aws-sdk-transfer 1.16.0 → 1.21.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: a3cd7c542cb28a93bf0941b472319129cc139f56
-  data.tar.gz: 57a2ed8cc1a05c0eefa50492a1f4254348aac9d3
+SHA256:
+  metadata.gz: 67a0c6b2bf618b9a8b340f195400c14b6e421127dd8685ee7378e717d3def22d
+  data.tar.gz: aa5b8280984fc5a26d203eee779be235dedbe519e10884a510fba4173bec12c6
 SHA512:
-  metadata.gz: 62ddd3eab3a8ee29c2fb1c47ad22a03e89d290b7ef07d30e85606aad5d37972383ebb09bda13c7341cffcd0f6b9492043f40302dd6bd15b02fb82ea90e5ca423
-  data.tar.gz: 00ba9c719d7aee275596b10ed2dbf6ed5e1b447b140b28d3038fe3e6c733ab7c4a834d7b9a3cfdc2ca64024507f129027ba138464119266820e76b673b7fee67
+  metadata.gz: df790f8da05a6e03ad6820ef5820c3255766e0665796f621182aea1a544ff8f6fb43fb634331a3af4fb97048045db4aef8a36c4deae8b0a46c9cf36a830d4dd8
+  data.tar.gz: f85dde748a522956bfe04dc61debbc644e8e78d0e56549b901302e62ae60da1271e35a9b5687f27177838176167ca1e98471d770ecdd4b3eda6ffcf65cc10e45

data/lib/aws-sdk-transfer.rb

@@ -15,7 +15,7 @@ require_relative 'aws-sdk-transfer/errors'
 require_relative 'aws-sdk-transfer/resource'
 require_relative 'aws-sdk-transfer/customizations'
 
-# This module provides support for AWS Transfer for SFTP. This module is available in the
+# This module provides support for AWS Transfer Family. This module is available in the
 # `aws-sdk-transfer` gem.
 #
 # # Client
@@ -24,17 +24,20 @@ require_relative 'aws-sdk-transfer/customizations'
 # methods each accept a hash of request parameters and return a response
 # structure.
 #
+#     transfer = Aws::Transfer::Client.new
+#     resp = transfer.create_server(params)
+#
 # See {Client} for more information.
 #
 # # Errors
 #
-# Errors returned from AWS Transfer for SFTP all
-# extend {Errors::ServiceError}.
+# Errors returned from AWS Transfer Family are defined in the
+# {Errors} module and all extend {Errors::ServiceError}.
 #
 #     begin
 #       # do stuff
 #     rescue Aws::Transfer::Errors::ServiceError
-#       # rescues all service API errors
+#       # rescues all AWS Transfer Family API errors
 #     end
 #
 # See {Errors} for more information.
@@ -42,6 +45,6 @@ require_relative 'aws-sdk-transfer/customizations'
 # @service
 module Aws::Transfer
 
-  GEM_VERSION = '1.16.0'
+  GEM_VERSION = '1.21.0'
 
 end

data/lib/aws-sdk-transfer/client.rb

@@ -30,6 +30,18 @@ require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
 Aws::Plugins::GlobalConfiguration.add_identifier(:transfer)
 
 module Aws::Transfer
+  # An API client for Transfer.  To construct a client, you need to configure a `:region` and `:credentials`.
+  #
+  #     client = Aws::Transfer::Client.new(
+  #       region: region_name,
+  #       credentials: credentials,
+  #       # ...
+  #     )
+  #
+  # For details on configuring region and credentials see
+  # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
+  #
+  # See {#initialize} for a full list of supported configuration options.
   class Client < Seahorse::Client::Base
 
     include Aws::ClientStubs
@@ -93,7 +105,7 @@ module Aws::Transfer
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
     #     used to determine the service `:endpoint`. When not passed,
-    #     a default `:region` is search for in the following locations:
+    #     a default `:region` is searched for in the following locations:
     #
     #     * `Aws.config[:region]`
     #     * `ENV['AWS_REGION']`
@@ -108,6 +120,12 @@ module Aws::Transfer
     #     When set to `true`, a thread polling for endpoints will be running in
     #     the background every 60 secs (default). Defaults to `false`.
     #
+    #   @option options [Boolean] :adaptive_retry_wait_to_fill (true)
+    #     Used only in `adaptive` retry mode.  When true, the request will sleep
+    #     until there is sufficent client side capacity to retry the request.
+    #     When false, the request will raise a `RetryCapacityNotAvailableError` and will
+    #     not retry instead of sleeping.
+    #
     #   @option options [Boolean] :client_side_monitoring (false)
     #     When `true`, client-side metrics will be collected for all API requests from
     #     this client.
@@ -132,6 +150,10 @@ module Aws::Transfer
     #     When `true`, an attempt is made to coerce request parameters into
     #     the required types.
     #
+    #   @option options [Boolean] :correct_clock_skew (true)
+    #     Used only in `standard` and adaptive retry modes. Specifies whether to apply
+    #     a clock skew correction and retry requests with skewed client clocks.
+    #
     #   @option options [Boolean] :disable_host_prefix_injection (false)
     #     Set to true to disable SDK automatically adding host prefix
     #     to default service endpoint when available.
@@ -139,7 +161,7 @@ module Aws::Transfer
     #   @option options [String] :endpoint
     #     The client endpoint is normally constructed from the `:region`
     #     option. You should only configure an `:endpoint` when connecting
-    #     to test endpoints. This should be avalid HTTP(S) URI.
+    #     to test endpoints. This should be a valid HTTP(S) URI.
     #
     #   @option options [Integer] :endpoint_cache_max_entries (1000)
     #     Used for the maximum size limit of the LRU cache storing endpoints data
@@ -154,7 +176,7 @@ module Aws::Transfer
     #     requests fetching endpoints information. Defaults to 60 sec.
     #
     #   @option options [Boolean] :endpoint_discovery (false)
-    #     When set to `true`, endpoint discovery will be enabled for operations when available. Defaults to `false`.
+    #     When set to `true`, endpoint discovery will be enabled for operations when available.
