more information, see Checking object integrity in theAmazon S3 User Guide.

      • ChecksumCRC32C — (String)

        The base64-encoded, 32-bit CRC-32C checksum of the object. This will only be present if it was uploaded with the object. For more information, see Checking object integrity in theAmazon S3 User Guide.

      • ChecksumSHA1 — (String)

        The base64-encoded, 160-bit SHA-1 digest of the object. This will only be present if it was uploaded with the object. For more information, see Checking object integrity in theAmazon S3 User Guide.

      • ChecksumSHA256 — (String)

        The base64-encoded, 256-bit SHA-256 digest of the object. This will only be present if it was uploaded with the object. For more information, see Checking object integrity in theAmazon S3 User Guide.

    • Expiration — (String)

      If the object expiration is configured, the response includes this header.

      Note: This functionality is not supported for directory buckets.
    • CopySourceVersionId — (String)

      Version ID of the source object that was copied.

      Note: This functionality is not supported when the source object is in a directory bucket.
    • VersionId — (String)

      Version ID of the newly created copy.

      Note: This functionality is not supported for directory buckets.
    • ServerSideEncryption — (String)

      The server-side encryption algorithm used when you store this object in Amazon S3 (for example,AES256,aws:kms,aws:kms:dsse).

      Possible values include:
      • "AES256"
      • "aws:kms"
      • "aws:kms:dsse"
    • SSECustomerAlgorithm — (String)

      If server-side encryption with a customer-provided encryption key was requested, the response will include this header to confirm the encryption algorithm that's used.

      Note: This functionality is not supported for directory buckets.
    • SSECustomerKeyMD5 — (String)

      If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide the round-trip message integrity verification of the customer-provided encryption key.

      Note: This functionality is not supported for directory buckets.
    • SSEKMSKeyId — (String)

      If present, indicates the ID of the KMS key that was used for object encryption.

    • SSEKMSEncryptionContext — (String)

      If present, indicates the Amazon Web Services KMS Encryption Context to use for object encryption. The value of this header is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.

    • BucketKeyEnabled — (Boolean)

      Indicates whether the copied object uses an S3 Bucket Key for server-side encryption with Key Management Service (KMS) keys (SSE-KMS).

    • RequestCharged — (String)

      If present, indicates that the requester was successfully charged for the request.

      Note: This functionality is not supported for directory buckets.
      Possible values include:
      • "requester"

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

/* The following example creates a bucket. The request specifies an AWS region where to create the bucket. */ var params = {  Bucket: "examplebucket",   CreateBucketConfiguration: {   LocationConstraint: "eu-west-1"  } }; s3.createBucket(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response   /*   data = {    Location: "http://examplebucket.<Region>.s3.amazonaws.com/"   }   */ });

/* The following example creates a bucket. */ var params = {  Bucket: "examplebucket" }; s3.createBucket(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response   /*   data = {    Location: "/examplebucket"   }   */ });

var params = {  Bucket: 'STRING_VALUE', /* required */  ACL: private | public-read | public-read-write | authenticated-read,  CreateBucketConfiguration: {    Bucket: {      DataRedundancy: SingleAvailabilityZone,      Type: Directory    },    Location: {      Name: 'STRING_VALUE',      Type: AvailabilityZone    },    LocationConstraint: af-south-1 | ap-east-1 | ap-northeast-1 | ap-northeast-2 | ap-northeast-3 | ap-south-1 | ap-south-2 | ap-southeast-1 | ap-southeast-2 | ap-southeast-3 | ca-central-1 | cn-north-1 | cn-northwest-1 | EU | eu-central-1 | eu-north-1 | eu-south-1 | eu-south-2 | eu-west-1 | eu-west-2 | eu-west-3 | me-south-1 | sa-east-1 | us-east-2 | us-gov-east-1 | us-gov-west-1 | us-west-1 | us-west-2  },  GrantFullControl: 'STRING_VALUE',  GrantRead: 'STRING_VALUE',  GrantReadACP: 'STRING_VALUE',  GrantWrite: 'STRING_VALUE',  GrantWriteACP: 'STRING_VALUE',  ObjectLockEnabledForBucket: true || false,  ObjectOwnership: BucketOwnerPreferred | ObjectWriter | BucketOwnerEnforced};s3.createBucket(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object) —
  • ACL — (String)

    The canned ACL to apply to the bucket.

    Note: This functionality is not supported for directory buckets.
    Possible values include:
    • "private"
    • "public-read"
    • "public-read-write"
    • "authenticated-read"
  • Bucket — (String)

    The name of the bucket to create.

    General purpose buckets - For information about bucket naming restrictions, seeBucket naming rules in theAmazon S3 User Guide.

    Directory buckets - When you use this operation with a directory bucket, you must use path-style requests in the formathttps://s3express-control.region_code.amazonaws.com/bucket-name. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Availability Zone. Bucket names must also follow the formatbucket_base_name--az_id--x-s3 (for example,DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about bucket naming restrictions, seeDirectory bucket naming rules in theAmazon S3 User Guide

  • CreateBucketConfiguration — (map)

    The configuration information for the bucket.

    • LocationConstraint — (String)

      Specifies the Region where the bucket will be created. You might choose a Region to optimize latency, minimize costs, or address regulatory requirements. For example, if you reside in Europe, you will probably find it advantageous to create buckets in the Europe (Ireland) Region. For more information, seeAccessing a bucket in theAmazon S3 User Guide.

      If you don't specify a Region, the bucket is created in the US East (N. Virginia) Region (us-east-1) by default.

      Note: This functionality is not supported for directory buckets.
      Possible values include:
      • "af-south-1"
      • "ap-east-1"
      • "ap-northeast-1"
      • "ap-northeast-2"
      • "ap-northeast-3"
      • "ap-south-1"
      • "ap-south-2"
      • "ap-southeast-1"
      • "ap-southeast-2"
      • "ap-southeast-3"
      • "ca-central-1"
      • "cn-north-1"
      • "cn-northwest-1"
      • "EU"
      • "eu-central-1"
      • "eu-north-1"
      • "eu-south-1"
      • "eu-south-2"
      • "eu-west-1"
      • "eu-west-2"
      • "eu-west-3"
      • "me-south-1"
      • "sa-east-1"
      • "us-east-2"
      • "us-gov-east-1"
      • "us-gov-west-1"
      • "us-west-1"
      • "us-west-2"
    • Location — (map)

      Specifies the location where the bucket will be created.

      For directory buckets, the location type is Availability Zone.

      Note: This functionality is only supported by directory buckets.
      • Type — (String)

        The type of location where the bucket will be created.

        Possible values include:
        • "AvailabilityZone"
      • Name — (String)

        The name of the location where the bucket will be created.

        For directory buckets, the name of the location is the AZ ID of the Availability Zone where the bucket will be created. An example AZ ID value isusw2-az1.

    • Bucket — (map)

      Specifies the information about the bucket that will be created.

      Note: This functionality is only supported by directory buckets.
      • DataRedundancy — (String)

        The number of Availability Zone that's used for redundancy for the bucket.

        Possible values include:
        • "SingleAvailabilityZone"
      • Type — (String)

        The type of bucket.

        Possible values include:
        • "Directory"
  • GrantFullControl — (String)

    Allows grantee the read, write, read ACP, and write ACP permissions on the bucket.

    Note: This functionality is not supported for directory buckets.
  • GrantRead — (String)

    Allows grantee to list the objects in the bucket.

    Note: This functionality is not supported for directory buckets.
  • GrantReadACP — (String)

    Allows grantee to read the bucket ACL.

    Note: This functionality is not supported for directory buckets.
  • GrantWrite — (String)

    Allows grantee to create new objects in the bucket.

    For the bucket and object owners of existing objects, also allows deletions and overwrites of those objects.

    Note: This functionality is not supported for directory buckets.
  • GrantWriteACP — (String)

    Allows grantee to write the ACL for the applicable bucket.

    Note: This functionality is not supported for directory buckets.
  • ObjectLockEnabledForBucket — (Boolean)

    Specifies whether you want S3 Object Lock to be enabled for the new bucket.

    Note: This functionality is not supported for directory buckets.
  • ObjectOwnership — (String)

    The container element for object ownership for a bucket's ownership controls.

    BucketOwnerPreferred - Objects uploaded to the bucket change ownership to the bucket owner if the objects are uploaded with thebucket-owner-full-control canned ACL.

    ObjectWriter - The uploading account will own the object if the object is uploaded with thebucket-owner-full-control canned ACL.

    BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer affect permissions. The bucket owner automatically owns and has full control over every object in the bucket. The bucket only accepts PUT requests that don't specify an ACL or specify bucket owner full control ACLs (such as the predefinedbucket-owner-full-control canned ACL or a custom ACL in XML format that grants the same permissions).

    By default,ObjectOwnership is set toBucketOwnerEnforced and ACLs are disabled. We recommend keeping ACLs disabled, except in uncommon use cases where you must control access for each object individually. For more information about S3 Object Ownership, seeControlling ownership of objects and disabling ACLs for your bucket in theAmazon S3 User Guide.

    Note: This functionality is not supported for directory buckets. Directory buckets use the bucket owner enforced setting for S3 Object Ownership.
    Possible values include:
    • "BucketOwnerPreferred"
    • "ObjectWriter"
    • "BucketOwnerEnforced"

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.Thedata object has the following properties:

    • Location — (String)

      A forward slash followed by the name of the bucket.

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

/* The following example initiates a multipart upload. */ var params = {  Bucket: "examplebucket",   Key: "largeobject" }; s3.createMultipartUpload(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response   /*   data = {    Bucket: "examplebucket",     Key: "largeobject",     UploadId: "ibZBv_75gd9r8lH_gqXatLdxMVpAlj6ZQjEs.OwyF3953YdwbcQnMA2BLGn8Lx12fQNICtMw5KyteFeHw.Sjng--"   }   */ });

var params = {  Bucket: 'STRING_VALUE', /* required */  Key: 'STRING_VALUE', /* required */  ACL: private | public-read | public-read-write | authenticated-read | aws-exec-read | bucket-owner-read | bucket-owner-full-control,  BucketKeyEnabled: true || false,  CacheControl: 'STRING_VALUE',  ChecksumAlgorithm: CRC32 | CRC32C | SHA1 | SHA256,  ContentDisposition: 'STRING_VALUE',  ContentEncoding: 'STRING_VALUE',  ContentLanguage: 'STRING_VALUE',  ContentType: 'STRING_VALUE',  ExpectedBucketOwner: 'STRING_VALUE',  Expires: new Date || 'Wed Dec 31 1969 16:00:00 GMT-0800 (PST)' || 123456789,  GrantFullControl: 'STRING_VALUE',  GrantRead: 'STRING_VALUE',  GrantReadACP: 'STRING_VALUE',  GrantWriteACP: 'STRING_VALUE',  Metadata: {    '<MetadataKey>': 'STRING_VALUE',    /* '<MetadataKey>': ... */  },  ObjectLockLegalHoldStatus: ON | OFF,  ObjectLockMode: GOVERNANCE | COMPLIANCE,  ObjectLockRetainUntilDate: new Date || 'Wed Dec 31 1969 16:00:00 GMT-0800 (PST)' || 123456789,  RequestPayer: requester,  SSECustomerAlgorithm: 'STRING_VALUE',  SSECustomerKey: Buffer.from('...') || 'STRING_VALUE' /* Strings will be Base-64 encoded on your behalf */,  SSECustomerKeyMD5: 'STRING_VALUE',  SSEKMSEncryptionContext: 'STRING_VALUE',  SSEKMSKeyId: 'STRING_VALUE',  ServerSideEncryption: AES256 | aws:kms | aws:kms:dsse,  StorageClass: STANDARD | REDUCED_REDUNDANCY | STANDARD_IA | ONEZONE_IA | INTELLIGENT_TIERING | GLACIER | DEEP_ARCHIVE | OUTPOSTS | GLACIER_IR | SNOW | EXPRESS_ONEZONE,  Tagging: 'STRING_VALUE',  WebsiteRedirectLocation: 'STRING_VALUE'};s3.createMultipartUpload(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • ACL — (String)

    The canned ACL to apply to the object. Amazon S3 supports a set of predefined ACLs, known ascanned ACLs. Each canned ACL has a predefined set of grantees and permissions. For more information, seeCanned ACL in theAmazon S3 User Guide.

    By default, all objects are private. Only the owner has full access control. When uploading an object, you can grant access permissions to individual Amazon Web Services accounts or to predefined groups defined by Amazon S3. These permissions are then added to the access control list (ACL) on the new object. For more information, seeUsing ACLs. One way to grant the permissions using the request headers is to specify a canned ACL with thex-amz-acl request header.

    Note:

    • This functionality is not supported for directory buckets.
    • This functionality is not supported for Amazon S3 on Outposts.
    Possible values include:
    • "private"
    • "public-read"
    • "public-read-write"
    • "authenticated-read"
    • "aws-exec-read"
    • "bucket-owner-read"
    • "bucket-owner-full-control"
  • Bucket — (String)

    The name of the bucket where the multipart upload is initiated and where the object is uploaded.

    Directory buckets - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the formatBucket_name.s3express-az_id.region.amazonaws.com. Path-style requests are not supported. Directory bucket names must be unique in the chosen Availability Zone. Bucket names must follow the formatbucket_base_name--az-id--x-s3 (for example,DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about bucket naming restrictions, seeDirectory bucket naming rules in theAmazon S3 User Guide.

    Access points - When you use this action with an access point, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the formAccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this action with an access point through the Amazon Web Services SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, seeUsing access points in theAmazon S3 User Guide.

    Note: Access points and Object Lambda access points are not supported by directory buckets.

    S3 on Outposts - When you use this action with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the formAccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When you use this action with S3 on Outposts through the Amazon Web Services SDKs, you provide the Outposts access point ARN in place of the bucket name. For more information about S3 on Outposts ARNs, seeWhat is S3 on Outposts? in theAmazon S3 User Guide.

  • CacheControl — (String)

    Specifies caching behavior along the request/reply chain.

  • ContentDisposition — (String)

    Specifies presentational information for the object.

  • ContentEncoding — (String)

    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.

    Note: For directory buckets, only theaws-chunked value is supported in this header field.
  • ContentLanguage — (String)

    The language that the content is in.

  • ContentType — (String)

    A standard MIME type describing the format of the object data.

  • Expires — (Date)

    The date and time at which the object is no longer cacheable.

  • GrantFullControl — (String)

    Specify access permissions explicitly to give the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.

    By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, seeAccess Control List (ACL) Overview in theAmazon S3 User Guide.

    You specify each grantee as a type=value pair, where the type is one of the following:

    • id – if the value specified is the canonical user ID of an Amazon Web Services account

    • uri – if you are granting permissions to a predefined group

    • emailAddress – if the value specified is the email address of an Amazon Web Services account

      Note: Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

      • US East (N. Virginia)
      • US West (N. California)
      • US West (Oregon)
      • Asia Pacific (Singapore)
      • Asia Pacific (Sydney)
      • Asia Pacific (Tokyo)
      • Europe (Ireland)
      • South America (São Paulo)

      For a list of all the Amazon S3 supported Regions and endpoints, seeRegions and Endpoints in the Amazon Web Services General Reference.

    For example, the followingx-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

    x-amz-grant-read:,

    Note:

    • This functionality is not supported for directory buckets.
    • This functionality is not supported for Amazon S3 on Outposts.
  • GrantRead — (String)

    Specify access permissions explicitly to allow grantee to read the object data and its metadata.

    By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, seeAccess Control List (ACL) Overview in theAmazon S3 User Guide.