     #
     #   @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
     #     The log formatter.
@@ -166,15 +188,29 @@ module Aws::Transfer
     #     The Logger instance to send log messages to.  If this option
     #     is not set, logging will be disabled.
     #
+    #   @option options [Integer] :max_attempts (3)
+    #     An integer representing the maximum number attempts that will be made for
+    #     a single request, including the initial attempt.  For example,
+    #     setting this value to 5 will result in a request being retried up to
+    #     4 times. Used in `standard` and `adaptive` retry modes.
+    #
     #   @option options [String] :profile ("default")
     #     Used when loading credentials from the shared credentials file
     #     at HOME/.aws/credentials.  When not specified, 'default' is used.
     #
+    #   @option options [Proc] :retry_backoff
+    #     A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
+    #     This option is only used in the `legacy` retry mode.
+    #
     #   @option options [Float] :retry_base_delay (0.3)
-    #     The base delay in seconds used by the default backoff function.
+    #     The base delay in seconds used by the default backoff function. This option
+    #     is only used in the `legacy` retry mode.
     #
     #   @option options [Symbol] :retry_jitter (:none)
-    #     A delay randomiser function used by the default backoff function. Some predefined functions can be referenced by name - :none, :equal, :full, otherwise a Proc that takes and returns a number.
+    #     A delay randomiser function used by the default backoff function.
+    #     Some predefined functions can be referenced by name - :none, :equal, :full,
+    #     otherwise a Proc that takes and returns a number. This option is only used
+    #     in the `legacy` retry mode.
     #
     #     @see https://www.awsarchitectureblog.com/2015/03/backoff.html
     #
@@ -182,11 +218,30 @@ module Aws::Transfer
     #     The maximum number of times to retry failed requests.  Only
     #     ~ 500 level server errors and certain ~ 400 level client errors
     #     are retried.  Generally, these are throttling errors, data
-    #     checksum errors, networking errors, timeout errors and auth
-    #     errors from expired credentials.
+    #     checksum errors, networking errors, timeout errors, auth errors,
+    #     endpoint discovery, and errors from expired credentials.
+    #     This option is only used in the `legacy` retry mode.
     #
     #   @option options [Integer] :retry_max_delay (0)
-    #     The maximum number of seconds to delay between retries (0 for no limit) used by the default backoff function.
+    #     The maximum number of seconds to delay between retries (0 for no limit)
+    #     used by the default backoff function. This option is only used in the
+    #     `legacy` retry mode.
+    #
+    #   @option options [String] :retry_mode ("legacy")
+    #     Specifies which retry algorithm to use. Values are:
+    #
+    #     * `legacy` - The pre-existing retry behavior.  This is default value if
+    #       no retry mode is provided.
+    #
+    #     * `standard` - A standardized set of retry rules across the AWS SDKs.
+    #       This includes support for retry quotas, which limit the number of
+    #       unsuccessful retries a client can make.
+    #
+    #     * `adaptive` - An experimental retry mode that includes all the
+    #       functionality of `standard` mode along with automatic client side
+    #       throttling.  This is a provisional mode that may change behavior
+    #       in the future.
+    #
     #
     #   @option options [String] :secret_access_key
     #
@@ -219,16 +274,15 @@ module Aws::Transfer
     #     requests through.  Formatted like 'http://proxy.com:123'.
     #
     #   @option options [Float] :http_open_timeout (15) The number of
-    #     seconds to wait when opening a HTTP session before rasing a
+    #     seconds to wait when opening a HTTP session before raising a
     #     `Timeout::Error`.
     #
     #   @option options [Integer] :http_read_timeout (60) The default
     #     number of seconds to wait for response data.  This value can
-    #     safely be set
-    #     per-request on the session yeidled by {#session_for}.
+    #     safely be set per-request on the session.
     #
     #   @option options [Float] :http_idle_timeout (5) The number of
-    #     seconds a connection is allowed to sit idble before it is
+    #     seconds a connection is allowed to sit idle before it is
     #     considered stale.  Stale connections are closed and removed
     #     from the pool before making a request.
     #
@@ -237,7 +291,7 @@ module Aws::Transfer
     #     request body.  This option has no effect unless the request has
     #     "Expect" header set to "100-continue".  Defaults to `nil` which
     #     disables this behaviour.  This value can safely be set per
-    #     request on the session yeidled by {#session_for}.
+    #     request on the session.
     #
     #   @option options [Boolean] :http_wire_trace (false) When `true`,
     #     HTTP debug output will be sent to the `:logger`.
@@ -264,58 +318,140 @@ module Aws::Transfer
 
     # @!group API Operations
 
-    # Instantiates an autoscaling virtual server based on Secure File
-    # Transfer Protocol (SFTP) in AWS. When you make updates to your server
-    # or when you work with users, use the service-generated `ServerId`
-    # property that is assigned to the newly created server.
+    # Instantiates an autoscaling virtual server based on the selected file
+    # transfer protocol in AWS. When you make updates to your file transfer
+    # protocol-enabled server or when you work with users, use the
+    # service-generated `ServerId` property that is assigned to the newly
+    # created server.
+    #
+    # @option params [String] :certificate
+    #   The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM)
+    #   certificate. Required when `Protocols` is set to `FTPS`.
+    #
+    #   To request a new public certificate, see [Request a public
+    #   certificate][1] in the <i> AWS Certificate Manager User Guide</i>.
+    #
+    #   To import an existing certificate into ACM, see [Importing
+    #   certificates into ACM][2] in the <i> AWS Certificate Manager User
+    #   Guide</i>.
+    #
+    #   To request a private certificate to use FTPS through private IP
+    #   addresses, see [Request a private certificate][3] in the <i> AWS
+    #   Certificate Manager User Guide</i>.
+    #
+    #   Certificates with the following cryptographic algorithms and key sizes
+    #   are supported:
+    #
+    #   * 2048-bit RSA (RSA\_2048)
+    #
+    #   * 4096-bit RSA (RSA\_4096)
+    #
+    #   * Elliptic Prime Curve 256 bit (EC\_prime256v1)
+    #
+    #   * Elliptic Prime Curve 384 bit (EC\_secp384r1)
+    #
+    #   * Elliptic Prime Curve 521 bit (EC\_secp521r1)
+    #
+    #   <note markdown="1"> The certificate must be a valid SSL/TLS X.509 version 3 certificate
+    #   with FQDN or IP address specified and information about the issuer.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
+    #   [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
+    #   [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html
     #
     # @option params [Types::EndpointDetails] :endpoint_details
     #   The virtual private cloud (VPC) endpoint settings that are configured
-    #   for your SFTP server. With a VPC endpoint, you can restrict access to
-    #   your SFTP server to resources only within your VPC. To control
-    #   incoming internet traffic, you will need to invoke the `UpdateServer`
-    #   API and attach an Elastic IP to your server's endpoint.
+    #   for your file transfer protocol-enabled server. When you host your
+    #   endpoint within your VPC, you can make it accessible only to resources
+    #   within your VPC, or you can attach Elastic IPs and make it accessible
+    #   to clients over the internet. Your VPC's default security groups are
+    #   automatically assigned to your endpoint.
     #
     # @option params [String] :endpoint_type
-    #   The type of VPC endpoint that you want your SFTP server to connect to.
-    #   You can choose to connect to the public internet or a virtual private
-    #   cloud (VPC) endpoint. With a VPC endpoint, you can restrict access to
-    #   your SFTP server and resources only within your VPC.
+    #   The type of VPC endpoint that you want your file transfer
+    #   protocol-enabled server to connect to. You can choose to connect to
+    #   the public internet or a VPC endpoint. With a VPC endpoint, you can
+    #   restrict access to your server and resources only within your VPC.
+    #
+    #   <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With this
+    #   endpoint type, you have the option to directly associate up to three
+    #   Elastic IPv4 addresses (BYO IP included) with your server's endpoint
+    #   and use VPC security groups to restrict traffic by the client's
+    #   public IP address. This is not possible with `EndpointType` set to
+    #   `VPC_ENDPOINT`.
+    #
+    #    </note>
     #
     # @option params [String] :host_key
-    #   The RSA private key as generated by the `ssh-keygen -N "" -f
+    #   The RSA private key as generated by the `ssh-keygen -N "" -m PEM -f
     #   my-new-server-key` command.
     #
     #   If you aren't planning to migrate existing users from an existing
-    #   SFTP server to a new AWS SFTP server, don't update the host key.
+    #   SFTP-enabled server to a new server, don't update the host key.
     #   Accidentally changing a server's host key can be disruptive.
     #
-    #   For more information, see
-    #   "https://alpha-docs-aws.amazon.com/transfer/latest/userguide/configuring-servers.html#change-host-key"
-    #   in the *AWS SFTP User Guide.*
+    #   For more information, see [Change the host key for your SFTP-enabled
+    #   server][1] in the *AWS Transfer Family User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key
     #
     # @option params [Types::IdentityProviderDetails] :identity_provider_details
-    #   This parameter is required when the `IdentityProviderType` is set to
-    #   `API_GATEWAY`. Accepts an array containing all of the information
-    #   required to call a customer-supplied authentication API, including the
-    #   API Gateway URL. This property is not required when the
-    #   `IdentityProviderType` is set to `SERVICE_MANAGED`.
+    #   Required when `IdentityProviderType` is set to `API_GATEWAY`. Accepts
+    #   an array containing all of the information required to call a
+    #   customer-supplied authentication API, including the API Gateway URL.
+    #   Not required when `IdentityProviderType` is set to `SERVICE_MANAGED`.
     #
     # @option params [String] :identity_provider_type
-    #   Specifies the mode of authentication for the SFTP server. The default
-    #   value is `SERVICE_MANAGED`, which allows you to store and access SFTP
-    #   user credentials within the AWS Transfer for SFTP service. Use the
-    #   `API_GATEWAY` value to integrate with an identity provider of your
-    #   choosing. The `API_GATEWAY` setting requires you to provide an API
-    #   Gateway endpoint URL to call for authentication using the
-    #   `IdentityProviderDetails` parameter.
+    #   Specifies the mode of authentication for a file transfer
+    #   protocol-enabled server. The default value is `SERVICE_MANAGED`, which
+    #   allows you to store and access user credentials within the AWS
+    #   Transfer Family service. Use the `API_GATEWAY` value to integrate with
+    #   an identity provider of your choosing. The `API_GATEWAY` setting
+    #   requires you to provide an API Gateway endpoint URL to call for
+    #   authentication using the `IdentityProviderDetails` parameter.
     #
     # @option params [String] :logging_role
-    #   A value that allows the service to write your SFTP users' activity to
-    #   your Amazon CloudWatch logs for monitoring and auditing purposes.
+    #   Allows the service to write your users' activity to your Amazon
+    #   CloudWatch logs for monitoring and auditing purposes.
+    #
+    # @option params [Array<String>] :protocols
+    #   Specifies the file transfer protocol or protocols over which your file
+    #   transfer protocol client can connect to your server's endpoint. The
+    #   available protocols are:
+    #
+    #   * `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer
+    #     over SSH
+    #
+    #   * `FTPS` (File Transfer Protocol Secure): File transfer with TLS
+    #     encryption
+    #
+    #   * `FTP` (File Transfer Protocol): Unencrypted file transfer
+    #
+    #   <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in AWS
+    #   Certificate Manager (ACM) which will be used to identify your server
+    #   when clients connect to it over FTPS.
+    #
+    #    If `Protocol` includes either `FTP` or `FTPS`, then the `EndpointType`
+    #   must be `VPC` and the `IdentityProviderType` must be `API_GATEWAY`.
+    #
+    #    If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
+    #   associated.
+    #
+    #    If `Protocol` is set only to `SFTP`, the `EndpointType` can be set to
+    #   `PUBLIC` and the `IdentityProviderType` can be set to
+    #   `SERVICE_MANAGED`.
+    #
+    #    </note>
     #
     # @option params [Array<Types::Tag>] :tags
-    #   Key-value pairs that can be used to group and search for servers.
+    #   Key-value pairs that can be used to group and search for file transfer
+    #   protocol-enabled servers.