    You specify each grantee as a type=value pair, where the type is one of the following:

    • id – if the value specified is the canonical user ID of an Amazon Web Services account

    • uri – if you are granting permissions to a predefined group

    • emailAddress – if the value specified is the email address of an Amazon Web Services account

      Note: Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

      • US East (N. Virginia)
      • US West (N. California)
      • US West (Oregon)
      • Asia Pacific (Singapore)
      • Asia Pacific (Sydney)
      • Asia Pacific (Tokyo)
      • Europe (Ireland)
      • South America (São Paulo)

      For a list of all the Amazon S3 supported Regions and endpoints, seeRegions and Endpoints in the Amazon Web Services General Reference.

    For example, the followingx-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

    x-amz-grant-read:,

    Note:

    • This functionality is not supported for directory buckets.
    • This functionality is not supported for Amazon S3 on Outposts.
  • GrantReadACP — (String)

    Specify access permissions explicitly to allows grantee to read the object ACL.

    By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, seeAccess Control List (ACL) Overview in theAmazon S3 User Guide.

    You specify each grantee as a type=value pair, where the type is one of the following:

    • id – if the value specified is the canonical user ID of an Amazon Web Services account

    • uri – if you are granting permissions to a predefined group

    • emailAddress – if the value specified is the email address of an Amazon Web Services account

      Note: Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

      • US East (N. Virginia)
      • US West (N. California)
      • US West (Oregon)
      • Asia Pacific (Singapore)
      • Asia Pacific (Sydney)
      • Asia Pacific (Tokyo)
      • Europe (Ireland)
      • South America (São Paulo)

      For a list of all the Amazon S3 supported Regions and endpoints, seeRegions and Endpoints in the Amazon Web Services General Reference.

    For example, the followingx-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

    x-amz-grant-read:,

    Note:

    • This functionality is not supported for directory buckets.
    • This functionality is not supported for Amazon S3 on Outposts.
  • GrantWriteACP — (String)

    Specify access permissions explicitly to allows grantee to allow grantee to write the ACL for the applicable object.

    By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, seeAccess Control List (ACL) Overview in theAmazon S3 User Guide.

    You specify each grantee as a type=value pair, where the type is one of the following:

    • id – if the value specified is the canonical user ID of an Amazon Web Services account

    • uri – if you are granting permissions to a predefined group

    • emailAddress – if the value specified is the email address of an Amazon Web Services account

      Note: Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

      • US East (N. Virginia)
      • US West (N. California)
      • US West (Oregon)
      • Asia Pacific (Singapore)
      • Asia Pacific (Sydney)
      • Asia Pacific (Tokyo)
      • Europe (Ireland)
      • South America (São Paulo)

      For a list of all the Amazon S3 supported Regions and endpoints, seeRegions and Endpoints in the Amazon Web Services General Reference.

    For example, the followingx-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

    x-amz-grant-read:,

    Note:

    • This functionality is not supported for directory buckets.
    • This functionality is not supported for Amazon S3 on Outposts.
  • Key — (String)

    Object key for which the multipart upload is to be initiated.

  • Metadata — (map<String>)

    A map of metadata to store with the object in S3.

  • ServerSideEncryption — (String)

    The server-side encryption algorithm used when you store this object in Amazon S3 (for example,AES256,aws:kms).

    • Directory buckets - For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in yourCreateSession requests orPUT object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information, seeProtecting data with server-side encryption in theAmazon S3 User Guide. For more information about the encryption overriding behaviors in directory buckets, seeSpecifying server-side encryption with KMS for new object uploads.

      In the Zonal endpoint API calls (exceptCopyObject andUploadPartCopy) using the REST API, the encryption request headers must match the encryption settings that are specified in theCreateSession request. You can't override the values of the encryption settings (x-amz-server-side-encryption,x-amz-server-side-encryption-aws-kms-key-id,x-amz-server-side-encryption-context, andx-amz-server-side-encryption-bucket-key-enabled) that are specified in theCreateSession request. You don't need to explicitly specify these encryption settings values in Zonal endpoint API calls, and Amazon S3 will use the encryption settings values from theCreateSession request to protect new objects in the directory bucket.

      Note: When you use the CLI or the Amazon Web Services SDKs, forCreateSession, the session token refreshes automatically to avoid service interruptions when a session expires. The CLI or the Amazon Web Services SDKs use the bucket's default encryption configuration for theCreateSession request. It's not supported to override the encryption settings values in theCreateSession request. So in the Zonal endpoint API calls (exceptCopyObject andUploadPartCopy), the encryption request headers must match the default encryption configuration of the directory bucket.
    Possible values include:
    • "AES256"
    • "aws:kms"
    • "aws:kms:dsse"
  • StorageClass — (String)

    By default, Amazon S3 uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. Depending on performance needs, you can specify a different Storage Class. For more information, seeStorage Classes in theAmazon S3 User Guide.

    Note:

    • For directory buckets, only the S3 Express One Zone storage class is supported to store newly created objects.
    • Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.
    Possible values include:
    • "STANDARD"
    • "REDUCED_REDUNDANCY"
    • "STANDARD_IA"
    • "ONEZONE_IA"
    • "INTELLIGENT_TIERING"
    • "GLACIER"
    • "DEEP_ARCHIVE"
    • "OUTPOSTS"
    • "GLACIER_IR"
    • "SNOW"
    • "EXPRESS_ONEZONE"
  • WebsiteRedirectLocation — (String)

    If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.

    Note: This functionality is not supported for directory buckets.
  • SSECustomerAlgorithm — (String)

    Specifies the algorithm to use when encrypting the object (for example, AES256).

    Note: This functionality is not supported for directory buckets.
  • SSECustomerKey — (Buffer, Typed Array, Blob, String)

    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in thex-amz-server-side-encryption-customer-algorithm header.

    Note: This functionality is not supported for directory buckets.
  • SSECustomerKeyMD5 — (String)

    Specifies the 128-bit MD5 digest of the customer-provided encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

    Note: This functionality is not supported for directory buckets.
  • SSEKMSKeyId — (String)

    Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for object encryption. If the KMS key doesn't exist in the same account that's issuing the command, you must use the full Key ARN not the Key ID.

    General purpose buckets - If you specifyx-amz-server-side-encryption withaws:kms oraws:kms:dsse, this header specifies the ID (Key ID, Key ARN, or Key Alias) of the KMS key to use. If you specifyx-amz-server-side-encryption:aws:kms orx-amz-server-side-encryption:aws:kms:dsse, but do not providex-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the Amazon Web Services managed key (aws/s3) to protect the data.

    Directory buckets - If you specifyx-amz-server-side-encryption withaws:kms, the x-amz-server-side-encryption-aws-kms-key-id header is implicitly assigned the ID of the KMS symmetric encryption customer managed key that's configured for your directory bucket's default encryption setting. If you want to specify the x-amz-server-side-encryption-aws-kms-key-id header explicitly, you can only specify it with the ID (Key ID or Key ARN) of the KMS customer managed key that's configured for your directory bucket's default encryption setting. Otherwise, you get an HTTP400 Bad Request error. Only use the key ID or key ARN. The key alias format of the KMS key isn't supported. Your SSE-KMS configuration can only support 1customer managed key per directory bucket for the lifetime of the bucket. TheAmazon Web Services managed key (aws/s3) isn't supported.

  • SSEKMSEncryptionContext — (String)

    Specifies the Amazon Web Services KMS Encryption Context to use for object encryption. The value of this header is a Base64-encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs.

    Directory buckets - You can optionally provide an explicit encryption context value. The value must match the default encryption context - the bucket Amazon Resource Name (ARN). An additional encryption context value is not supported.

  • BucketKeyEnabled — (Boolean)

    Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using Key Management Service (KMS) keys (SSE-KMS).

    General purpose buckets - Setting this header totrue causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS. Also, specifying this header with a PUT action doesn't affect bucket-level settings for S3 Bucket Key.

    Directory buckets - S3 Bucket Keys are always enabled forGET andPUT operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, throughCopyObject,UploadPartCopy,the Copy operation in Batch Operations, orthe import jobs. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.

  • RequestPayer — (String)

    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, seeDownloading Objects in Requester Pays Buckets in theAmazon S3 User Guide.