     #
     # @return [Types::CreateServerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -324,6 +460,7 @@ module Aws::Transfer
     # @example Request syntax with placeholder values
     #
     #   resp = client.create_server({
+    #     certificate: "Certificate",
     #     endpoint_details: {
     #       address_allocation_ids: ["AddressAllocationId"],
     #       subnet_ids: ["SubnetId"],
@@ -338,6 +475,7 @@ module Aws::Transfer
     #     },
     #     identity_provider_type: "SERVICE_MANAGED", # accepts SERVICE_MANAGED, API_GATEWAY
     #     logging_role: "Role",
+    #     protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
     #     tags: [
     #       {
     #         key: "TagKey", # required
@@ -359,54 +497,57 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Creates a user and associates them with an existing Secure File
-    # Transfer Protocol (SFTP) server. You can only create and associate
-    # users with SFTP servers that have the `IdentityProviderType` set to
-    # `SERVICE_MANAGED`. Using parameters for `CreateUser`, you can specify
-    # the user name, set the home directory, store the user's public key,
-    # and assign the user's AWS Identity and Access Management (IAM) role.
-    # You can also optionally add a scope-down policy, and assign metadata
-    # with tags that can be used to group and search for users.
+    # Creates a user and associates them with an existing file transfer
+    # protocol-enabled server. You can only create and associate users with
+    # servers that have the `IdentityProviderType` set to `SERVICE_MANAGED`.
+    # Using parameters for `CreateUser`, you can specify the user name, set
+    # the home directory, store the user's public key, and assign the
+    # user's AWS Identity and Access Management (IAM) role. You can also
+    # optionally add a scope-down policy, and assign metadata with tags that
+    # can be used to group and search for users.
     #
     # @option params [String] :home_directory
-    #   The landing directory (folder) for a user when they log in to the
-    #   server using their SFTP client.
+    #   The landing directory (folder) for a user when they log in to the file
+    #   transfer protocol-enabled server using the client.
     #
-    #   An example is &lt;`your-Amazon-S3-bucket-name>/home/username`.
+    #   An example is <i>
+    #   <code>your-Amazon-S3-bucket-name&gt;/home/username</code> </i>.
     #
     # @option params [String] :home_directory_type
     #   The type of landing directory (folder) you want your users' home
-    #   directory to be when they log into the SFTP server. If you set it to
-    #   `PATH`, the user will see the absolute Amazon S3 bucket paths as is in
-    #   their SFTP clients. If you set it `LOGICAL`, you will need to provide
-    #   mappings in the `HomeDirectoryMappings` for how you want to make S3
-    #   paths visible to your user.
+    #   directory to be when they log into the file transfer protocol-enabled
+    #   server. If you set it to `PATH`, the user will see the absolute Amazon
+    #   S3 bucket paths as is in their file transfer protocol clients. If you
+    #   set it `LOGICAL`, you will need to provide mappings in the
+    #   `HomeDirectoryMappings` for how you want to make Amazon S3 paths
+    #   visible to your users.
     #
     # @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
-    #   Logical directory mappings that specify what S3 paths and keys should
-    #   be visible to your user and how you want to make them visible. You
-    #   will need to specify the "`Entry`" and "`Target`" pair, where
+    #   Logical directory mappings that specify what Amazon S3 paths and keys
+    #   should be visible to your user and how you want to make them visible.
+    #   You will need to specify the "`Entry`" and "`Target`" pair, where
     #   `Entry` shows how the path is made visible and `Target` is the actual
-    #   S3 path. If you only specify a target, it will be displayed as is. You
-    #   will need to also make sure that your AWS IAM Role provides access to
-    #   paths in `Target`. The following is an example.
+    #   Amazon S3 path. If you only specify a target, it will be displayed as
+    #   is. You will need to also make sure that your IAM role provides access
+    #   to paths in `Target`. The following is an example.
     #
     #   `'[ "/bucket2/documentation", \{ "Entry": "your-personal-report.pdf",
     #   "Target": "/bucket3/customized-reports/$\{transfer:UserName\}.pdf" \}
     #   ]'`
     #
-    #   In most cases, you can use this value instead of the scope down policy
+    #   In most cases, you can use this value instead of the scope-down policy
     #   to lock your user down to the designated home directory ("chroot").
     #   To do this, you can set `Entry` to '/' and set `Target` to the
     #   HomeDirectory parameter value.
     #
-    #   <note markdown="1"> If the target of a logical directory entry does not exist in S3, the
-    #   entry will be ignored. As a workaround, you can use the S3 api to
-    #   create 0 byte objects as place holders for your directory. If using
-    #   the CLI, use the s3api call instead of s3 so you can use the
-    #   put-object operation. For example, you use the following: `aws s3api
-    #   put-object --bucket bucketname --key path/to/folder/`. Make sure that
-    #   the end of the key name ends in a / for it to be considered a folder.
+    #   <note markdown="1"> If the target of a logical directory entry does not exist in Amazon
+    #   S3, the entry will be ignored. As a workaround, you can use the Amazon
+    #   S3 api to create 0 byte objects as place holders for your directory.
+    #   If using the CLI, use the `s3api` call instead of `s3` so you can use
+    #   the put-object operation. For example, you use the following: `aws
+    #   s3api put-object --bucket bucketname --key path/to/folder/`. Make sure
+    #   that the end of the key name ends in a '/' for it to be considered a
+    #   folder.
     #
     #    </note>
     #
@@ -417,47 +558,52 @@ module Aws::Transfer
     #   policy include `$\{Transfer:UserName\}`,
     #   `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
     #
-    #   <note markdown="1"> For scope-down policies, AWS Transfer for SFTP stores the policy as a
+    #   <note markdown="1"> For scope-down policies, AWS Transfer Family stores the policy as a
     #   JSON blob, instead of the Amazon Resource Name (ARN) of the policy.
     #   You save the policy as a JSON blob and pass it in the `Policy`
     #   argument.
     #
-    #    For an example of a scope-down policy, see
-    #   "https://docs.aws.amazon.com/transfer/latest/userguide/users.html#users-policies-scope-down"&gt;Creating
-    #   a Scope-Down Policy.
+    #    For an example of a scope-down policy, see [Creating a scope-down
+    #   policy][1].
     #
-    #    For more information, see
-    #   "https://docs.aws.amazon.com/STS/latest/APIReference/API\_AssumeRole.html"
-    #   in the *AWS Security Token Service API Reference*.
+    #    For more information, see [AssumeRole][2] in the *AWS Security Token
+    #   Service API Reference*.
     #
     #    </note>
     #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/transfer/latest/userguide/users.html#users-policies-scope-down
+    #   [2]: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
+    #
     # @option params [required, String] :role
-    #   The IAM role that controls your user's access to your Amazon S3
+    #   The IAM role that controls your users' access to your Amazon S3
     #   bucket. The policies attached to this role will determine the level of
     #   access you want to provide your users when transferring files into and
     #   out of your Amazon S3 bucket or buckets. The IAM role should also
-    #   contain a trust relationship that allows the SFTP server to access
-    #   your resources when servicing your SFTP user's transfer requests.
+    #   contain a trust relationship that allows the file transfer
+    #   protocol-enabled server to access your resources when servicing your
+    #   users' transfer requests.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for an SFTP server instance. This
-    #   is the specific SFTP server that you added your user to.
+    #   A system-assigned unique identifier for a file transfer
+    #   protocol-enabled server instance. This is the specific server that you
+    #   added your user to.
     #
     # @option params [String] :ssh_public_key_body
     #   The public portion of the Secure Shell (SSH) key used to authenticate
-    #   the user to the SFTP server.
+    #   the user to the file transfer protocol-enabled server.
     #
     # @option params [Array<Types::Tag>] :tags
     #   Key-value pairs that can be used to group and search for users. Tags
     #   are metadata attached to users for any purpose.
     #
     # @option params [required, String] :user_name
-    #   A unique string that identifies a user and is associated with a server
-    #   as specified by the `ServerId`. This user name must be a minimum of 3
-    #   and a maximum of 32 characters long. The following are valid
-    #   characters: a-z, A-Z, 0-9, underscore, and hyphen. The user name
-    #   can't start with a hyphen.
+    #   A unique string that identifies a user and is associated with a file
+    #   transfer protocol-enabled server as specified by the `ServerId`. This
+    #   user name must be a minimum of 3 and a maximum of 32 characters long.
+    #   The following are valid characters: a-z, A-Z, 0-9, underscore, and
+    #   hyphen. The user name can't start with a hyphen.
     #
     # @return [Types::CreateUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -502,13 +648,13 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Deletes the Secure File Transfer Protocol (SFTP) server that you
-    # specify.
+    # Deletes the file transfer protocol-enabled server that you specify.
     #
     # No response returns from this operation.
     #
     # @option params [required, String] :server_id
-    #   A unique system-assigned identifier for an SFTP server instance.
+    #   A unique system-assigned identifier for a file transfer
+    #   protocol-enabled server instance.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -532,8 +678,8 @@ module Aws::Transfer
     # No response is returned from this operation.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for a Secure File Transfer
-    #   Protocol (SFTP) server instance that has the user assigned to it.
+    #   A system-assigned unique identifier for a file transfer
+    #   protocol-enabled server instance that has the user assigned to it.
     #
     # @option params [required, String] :ssh_public_key_id
     #   A unique identifier used to reference your user's specific SSH key.
@@ -561,7 +707,8 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Deletes the user belonging to the server you specify.
+    # Deletes the user belonging to a file transfer protocol-enabled server
+    # you specify.
     #
     # No response returns from this operation.
     #
@@ -570,12 +717,12 @@ module Aws::Transfer
     #  </note>
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for an SFTP server instance that
-    #   has the user assigned to it.
+    #   A system-assigned unique identifier for a file transfer
+    #   protocol-enabled server instance that has the user assigned to it.
     #
     # @option params [required, String] :user_name
-    #   A unique string that identifies a user that is being deleted from the
-    #   server.
+    #   A unique string that identifies a user that is being deleted from a
+    #   file transfer protocol-enabled server.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -595,15 +742,16 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Describes the server that you specify by passing the `ServerId`
-    # parameter.
+    # Describes a file transfer protocol-enabled server that you specify by
+    # passing the `ServerId` parameter.
     #
-    # The response contains a description of the server's properties. When
+    # The response contains a description of a server's properties. When
     # you set `EndpointType` to VPC, the response will contain the
     # `EndpointDetails`.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for an SFTP server.
+    #   A system-assigned unique identifier for a file transfer
+    #   protocol-enabled server.
     #
     # @return [Types::DescribeServerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -618,6 +766,7 @@ module Aws::Transfer
     # @example Response structure
     #
     #   resp.server.arn #=> String
+    #   resp.server.certificate #=> String
     #   resp.server.endpoint_details.address_allocation_ids #=> Array
     #   resp.server.endpoint_details.address_allocation_ids[0] #=> String
     #   resp.server.endpoint_details.subnet_ids #=> Array
@@ -630,6 +779,8 @@ module Aws::Transfer
     #   resp.server.identity_provider_details.invocation_role #=> String
     #   resp.server.identity_provider_type #=> String, one of "SERVICE_MANAGED", "API_GATEWAY"
     #   resp.server.logging_role #=> String
+    #   resp.server.protocols #=> Array
+    #   resp.server.protocols[0] #=> String, one of "SFTP", "FTP", "FTPS"
     #   resp.server.server_id #=> String
     #   resp.server.state #=> String, one of "OFFLINE", "ONLINE", "STARTING", "STOPPING", "START_FAILED", "STOP_FAILED"
     #   resp.server.tags #=> Array
@@ -646,20 +797,21 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Describes the user assigned to a specific server, as identified by its
-    # `ServerId` property.
+    # Describes the user assigned to the specific file transfer
+    # protocol-enabled server, as identified by its `ServerId` property.
     #
     # The response from this call returns the properties of the user
     # associated with the `ServerId` value that was specified.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for an SFTP server that has this
-    #   user assigned.
+    #   A system-assigned unique identifier for a file transfer
+    #   protocol-enabled server that has this user assigned.