    Note: This functionality is not supported for directory buckets.
    Possible values include:
    • "requester"
  • Tagging — (String)

    The tag-set for the object. The tag-set must be encoded as URL Query parameters.

    Note: This functionality is not supported for directory buckets.
  • ObjectLockMode — (String)

    Specifies the Object Lock mode that you want to apply to the uploaded object.

    Note: This functionality is not supported for directory buckets.
    Possible values include:
    • "GOVERNANCE"
    • "COMPLIANCE"
  • ObjectLockRetainUntilDate — (Date)

    Specifies the date and time when you want the Object Lock to expire.

    Note: This functionality is not supported for directory buckets.
  • ObjectLockLegalHoldStatus — (String)

    Specifies whether you want to apply a legal hold to the uploaded object.

    Note: This functionality is not supported for directory buckets.
    Possible values include:
    • "ON"
    • "OFF"
  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

  • ChecksumAlgorithm — (String)

    Indicates the algorithm that you want Amazon S3 to use to create the checksum for the object. For more information, seeChecking object integrity in theAmazon S3 User Guide.

    Possible values include:
    • "CRC32"
    • "CRC32C"
    • "SHA1"
    • "SHA256"

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.Thedata object has the following properties:

    • AbortDate — (Date)

      If the bucket has a lifecycle rule configured with an action to abort incomplete multipart uploads and the prefix in the lifecycle rule matches the object name in the request, the response includes this header. The header indicates when the initiated multipart upload becomes eligible for an abort operation. For more information, see Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle Configuration in theAmazon S3 User Guide.

      The response also includes thex-amz-abort-rule-id header that provides the ID of the lifecycle configuration rule that defines the abort action.

      Note: This functionality is not supported for directory buckets.
    • AbortRuleId — (String)

      This header is returned along with thex-amz-abort-date header. It identifies the applicable lifecycle configuration rule that defines the action to abort incomplete multipart uploads.

      Note: This functionality is not supported for directory buckets.
    • Bucket — (String)

      The name of the bucket to which the multipart upload was initiated. Does not return the access point ARN or access point alias if used.

      Note: Access points are not supported by directory buckets.
    • Key — (String)

      Object key for which the multipart upload was initiated.

    • UploadId — (String)

      ID for the initiated multipart upload.

    • ServerSideEncryption — (String)

      The server-side encryption algorithm used when you store this object in Amazon S3 (for example,AES256,aws:kms).

      Possible values include:
      • "AES256"
      • "aws:kms"
      • "aws:kms:dsse"
    • SSECustomerAlgorithm — (String)

      If server-side encryption with a customer-provided encryption key was requested, the response will include this header to confirm the encryption algorithm that's used.

      Note: This functionality is not supported for directory buckets.
    • SSECustomerKeyMD5 — (String)

      If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide the round-trip message integrity verification of the customer-provided encryption key.

      Note: This functionality is not supported for directory buckets.
    • SSEKMSKeyId — (String)

      If present, indicates the ID of the KMS key that was used for object encryption.

    • SSEKMSEncryptionContext — (String)

      If present, indicates the Amazon Web Services KMS Encryption Context to use for object encryption. The value of this header is a Base64-encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs.

    • BucketKeyEnabled — (Boolean)

      Indicates whether the multipart upload uses an S3 Bucket Key for server-side encryption with Key Management Service (KMS) keys (SSE-KMS).

    • RequestCharged — (String)

      If present, indicates that the requester was successfully charged for the request.

      Note: This functionality is not supported for directory buckets.
      Possible values include:
      • "requester"
    • ChecksumAlgorithm — (String)

      The algorithm that was used to create a checksum of the object.

      Possible values include:
      • "CRC32"
      • "CRC32C"
      • "SHA1"
      • "SHA256"

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

var params = {  Bucket: 'bucket',  Fields: {    key: 'key'  }};s3.createPresignedPost(params, function(err, data) {  if (err) {    console.error('Presigning post data encountered an error', err);  } else {    console.log('The post data is', data);  }});

var params = {  Bucket: 'bucket',  Conditions: [    ['starts-with', '$key', 'path/to/uploads/']  ]};s3.createPresignedPost(params, function(err, data) {  if (err) {    console.error('Presigning post data encountered an error', err);  } else {    data.Fields.key = 'path/to/uploads/${filename}';    console.log('The post data is', data);  }});

Parameters:

• params(map)
• callback(Function)

Callback (callback):

• function(err, data) { ... }

  Parameters:

  • err(Error) —

    the error object returned from the policy signer

  • data(map) —

    The data necessary to construct an HTML form

  • data.url(String) —

    The URL to use as the action of the form

  • data.fields(map) —

    A hash of fields that must be included in theform for the upload to succeed. This hash willinclude the signed POST policy, your access keyID and security token (if present), etc. Thesemay be safely included as input elements of type'hidden.'

Options Hash (params):

• Bucket(String) —

  The bucket to which the post should beuploaded

• Expires(Integer) — default:3600 —

  The number of seconds for whichthe presigned policy should be valid.

• Conditions(Array) —

  An array of conditions that must be metfor the presigned policy to allow theupload. This can include required tags,the accepted range for content lengths,etc.

• Fields(map) —

  Fields to include in the form. Allvalues passed in as fields will besigned as exact match conditions.

Returns:

• (map) —

  If called synchronously (with no callback), returns a hashwith the url to set as the form action and a hash of fieldsto include in the form.

• (null) —

  Nothing is returned if a callback is provided.

See Also:

• http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-HTTPPOSTConstructPolicy.html

var params = {  Bucket: 'STRING_VALUE', /* required */  BucketKeyEnabled: true || false,  SSEKMSEncryptionContext: 'STRING_VALUE',  SSEKMSKeyId: 'STRING_VALUE',  ServerSideEncryption: AES256 | aws:kms | aws:kms:dsse,  SessionMode: ReadOnly | ReadWrite};s3.createSession(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • SessionMode — (String)

    Specifies the mode of the session that will be created, eitherReadWrite orReadOnly. By default, aReadWrite session is created. AReadWrite session is capable of executing all the Zonal endpoint API operations on a directory bucket. AReadOnly session is constrained to execute the following Zonal endpoint API operations:GetObject,HeadObject,ListObjectsV2,GetObjectAttributes,ListParts, andListMultipartUploads.

    Possible values include:
    • "ReadOnly"
    • "ReadWrite"
  • Bucket — (String)

    The name of the bucket that you create a session for.

  • ServerSideEncryption — (String)

    The server-side encryption algorithm to use when you store objects in the directory bucket.

    For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). By default, Amazon S3 encrypts data with SSE-S3. For more information, seeProtecting data with server-side encryption in theAmazon S3 User Guide.

    Possible values include:
    • "AES256"
    • "aws:kms"
    • "aws:kms:dsse"
  • SSEKMSKeyId — (String)

    If you specifyx-amz-server-side-encryption withaws:kms, you must specify the x-amz-server-side-encryption-aws-kms-key-id header with the ID (Key ID or Key ARN) of the KMS symmetric encryption customer managed key to use. Otherwise, you get an HTTP400 Bad Request error. Only use the key ID or key ARN. The key alias format of the KMS key isn't supported. Also, if the KMS key doesn't exist in the same account that't issuing the command, you must use the full Key ARN not the Key ID.

    Your SSE-KMS configuration can only support 1customer managed key per directory bucket for the lifetime of the bucket. TheAmazon Web Services managed key (aws/s3) isn't supported.

  • SSEKMSEncryptionContext — (String)

    Specifies the Amazon Web Services KMS Encryption Context as an additional encryption context to use for object encryption. The value of this header is a Base64-encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs. This value is stored as object metadata and automatically gets passed on to Amazon Web Services KMS for futureGetObject operations on this object.

    General purpose buckets - This value must be explicitly added duringCopyObject operations if you want an additional encryption context for your object. For more information, seeEncryption context in theAmazon S3 User Guide.

    Directory buckets - You can optionally provide an explicit encryption context value. The value must match the default encryption context - the bucket Amazon Resource Name (ARN). An additional encryption context value is not supported.