     #
     # @option params [required, String] :user_name
-    #   The name of the user assigned to one or more servers. User names are
-    #   part of the sign-in credentials to use the AWS Transfer for SFTP
-    #   service and perform file transfer tasks.
+    #   The name of the user assigned to one or more file transfer
+    #   protocol-enabled servers. User names are part of the sign-in
+    #   credentials to use the AWS Transfer Family service and perform file
+    #   transfer tasks.
     #
     # @return [Types::DescribeUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -703,20 +855,22 @@ module Aws::Transfer
     end
 
     # Adds a Secure Shell (SSH) public key to a user account identified by a
-    # `UserName` value assigned to a specific server, identified by
-    # `ServerId`.
+    # `UserName` value assigned to the specific file transfer
+    # protocol-enabled server, identified by `ServerId`.
     #
     # The response returns the `UserName` value, the `ServerId` value, and
     # the name of the `SshPublicKeyId`.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for an SFTP server.
+    #   A system-assigned unique identifier for a file transfer
+    #   protocol-enabled server.
     #
     # @option params [required, String] :ssh_public_key_body
     #   The public key portion of an SSH key pair.
     #
     # @option params [required, String] :user_name
-    #   The name of the user account that is assigned to one or more servers.
+    #   The name of the user account that is assigned to one or more file
+    #   transfer protocol-enabled servers.
     #
     # @return [Types::ImportSshPublicKeyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -747,24 +901,26 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Lists the Secure File Transfer Protocol (SFTP) servers that are
-    # associated with your AWS account.
+    # Lists the file transfer protocol-enabled servers that are associated
+    # with your AWS account.
     #
     # @option params [Integer] :max_results
-    #   Specifies the number of servers to return as a response to the
-    #   `ListServers` query.
+    #   Specifies the number of file transfer protocol-enabled servers to
+    #   return as a response to the `ListServers` query.
     #
     # @option params [String] :next_token
-    #   When additional results are obtained from the `ListServers` command, a
+    #   When additional results are obtained from the`ListServers` command, a
     #   `NextToken` parameter is returned in the output. You can then pass the
     #   `NextToken` parameter in a subsequent command to continue listing
-    #   additional servers.
+    #   additional file transfer protocol-enabled servers.
     #
     # @return [Types::ListServersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::ListServersResponse#next_token #next_token} => String
     #   * {Types::ListServersResponse#servers #servers} => Array&lt;Types::ListedServer&gt;
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_servers({
@@ -817,6 +973,8 @@ module Aws::Transfer
     #   * {Types::ListTagsForResourceResponse#next_token #next_token} => String
     #   * {Types::ListTagsForResourceResponse#tags #tags} => Array&lt;Types::Tag&gt;
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_tags_for_resource({
@@ -842,8 +1000,8 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Lists the users for the server that you specify by passing the
-    # `ServerId` parameter.
+    # Lists the users for a file transfer protocol-enabled server that you
+    # specify by passing the `ServerId` parameter.
     #
     # @option params [Integer] :max_results
     #   Specifies the number of users to return as a response to the
@@ -856,8 +1014,8 @@ module Aws::Transfer
     #   additional users.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for a Secure File Transfer
-    #   Protocol (SFTP) server that has users assigned to it.
+    #   A system-assigned unique identifier for a file transfer
+    #   protocol-enabled server that has users assigned to it.
     #
     # @return [Types::ListUsersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -865,6 +1023,8 @@ module Aws::Transfer
     #   * {Types::ListUsersResponse#server_id #server_id} => String
     #   * {Types::ListUsersResponse#users #users} => Array&lt;Types::ListedUser&gt;
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_users({
@@ -894,10 +1054,10 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Changes the state of a Secure File Transfer Protocol (SFTP) server
-    # from `OFFLINE` to `ONLINE`. It has no impact on an SFTP server that is
-    # already `ONLINE`. An `ONLINE` server can accept and process file
-    # transfer jobs.
+    # Changes the state of a file transfer protocol-enabled server from
+    # `OFFLINE` to `ONLINE`. It has no impact on a server that is already
+    # `ONLINE`. An `ONLINE` server can accept and process file transfer
+    # jobs.
     #
     # The state of `STARTING` indicates that the server is in an
     # intermediate state, either not fully able to respond, or not fully
@@ -906,7 +1066,8 @@ module Aws::Transfer
     # No response is returned from this call.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for an SFTP server that you start.
+    #   A system-assigned unique identifier for a file transfer
+    #   protocol-enabled server that you start.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -925,12 +1086,12 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Changes the state of an SFTP server from `ONLINE` to `OFFLINE`. An
-    # `OFFLINE` server cannot accept and process file transfer jobs.
-    # Information tied to your server such as server and user properties are
-    # not affected by stopping your server. Stopping a server will not
-    # reduce or impact your Secure File Transfer Protocol (SFTP) endpoint
-    # billing.
+    # Changes the state of a file transfer protocol-enabled server from
+    # `ONLINE` to `OFFLINE`. An `OFFLINE` server cannot accept and process
+    # file transfer jobs. Information tied to your server, such as server
+    # and user properties, are not affected by stopping your server.
+    # Stopping the server will not reduce or impact your file transfer
+    # protocol endpoint billing.
     #
     # The state of `STOPPING` indicates that the server is in an
     # intermediate state, either not fully able to respond, or not fully
@@ -939,8 +1100,8 @@ module Aws::Transfer
     # No response is returned from this call.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for an SFTP server that you
-    #   stopped.
+    #   A system-assigned unique identifier for a file transfer
+    #   protocol-enabled server that you stopped.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -997,19 +1158,34 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # If the `IdentityProviderType` of the server is `API_Gateway`, tests
-    # whether your API Gateway is set up successfully. We highly recommend
-    # that you call this operation to test your authentication method as
-    # soon as you create your server. By doing so, you can troubleshoot
-    # issues with the API Gateway integration to ensure that your users can
-    # successfully use the service.