  • BucketKeyEnabled — (Boolean)

    Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using KMS keys (SSE-KMS).

    S3 Bucket Keys are always enabled forGET andPUT operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, throughCopyObject,UploadPartCopy,the Copy operation in Batch Operations, orthe import jobs. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.Thedata object has the following properties:

    • ServerSideEncryption — (String)

      The server-side encryption algorithm used when you store objects in the directory bucket.

      Possible values include:
      • "AES256"
      • "aws:kms"
      • "aws:kms:dsse"
    • SSEKMSKeyId — (String)

      If you specifyx-amz-server-side-encryption withaws:kms, this header indicates the ID of the KMS symmetric encryption customer managed key that was used for object encryption.

    • SSEKMSEncryptionContext — (String)

      If present, indicates the Amazon Web Services KMS Encryption Context to use for object encryption. The value of this header is a Base64-encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs. This value is stored as object metadata and automatically gets passed on to Amazon Web Services KMS for futureGetObject operations on this object.

    • BucketKeyEnabled — (Boolean)

      Indicates whether to use an S3 Bucket Key for server-side encryption with KMS keys (SSE-KMS).

    • Credentials — (map)

      The established temporary security credentials for the created session.

      • AccessKeyId —required — (String)

        A unique identifier that's associated with a secret access key. The access key ID and the secret access key are used together to sign programmatic Amazon Web Services requests cryptographically.

      • SecretAccessKey —required — (String)

        A key that's used with the access key ID to cryptographically sign programmatic Amazon Web Services requests. Signing a request identifies the sender and prevents the request from being altered.

      • SessionToken —required — (String)

        A part of the temporary security credentials. The session token is used to validate the temporary security credentials.

      • Expiration —required — (Date)

        Temporary security credentials expire after a specified interval. After temporary credentials expire, any calls that you make with those credentials will fail. So you must generate a new set of temporary credentials. Temporary credentials cannot be extended or refreshed beyond the original specified interval.

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

/* The following example deletes the specified bucket. */ var params = {  Bucket: "forrandall2" }; s3.deleteBucket(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response });

var params = {  Bucket: 'STRING_VALUE', /* required */  ExpectedBucketOwner: 'STRING_VALUE'};s3.deleteBucket(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    Specifies the bucket being deleted.

    Directory buckets - When you use this operation with a directory bucket, you must use path-style requests in the formathttps://s3express-control.region_code.amazonaws.com/bucket-name. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Availability Zone. Bucket names must also follow the formatbucket_base_name--az_id--x-s3 (for example,DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about bucket naming restrictions, seeDirectory bucket naming rules in theAmazon S3 User Guide

  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

    Note: For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code501 Not Implemented.

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

var params = {  Bucket: 'STRING_VALUE', /* required */  Id: 'STRING_VALUE', /* required */  ExpectedBucketOwner: 'STRING_VALUE'};s3.deleteBucketAnalyticsConfiguration(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    The name of the bucket from which an analytics configuration is deleted.

  • Id — (String)

    The ID that identifies the analytics configuration.

  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

/* The following example deletes CORS configuration on a bucket. */ var params = {  Bucket: "examplebucket" }; s3.deleteBucketCors(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response });

var params = {  Bucket: 'STRING_VALUE', /* required */  ExpectedBucketOwner: 'STRING_VALUE'};s3.deleteBucketCors(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    Specifies the bucket whosecors configuration is being deleted.

  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

var params = {  Bucket: 'STRING_VALUE', /* required */  ExpectedBucketOwner: 'STRING_VALUE'};s3.deleteBucketEncryption(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    The name of the bucket containing the server-side encryption configuration to delete.

    Directory buckets - When you use this operation with a directory bucket, you must use path-style requests in the formathttps://s3express-control.region_code.amazonaws.com/bucket-name. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Availability Zone. Bucket names must also follow the formatbucket_base_name--az_id--x-s3 (for example,DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about bucket naming restrictions, seeDirectory bucket naming rules in theAmazon S3 User Guide

  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

    Note: For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code501 Not Implemented.

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

var params = {  Bucket: 'STRING_VALUE', /* required */  Id: 'STRING_VALUE' /* required */};s3.deleteBucketIntelligentTieringConfiguration(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    The name of the Amazon S3 bucket whose configuration you want to modify or retrieve.

  • Id — (String)

    The ID used to identify the S3 Intelligent-Tiering configuration.

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

var params = {  Bucket: 'STRING_VALUE', /* required */  Id: 'STRING_VALUE', /* required */  ExpectedBucketOwner: 'STRING_VALUE'};s3.deleteBucketInventoryConfiguration(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    The name of the bucket containing the inventory configuration to delete.

  • Id — (String)

    The ID used to identify the inventory configuration.

  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

/* The following example deletes lifecycle configuration on a bucket. */ var params = {  Bucket: "examplebucket" }; s3.deleteBucketLifecycle(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response });

var params = {  Bucket: 'STRING_VALUE', /* required */  ExpectedBucketOwner: 'STRING_VALUE'};s3.deleteBucketLifecycle(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    The bucket name of the lifecycle to delete.

  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

var params = {  Bucket: 'STRING_VALUE', /* required */  Id: 'STRING_VALUE', /* required */  ExpectedBucketOwner: 'STRING_VALUE'};s3.deleteBucketMetricsConfiguration(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    The name of the bucket containing the metrics configuration to delete.

  • Id — (String)

    The ID used to identify the metrics configuration. The ID has a 64 character limit and can only contain letters, numbers, periods, dashes, and underscores.

  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

var params = {  Bucket: 'STRING_VALUE', /* required */  ExpectedBucketOwner: 'STRING_VALUE'};s3.deleteBucketOwnershipControls(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    The Amazon S3 bucket whoseOwnershipControls you want to delete.

  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

/* The following example deletes bucket policy on the specified bucket. */ var params = {  Bucket: "examplebucket" }; s3.deleteBucketPolicy(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response });

var params = {  Bucket: 'STRING_VALUE', /* required */  ExpectedBucketOwner: 'STRING_VALUE'};s3.deleteBucketPolicy(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    The bucket name.

    Directory buckets - When you use this operation with a directory bucket, you must use path-style requests in the formathttps://s3express-control.region_code.amazonaws.com/bucket-name. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Availability Zone. Bucket names must also follow the formatbucket_base_name--az_id--x-s3 (for example,DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about bucket naming restrictions, seeDirectory bucket naming rules in theAmazon S3 User Guide

  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

    Note: For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code501 Not Implemented.

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

/* The following example deletes replication configuration set on bucket. */ var params = {  Bucket: "example" }; s3.deleteBucketReplication(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response });

var params = {  Bucket: 'STRING_VALUE', /* required */  ExpectedBucketOwner: 'STRING_VALUE'};s3.deleteBucketReplication(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    The bucket name.

  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

/* The following example deletes bucket tags. */ var params = {  Bucket: "examplebucket" }; s3.deleteBucketTagging(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response });

var params = {  Bucket: 'STRING_VALUE', /* required */  ExpectedBucketOwner: 'STRING_VALUE'};s3.deleteBucketTagging(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    The bucket that has the tag set to be removed.

  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

/* The following example deletes bucket website configuration. */ var params = {  Bucket: "examplebucket" }; s3.deleteBucketWebsite(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response });

var params = {  Bucket: 'STRING_VALUE', /* required */  ExpectedBucketOwner: 'STRING_VALUE'};s3.deleteBucketWebsite(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    The bucket name for which you want to remove the website configuration.

  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

/* The following example deletes an object from a non-versioned bucket. */ var params = {  Bucket: "ExampleBucket",   Key: "HappyFace.jpg" }; s3.deleteObject(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response   /*   data = {   }   */ });

/* The following example deletes an object from an S3 bucket. */ var params = {  Bucket: "examplebucket",   Key: "objectkey.jpg" }; s3.deleteObject(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response   /*   data = {   }   */ });

var params = {  Bucket: 'STRING_VALUE', /* required */  Key: 'STRING_VALUE', /* required */  BypassGovernanceRetention: true || false,  ExpectedBucketOwner: 'STRING_VALUE',  MFA: 'STRING_VALUE',  RequestPayer: requester,  VersionId: 'STRING_VALUE'};s3.deleteObject(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    The bucket name of the bucket containing the object.

    Directory buckets - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the formatBucket_name.s3express-az_id.region.amazonaws.com. Path-style requests are not supported. Directory bucket names must be unique in the chosen Availability Zone. Bucket names must follow the formatbucket_base_name--az-id--x-s3 (for example,DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about bucket naming restrictions, seeDirectory bucket naming rules in theAmazon S3 User Guide.

    Access points - When you use this action with an access point, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the formAccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this action with an access point through the Amazon Web Services SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, seeUsing access points in theAmazon S3 User Guide.

    Note: Access points and Object Lambda access points are not supported by directory buckets.

    S3 on Outposts - When you use this action with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the formAccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When you use this action with S3 on Outposts through the Amazon Web Services SDKs, you provide the Outposts access point ARN in place of the bucket name. For more information about S3 on Outposts ARNs, seeWhat is S3 on Outposts? in theAmazon S3 User Guide.

  • Key — (String)

    Key name of the object to delete.

  • MFA — (String)

    The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device. Required to permanently delete a versioned object if versioning is configured with MFA delete enabled.

    Note: This functionality is not supported for directory buckets.
  • VersionId — (String)

    Version ID used to reference a specific version of the object.

    Note: For directory buckets in this API operation, only thenull value of the version ID is supported.
  • RequestPayer — (String)

    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, seeDownloading Objects in Requester Pays Buckets in theAmazon S3 User Guide.

    Note: This functionality is not supported for directory buckets.
    Possible values include:
    • "requester"
  • BypassGovernanceRetention — (Boolean)

    Indicates whether S3 Object Lock should bypass Governance-mode restrictions to process this operation. To use this header, you must have thes3:BypassGovernanceRetention permission.

    Note: This functionality is not supported for directory buckets.
  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.Thedata object has the following properties:

    • DeleteMarker — (Boolean)

      Indicates whether the specified object version that was permanently deleted was (true) or was not (false) a delete marker before deletion. In a simple DELETE, this header indicates whether (true) or not (false) the current version of the object is a delete marker.

      Note: This functionality is not supported for directory buckets.
    • VersionId — (String)

      Returns the version ID of the delete marker created as a result of the DELETE operation.

      Note: This functionality is not supported for directory buckets.
    • RequestCharged — (String)

      If present, indicates that the requester was successfully charged for the request.

      Note: This functionality is not supported for directory buckets.
      Possible values include:
      • "requester"

Returns:

• (AWS.Request) —

  a handle to the operation request forsubsequent event callback registration.

/* The following example deletes objects from a bucket. The bucket is versioned, and the request does not specify the object version to delete. In this case, all versions remain in the bucket and S3 adds a delete marker. */ var params = {  Bucket: "examplebucket",   Delete: {   Objects: [      {     Key: "objectkey1"    },       {     Key: "objectkey2"    }   ],    Quiet: false  } }; s3.deleteObjects(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response   /*   data = {    Deleted: [       {      DeleteMarker: true,       DeleteMarkerVersionId: "A._w1z6EFiCF5uhtQMDal9JDkID9tQ7F",       Key: "objectkey1"     },        {      DeleteMarker: true,       DeleteMarkerVersionId: "iOd_ORxhkKe_e8G8_oSGxt2PjsCZKlkt",       Key: "objectkey2"     }    ]   }   */ });

/* The following example deletes objects from a bucket. The request specifies object versions. S3 deletes specific object versions and returns the key and versions of deleted objects in the response. */ var params = {  Bucket: "examplebucket",   Delete: {   Objects: [      {     Key: "HappyFace.jpg",      VersionId: "2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b"    },       {     Key: "HappyFace.jpg",      VersionId: "yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd"    }   ],    Quiet: false  } }; s3.deleteObjects(params, function(err, data) {   if (err) console.log(err, err.stack); // an error occurred   else     console.log(data);           // successful response   /*   data = {    Deleted: [       {      Key: "HappyFace.jpg",       VersionId: "yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd"     },        {      Key: "HappyFace.jpg",       VersionId: "2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b"     }    ]   }   */ });

var params = {  Bucket: 'STRING_VALUE', /* required */  Delete: { /* required */    Objects: [ /* required */      {        Key: 'STRING_VALUE', /* required */        VersionId: 'STRING_VALUE'      },      /* more items */    ],    Quiet: true || false  },  BypassGovernanceRetention: true || false,  ChecksumAlgorithm: CRC32 | CRC32C | SHA1 | SHA256,  ExpectedBucketOwner: 'STRING_VALUE',  MFA: 'STRING_VALUE',  RequestPayer: requester};s3.deleteObjects(params, function(err, data) {  if (err) console.log(err, err.stack); // an error occurred  else     console.log(data);           // successful response});

Parameters:

• params(Object)(defaults to:{}) —
  • Bucket — (String)

    The bucket name containing the objects to delete.

    Directory buckets - When you use this operation with a directory bucket, you must use virtual-hosted-style requests in the formatBucket_name.s3express-az_id.region.amazonaws.com. Path-style requests are not supported. Directory bucket names must be unique in the chosen Availability Zone. Bucket names must follow the formatbucket_base_name--az-id--x-s3 (for example,DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about bucket naming restrictions, seeDirectory bucket naming rules in theAmazon S3 User Guide.

    Access points - When you use this action with an access point, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the formAccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this action with an access point through the Amazon Web Services SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, seeUsing access points in theAmazon S3 User Guide.

    Note: Access points and Object Lambda access points are not supported by directory buckets.

    S3 on Outposts - When you use this action with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the formAccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When you use this action with S3 on Outposts through the Amazon Web Services SDKs, you provide the Outposts access point ARN in place of the bucket name. For more information about S3 on Outposts ARNs, seeWhat is S3 on Outposts? in theAmazon S3 User Guide.

  • Delete — (map)

    Container for the request.

    • Objects —required — (Array<map>)

      The object to delete.

      Note:Directory buckets - For directory buckets, an object that's composed entirely of whitespace characters is not supported by theDeleteObjects API operation. The request will receive a400 Bad Request error and none of the objects in the request will be deleted.
      • Key —required — (String)

        Key name of the object.

        Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.

      • VersionId — (String)

        Version ID for the specific version of the object to delete.

        Note: This functionality is not supported for directory buckets.
    • Quiet — (Boolean)

      Element to enable quiet mode for the request. When you add this element, you must set its value totrue.

  • MFA — (String)

    The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device. Required to permanently delete a versioned object if versioning is configured with MFA delete enabled.

    When performing theDeleteObjects operation on an MFA delete enabled bucket, which attempts to delete the specified versioned objects, you must include an MFA token. If you don't provide an MFA token, the entire request will fail, even if there are non-versioned objects that you are trying to delete. If you provide an invalid token, whether there are versioned object keys in the request or not, the entire Multi-Object Delete request will fail. For information about MFA Delete, see MFA Delete in theAmazon S3 User Guide.

    Note: This functionality is not supported for directory buckets.
  • RequestPayer — (String)

    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for corresponding charges to copy the object. For information about downloading objects from Requester Pays buckets, seeDownloading Objects in Requester Pays Buckets in theAmazon S3 User Guide.

    Note: This functionality is not supported for directory buckets.
    Possible values include:
    • "requester"
  • BypassGovernanceRetention — (Boolean)

    Specifies whether you want to delete this object even if it has a Governance-type Object Lock in place. To use this header, you must have thes3:BypassGovernanceRetention permission.

    Note: This functionality is not supported for directory buckets.
  • ExpectedBucketOwner — (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code403 Forbidden (access denied).

  • ChecksumAlgorithm — (String)

    Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a correspondingx-amz-checksum-algorithm orx-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the HTTP status code400 Bad Request.