+    # If the `IdentityProviderType` of a file transfer protocol-enabled
+    # server is `API_Gateway`, tests whether your API Gateway is set up
+    # successfully. We highly recommend that you call this operation to test
+    # your authentication method as soon as you create your server. By doing
+    # so, you can troubleshoot issues with the API Gateway integration to
+    # ensure that your users can successfully use the service.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned identifier for a specific server. That server's
-    #   user authentication method is tested with a user name and password.
+    #   A system-assigned identifier for a specific file transfer
+    #   protocol-enabled server. That server's user authentication method is
+    #   tested with a user name and password.
+    #
+    # @option params [String] :server_protocol
+    #   The type of file transfer protocol to be tested.
+    #
+    #   The available protocols are:
+    #
+    #   * Secure Shell (SSH) File Transfer Protocol (SFTP)
+    #
+    #   * File Transfer Protocol Secure (FTPS)
+    #
+    #   * File Transfer Protocol (FTP)
+    #
+    # @option params [String] :source_ip
+    #   The source IP address of the user account to be tested.
     #
     # @option params [required, String] :user_name
-    #   This request parameter is the name of the user account to be tested.
+    #   The name of the user account to be tested.
     #
     # @option params [String] :user_password
     #   The password of the user account to be tested.
@@ -1025,6 +1201,8 @@ module Aws::Transfer
     #
     #   resp = client.test_identity_provider({
     #     server_id: "ServerId", # required
+    #     server_protocol: "SFTP", # accepts SFTP, FTP, FTPS
+    #     source_ip: "SourceIp",
     #     user_name: "UserName", # required
     #     user_password: "UserPassword",
     #   })
@@ -1052,9 +1230,9 @@ module Aws::Transfer
     # No response is returned from this call.
     #
     # @option params [required, String] :arn
-    #   This is the value of the resource that will have the tag removed. An
-    #   Amazon Resource Name (ARN) is an identifier for a specific AWS
-    #   resource, such as a server, user, or role.
+    #   The value of the resource that will have the tag removed. An Amazon
+    #   Resource Name (ARN) is an identifier for a specific AWS resource, such
+    #   as a server, user, or role.
     #
     # @option params [required, Array<String>] :tag_keys
     #   TagKeys are key-value pairs assigned to ARNs that can be used to group
@@ -1079,48 +1257,130 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Updates the server properties after that server has been created.
+    # Updates the file transfer protocol-enabled server's properties after
+    # that server has been created.
+    #
+    # The `UpdateServer` call returns the `ServerId` of the server you
+    # updated.
+    #
+    # @option params [String] :certificate
+    #   The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM)
+    #   certificate. Required when `Protocols` is set to `FTPS`.
+    #
+    #   To request a new public certificate, see [Request a public
+    #   certificate][1] in the <i> AWS Certificate Manager User Guide</i>.
+    #
+    #   To import an existing certificate into ACM, see [Importing
+    #   certificates into ACM][2] in the <i> AWS Certificate Manager User
+    #   Guide</i>.
+    #
+    #   To request a private certificate to use FTPS through private IP
+    #   addresses, see [Request a private certificate][3] in the <i> AWS
+    #   Certificate Manager User Guide</i>.
+    #
+    #   Certificates with the following cryptographic algorithms and key sizes
+    #   are supported:
+    #
+    #   * 2048-bit RSA (RSA\_2048)
+    #
+    #   * 4096-bit RSA (RSA\_4096)
+    #
+    #   * Elliptic Prime Curve 256 bit (EC\_prime256v1)
+    #
+    #   * Elliptic Prime Curve 384 bit (EC\_secp384r1)
+    #
+    #   * Elliptic Prime Curve 521 bit (EC\_secp521r1)
+    #
+    #   <note markdown="1"> The certificate must be a valid SSL/TLS X.509 version 3 certificate
+    #   with FQDN or IP address specified and information about the issuer.
+    #
+    #    </note>
     #
-    # The `UpdateServer` call returns the `ServerId` of the Secure File
-    # Transfer Protocol (SFTP) server you updated.
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
+    #   [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
+    #   [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html
     #
     # @option params [Types::EndpointDetails] :endpoint_details
     #   The virtual private cloud (VPC) endpoint settings that are configured
-    #   for your SFTP server. With a VPC endpoint, you can restrict access to
-    #   your SFTP server to resources only within your VPC. To control
-    #   incoming internet traffic, you will need to associate one or more
-    #   Elastic IP addresses with your server's endpoint.
+    #   for your file transfer protocol-enabled server. With a VPC endpoint,
+    #   you can restrict access to your server to resources only within your
+    #   VPC. To control incoming internet traffic, you will need to associate
+    #   one or more Elastic IP addresses with your server's endpoint.
     #
     # @option params [String] :endpoint_type
-    #   The type of endpoint that you want your SFTP server to connect to. You
-    #   can choose to connect to the public internet or a virtual private
-    #   cloud (VPC) endpoint. With a VPC endpoint, your SFTP server isn't
-    #   accessible over the public internet.
+    #   The type of endpoint that you want your file transfer protocol-enabled
+    #   server to connect to. You can choose to connect to the public internet
+    #   or a VPC endpoint. With a VPC endpoint, you can restrict access to
+    #   your server and resources only within your VPC.
+    #
+    #   <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With this
+    #   endpoint type, you have the option to directly associate up to three
+    #   Elastic IPv4 addresses (BYO IP included) with your server's endpoint
+    #   and use VPC security groups to restrict traffic by the client's
+    #   public IP address. This is not possible with `EndpointType` set to
+    #   `VPC_ENDPOINT`.
+    #
+    #    </note>
     #
     # @option params [String] :host_key
-    #   The RSA private key as generated by `ssh-keygen -N "" -f
+    #   The RSA private key as generated by `ssh-keygen -N "" -m PEM -f
     #   my-new-server-key`.
     #
     #   If you aren't planning to migrate existing users from an existing
-    #   SFTP server to a new AWS SFTP server, don't update the host key.
-    #   Accidentally changing a server's host key can be disruptive.
+    #   file transfer protocol-enabled server to a new server, don't update
+    #   the host key. Accidentally changing a server's host key can be
+    #   disruptive.
+    #
+    #   For more information, see [Change the host key for your SFTP-enabled
+    #   server][1] in the *AWS Transfer Family User Guide*.