    For thex-amz-checksum-algorithm header, replacealgorithm with the supported algorithm from the following list:

    • CRC32

    • CRC32C

    • SHA1

    • SHA256

    For more information, seeChecking object integrity in theAmazon S3 User Guide.

    If the individual checksum value you provide throughx-amz-checksum-algorithm doesn't match the checksum algorithm you set throughx-amz-sdk-checksum-algorithm, Amazon S3 ignores any providedChecksumAlgorithm parameter and uses the checksum algorithm that matches the provided value inx-amz-checksum-algorithm.

    If you provide an individual checksum, Amazon S3 ignores any providedChecksumAlgorithm parameter.

    Possible values include:
    • "CRC32"
    • "CRC32C"
    • "SHA1"
    • "SHA256"

Callback (callback):

• function(err, data) { ... }

  Called when a response from the service is returned. If acallback is not supplied, you must callAWS.Request.send()on the returned request object to initiate the request.

  Context (this):

  • (AWS.Response) —

    the response object containing error, data properties, and the original request object.

  Parameters:

  • err(Error) —

    the error object returned from the request.Set tonull if the request is successful.

  • data(Object) —

    the de-serialized data returned fromthe request. Set tonull if a request error occurs.Thedata object has the following properties:

    • Deleted — (Array<map>)

      Container element for a successful delete. It identifies the object that was successfully deleted.

      • Key — (String)

        The name of the deleted object.

      • VersionId — (String)

        The version ID of the deleted object.

        Note: This functionality is not supported for directory buckets.
      • DeleteMarker — (Boolean)

        Indicates whether the specified object version that was permanently deleted was (true) or was not (false) a delete marker before deletion. In a simple DELETE, this header indicates whether (true) or not (false) the current version of the object is a delete marker.

        Note: This functionality is not supported for directory buckets.
      • DeleteMarkerVersionId — (String)

        The version ID of the delete marker created as a result of the DELETE operation. If you delete a specific object version, the value returned by this header is the version ID of the object version deleted.

        Note: This functionality is not supported for directory buckets.
    • RequestCharged — (String)

      If present, indicates that the requester was successfully charged for the request.

      Note: This functionality is not supported for directory buckets.
      Possible values include:
      • "requester"
    • Errors — (Array<map>)

      Container for a failed delete action that describes the object that Amazon S3 attempted to delete and the error it encountered.

      • Key — (String)

        The error key.

      • VersionId — (String)

        The version ID of the error.

        Note: This functionality is not supported for directory buckets.
      • Code — (String)

        The error code is a string that uniquely identifies an error condition. It is meant to be read and understood by programs that detect and handle errors by type. The following is a list of Amazon S3 error codes. For more information, seeError responses.

        • • Code: AccessDenied

          • Description: Access Denied

          • HTTP Status Code: 403 Forbidden

          • SOAP Fault Code Prefix: Client

        • • Code: AccountProblem

          • Description: There is a problem with your Amazon Web Services account that prevents the action from completing successfully. Contact Amazon Web Services Support for further assistance.

          • HTTP Status Code: 403 Forbidden

          • SOAP Fault Code Prefix: Client

        • • Code: AllAccessDisabled

          • Description: All access to this Amazon S3 resource has been disabled. Contact Amazon Web Services Support for further assistance.

          • HTTP Status Code: 403 Forbidden

          • SOAP Fault Code Prefix: Client

        • • Code: AmbiguousGrantByEmailAddress

          • Description: The email address you provided is associated with more than one account.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: AuthorizationHeaderMalformed

          • Description: The authorization header you provided is invalid.

          • HTTP Status Code: 400 Bad Request

          • HTTP Status Code: N/A

        • • Code: BadDigest

          • Description: The Content-MD5 you specified did not match what we received.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: BucketAlreadyExists

          • Description: The requested bucket name is not available. The bucket namespace is shared by all users of the system. Please select a different name and try again.

          • HTTP Status Code: 409 Conflict

          • SOAP Fault Code Prefix: Client

        • • Code: BucketAlreadyOwnedByYou

          • Description: The bucket you tried to create already exists, and you own it. Amazon S3 returns this error in all Amazon Web Services Regions except in the North Virginia Region. For legacy compatibility, if you re-create an existing bucket that you already own in the North Virginia Region, Amazon S3 returns 200 OK and resets the bucket access control lists (ACLs).

          • Code: 409 Conflict (in all Regions except the North Virginia Region)

          • SOAP Fault Code Prefix: Client

        • • Code: BucketNotEmpty

          • Description: The bucket you tried to delete is not empty.

          • HTTP Status Code: 409 Conflict

          • SOAP Fault Code Prefix: Client

        • • Code: CredentialsNotSupported

          • Description: This request does not support credentials.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: CrossLocationLoggingProhibited

          • Description: Cross-location logging not allowed. Buckets in one geographic location cannot log information to a bucket in another location.

          • HTTP Status Code: 403 Forbidden

          • SOAP Fault Code Prefix: Client

        • • Code: EntityTooSmall

          • Description: Your proposed upload is smaller than the minimum allowed object size.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: EntityTooLarge

          • Description: Your proposed upload exceeds the maximum allowed object size.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: ExpiredToken

          • Description: The provided token has expired.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: IllegalVersioningConfigurationException

          • Description: Indicates that the versioning configuration specified in the request is invalid.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: IncompleteBody

          • Description: You did not provide the number of bytes specified by the Content-Length HTTP header

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: IncorrectNumberOfFilesInPostRequest

          • Description: POST requires exactly one file upload per request.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: InlineDataTooLarge

          • Description: Inline data exceeds the maximum allowed size.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: InternalError

          • Description: We encountered an internal error. Please try again.

          • HTTP Status Code: 500 Internal Server Error

          • SOAP Fault Code Prefix: Server

        • • Code: InvalidAccessKeyId

          • Description: The Amazon Web Services access key ID you provided does not exist in our records.

          • HTTP Status Code: 403 Forbidden

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidAddressingHeader

          • Description: You must specify the Anonymous role.

          • HTTP Status Code: N/A

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidArgument

          • Description: Invalid Argument

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidBucketName

          • Description: The specified bucket is not valid.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidBucketState

          • Description: The request is not valid with the current state of the bucket.

          • HTTP Status Code: 409 Conflict

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidDigest

          • Description: The Content-MD5 you specified is not valid.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidEncryptionAlgorithmError

          • Description: The encryption request you specified is not valid. The valid value is AES256.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidLocationConstraint

          • Description: The specified location constraint is not valid. For more information about Regions, seeHow to Select a Region for Your Buckets.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidObjectState

          • Description: The action is not valid for the current state of the object.

          • HTTP Status Code: 403 Forbidden

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidPart

          • Description: One or more of the specified parts could not be found. The part might not have been uploaded, or the specified entity tag might not have matched the part's entity tag.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidPartOrder

          • Description: The list of parts was not in ascending order. Parts list must be specified in order by part number.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidPayer

          • Description: All access to this object has been disabled. Please contact Amazon Web Services Support for further assistance.

          • HTTP Status Code: 403 Forbidden

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidPolicyDocument

          • Description: The content of the form does not meet the conditions specified in the policy document.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidRange

          • Description: The requested range cannot be satisfied.

          • HTTP Status Code: 416 Requested Range Not Satisfiable

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidRequest

          • Description: Please useAWS4-HMAC-SHA256.

          • HTTP Status Code: 400 Bad Request

          • Code: N/A

        • • Code: InvalidRequest

          • Description: SOAP requests must be made over an HTTPS connection.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidRequest

          • Description: Amazon S3 Transfer Acceleration is not supported for buckets with non-DNS compliant names.

          • HTTP Status Code: 400 Bad Request

          • Code: N/A

        • • Code: InvalidRequest

          • Description: Amazon S3 Transfer Acceleration is not supported for buckets with periods (.) in their names.

          • HTTP Status Code: 400 Bad Request

          • Code: N/A

        • • Code: InvalidRequest

          • Description: Amazon S3 Transfer Accelerate endpoint only supports virtual style requests.

          • HTTP Status Code: 400 Bad Request

          • Code: N/A

        • • Code: InvalidRequest

          • Description: Amazon S3 Transfer Accelerate is not configured on this bucket.

          • HTTP Status Code: 400 Bad Request

          • Code: N/A

        • • Code: InvalidRequest

          • Description: Amazon S3 Transfer Accelerate is disabled on this bucket.

          • HTTP Status Code: 400 Bad Request

          • Code: N/A

        • • Code: InvalidRequest

          • Description: Amazon S3 Transfer Acceleration is not supported on this bucket. Contact Amazon Web Services Support for more information.

          • HTTP Status Code: 400 Bad Request

          • Code: N/A

        • • Code: InvalidRequest

          • Description: Amazon S3 Transfer Acceleration cannot be enabled on this bucket. Contact Amazon Web Services Support for more information.

          • HTTP Status Code: 400 Bad Request

          • Code: N/A

        • • Code: InvalidSecurity

          • Description: The provided security credentials are not valid.

          • HTTP Status Code: 403 Forbidden

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidSOAPRequest

          • Description: The SOAP request body is invalid.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidStorageClass

          • Description: The storage class you specified is not valid.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidTargetBucketForLogging

          • Description: The target bucket for logging does not exist, is not owned by you, or does not have the appropriate grants for the log-delivery group.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidToken

          • Description: The provided token is malformed or otherwise invalid.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: InvalidURI

          • Description: Couldn't parse the specified URI.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: KeyTooLongError

          • Description: Your key is too long.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: MalformedACLError

          • Description: The XML you provided was not well-formed or did not validate against our published schema.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: MalformedPOSTRequest

          • Description: The body of your POST request is not well-formed multipart/form-data.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: MalformedXML

          • Description: This happens when the user sends malformed XML (XML that doesn't conform to the published XSD) for the configuration. The error message is, "The XML you provided was not well-formed or did not validate against our published schema."

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: MaxMessageLengthExceeded

          • Description: Your request was too big.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: MaxPostPreDataLengthExceededError

          • Description: Your POST request fields preceding the upload file were too large.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: MetadataTooLarge

          • Description: Your metadata headers exceed the maximum allowed metadata size.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: MethodNotAllowed

          • Description: The specified method is not allowed against this resource.

          • HTTP Status Code: 405 Method Not Allowed

          • SOAP Fault Code Prefix: Client

        • • Code: MissingAttachment

          • Description: A SOAP attachment was expected, but none were found.

          • HTTP Status Code: N/A

          • SOAP Fault Code Prefix: Client

        • • Code: MissingContentLength

          • Description: You must provide the Content-Length HTTP header.

          • HTTP Status Code: 411 Length Required

          • SOAP Fault Code Prefix: Client

        • • Code: MissingRequestBodyError

          • Description: This happens when the user sends an empty XML document as a request. The error message is, "Request body is empty."

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: MissingSecurityElement

          • Description: The SOAP 1.1 request is missing a security element.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: MissingSecurityHeader

          • Description: Your request is missing a required header.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: NoLoggingStatusForKey

          • Description: There is no such thing as a logging status subresource for a key.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: NoSuchBucket

          • Description: The specified bucket does not exist.

          • HTTP Status Code: 404 Not Found

          • SOAP Fault Code Prefix: Client

        • • Code: NoSuchBucketPolicy

          • Description: The specified bucket does not have a bucket policy.

          • HTTP Status Code: 404 Not Found

          • SOAP Fault Code Prefix: Client

        • • Code: NoSuchKey

          • Description: The specified key does not exist.

          • HTTP Status Code: 404 Not Found

          • SOAP Fault Code Prefix: Client

        • • Code: NoSuchLifecycleConfiguration

          • Description: The lifecycle configuration does not exist.

          • HTTP Status Code: 404 Not Found

          • SOAP Fault Code Prefix: Client

        • • Code: NoSuchUpload

          • Description: The specified multipart upload does not exist. The upload ID might be invalid, or the multipart upload might have been aborted or completed.

          • HTTP Status Code: 404 Not Found

          • SOAP Fault Code Prefix: Client

        • • Code: NoSuchVersion

          • Description: Indicates that the version ID specified in the request does not match an existing version.

          • HTTP Status Code: 404 Not Found

          • SOAP Fault Code Prefix: Client

        • • Code: NotImplemented

          • Description: A header you provided implies functionality that is not implemented.

          • HTTP Status Code: 501 Not Implemented

          • SOAP Fault Code Prefix: Server

        • • Code: NotSignedUp

          • Description: Your account is not signed up for the Amazon S3 service. You must sign up before you can use Amazon S3. You can sign up at the following URL:Amazon S3

          • HTTP Status Code: 403 Forbidden

          • SOAP Fault Code Prefix: Client

        • • Code: OperationAborted

          • Description: A conflicting conditional action is currently in progress against this resource. Try again.

          • HTTP Status Code: 409 Conflict

          • SOAP Fault Code Prefix: Client

        • • Code: PermanentRedirect

          • Description: The bucket you are attempting to access must be addressed using the specified endpoint. Send all future requests to this endpoint.

          • HTTP Status Code: 301 Moved Permanently

          • SOAP Fault Code Prefix: Client

        • • Code: PreconditionFailed

          • Description: At least one of the preconditions you specified did not hold.

          • HTTP Status Code: 412 Precondition Failed

          • SOAP Fault Code Prefix: Client

        • • Code: Redirect

          • Description: Temporary redirect.

          • HTTP Status Code: 307 Moved Temporarily

          • SOAP Fault Code Prefix: Client

        • • Code: RestoreAlreadyInProgress

          • Description: Object restore is already in progress.

          • HTTP Status Code: 409 Conflict

          • SOAP Fault Code Prefix: Client

        • • Code: RequestIsNotMultiPartContent

          • Description: Bucket POST must be of the enclosure-type multipart/form-data.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: RequestTimeout

          • Description: Your socket connection to the server was not read from or written to within the timeout period.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: RequestTimeTooSkewed

          • Description: The difference between the request time and the server's time is too large.

          • HTTP Status Code: 403 Forbidden

          • SOAP Fault Code Prefix: Client

        • • Code: RequestTorrentOfBucketError

          • Description: Requesting the torrent file of a bucket is not permitted.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: SignatureDoesNotMatch

          • Description: The request signature we calculated does not match the signature you provided. Check your Amazon Web Services secret access key and signing method. For more information, seeREST Authentication andSOAP Authentication for details.

          • HTTP Status Code: 403 Forbidden

          • SOAP Fault Code Prefix: Client

        • • Code: ServiceUnavailable

          • Description: Service is unable to handle request.

          • HTTP Status Code: 503 Service Unavailable

          • SOAP Fault Code Prefix: Server

        • • Code: SlowDown

          • Description: Reduce your request rate.

          • HTTP Status Code: 503 Slow Down

          • SOAP Fault Code Prefix: Server

        • • Code: TemporaryRedirect

          • Description: You are being redirected to the bucket while DNS updates.

          • HTTP Status Code: 307 Moved Temporarily

          • SOAP Fault Code Prefix: Client

        • • Code: TokenRefreshRequired

          • Description: The provided token must be refreshed.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: TooManyBuckets

          • Description: You have attempted to create more buckets than allowed.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: UnexpectedContent

          • Description: This request does not support content.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: UnresolvableGrantByEmailAddress

          • Description: The email address you provided does not match any account on record.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

        • • Code: UserKeyMustBeSpecified

          • Description: The bucket POST must contain the specified field name. If it is specified, check the order of the fields.

          • HTTP Status Code: 400 Bad Request

          • SOAP Fault Code Prefix: Client

      • Message — (String)

        The error message contains a generic description of the error condition in English. It is intended for a human audience. Simple programs display the message directly to the end user if they encounter an error condition they don't know how or don't care to handle. Sophisticated programs with more exhaustive error handling and proper internationalization are more likely to ignore the error message.