     #
-    #   For more information, see
-    #   "https://docs.aws.amazon.com/transfer/latest/userguide/configuring-servers.html#change-host-key"
-    #   in the *AWS SFTP User Guide.*
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key
     #
     # @option params [Types::IdentityProviderDetails] :identity_provider_details
-    #   This response parameter is an array containing all of the information
-    #   required to call a customer's authentication API method.
+    #   An array containing all of the information required to call a
+    #   customer's authentication API method.
     #
     # @option params [String] :logging_role
-    #   A value that changes the AWS Identity and Access Management (IAM) role
-    #   that allows Amazon S3 events to be logged in Amazon CloudWatch,
-    #   turning logging on or off.
+    #   Changes the AWS Identity and Access Management (IAM) role that allows
+    #   Amazon S3 events to be logged in Amazon CloudWatch, turning logging on
+    #   or off.
+    #
+    # @option params [Array<String>] :protocols
+    #   Specifies the file transfer protocol or protocols over which your file
+    #   transfer protocol client can connect to your server's endpoint. The
+    #   available protocols are:
+    #
+    #   * Secure Shell (SSH) File Transfer Protocol (SFTP): File transfer over
+    #     SSH
+    #
+    #   * File Transfer Protocol Secure (FTPS): File transfer with TLS
+    #     encryption
+    #
+    #   * File Transfer Protocol (FTP): Unencrypted file transfer
+    #
+    #   <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in AWS
+    #   Certificate Manager (ACM) which will be used to identify your server
+    #   when clients connect to it over FTPS.
+    #
+    #    If `Protocol` includes either `FTP` or `FTPS`, then the `EndpointType`
+    #   must be `VPC` and the `IdentityProviderType` must be `API_GATEWAY`.
+    #
+    #    If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
+    #   associated.
+    #
+    #    If `Protocol` is set only to `SFTP`, the `EndpointType` can be set to
+    #   `PUBLIC` and the `IdentityProviderType` can be set to
+    #   `SERVICE_MANAGED`.
+    #
+    #    </note>
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for an SFTP server instance that
-    #   the user account is assigned to.
+    #   A system-assigned unique identifier for a file transfer
+    #   protocol-enabled server instance that the user account is assigned to.
     #
     # @return [Types::UpdateServerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1129,6 +1389,7 @@ module Aws::Transfer
     # @example Request syntax with placeholder values
     #
     #   resp = client.update_server({
+    #     certificate: "Certificate",
     #     endpoint_details: {
     #       address_allocation_ids: ["AddressAllocationId"],
     #       subnet_ids: ["SubnetId"],
@@ -1142,6 +1403,7 @@ module Aws::Transfer
     #       invocation_role: "Role",
     #     },
     #     logging_role: "NullableRole",
+    #     protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
     #     server_id: "ServerId", # required
     #   })
     #
@@ -1166,90 +1428,95 @@ module Aws::Transfer
     # user.
     #
     # @option params [String] :home_directory
-    #   A parameter that specifies the landing directory (folder) for a user
-    #   when they log in to the server using their client.
+    #   Specifies the landing directory (folder) for a user when they log in
+    #   to the file transfer protocol-enabled server using their file transfer
+    #   protocol client.
     #
-    #   An example is `<your-Amazon-S3-bucket-name>/home/username`.
+    #   An example is `your-Amazon-S3-bucket-name>/home/username`.
     #
     # @option params [String] :home_directory_type
     #   The type of landing directory (folder) you want your users' home
-    #   directory to be when they log into the SFTP serve. If you set it to
-    #   `PATH`, the user will see the absolute Amazon S3 bucket paths as is in
-    #   their SFTP clients. If you set it `LOGICAL`, you will need to provide
-    #   mappings in the `HomeDirectoryMappings` for how you want to make S3
-    #   paths visible to your user.
+    #   directory to be when they log into the file transfer protocol-enabled
+    #   server. If you set it to `PATH`, the user will see the absolute Amazon
+    #   S3 bucket paths as is in their file transfer protocol clients. If you
+    #   set it `LOGICAL`, you will need to provide mappings in the
+    #   `HomeDirectoryMappings` for how you want to make Amazon S3 paths
+    #   visible to your users.
     #
     # @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
-    #   Logical directory mappings that specify what S3 paths and keys should
-    #   be visible to your user and how you want to make them visible. You
-    #   will need to specify the "`Entry`" and "`Target`" pair, where
+    #   Logical directory mappings that specify what Amazon S3 paths and keys
+    #   should be visible to your user and how you want to make them visible.
+    #   You will need to specify the "`Entry`" and "`Target`" pair, where
     #   `Entry` shows how the path is made visible and `Target` is the actual
-    #   S3 path. If you only specify a target, it will be displayed as is. You
-    #   will need to also make sure that your AWS IAM Role provides access to
-    #   paths in `Target`. The following is an example.
+    #   Amazon S3 path. If you only specify a target, it will be displayed as
+    #   is. You will need to also make sure that your IAM role provides access
+    #   to paths in `Target`. The following is an example.
     #
     #   `'[ "/bucket2/documentation", \{ "Entry": "your-personal-report.pdf",
     #   "Target": "/bucket3/customized-reports/$\{transfer:UserName\}.pdf" \}
     #   ]'`
     #
-    #   In most cases, you can use this value instead of the scope down policy
+    #   In most cases, you can use this value instead of the scope-down policy
     #   to lock your user down to the designated home directory ("chroot").
     #   To do this, you can set `Entry` to '/' and set `Target` to the
     #   HomeDirectory parameter value.
     #
-    #   <note markdown="1"> If the target of a logical directory entry does not exist in S3, the
-    #   entry will be ignored. As a workaround, you can use the S3 api to
-    #   create 0 byte objects as place holders for your directory. If using
-    #   the CLI, use the s3api call instead of s3 so you can use the
-    #   put-object operation. For example, you use the following: `aws s3api
-    #   put-object --bucket bucketname --key path/to/folder/`. Make sure that
-    #   the end of the key name ends in a / for it to be considered a folder.
+    #   <note markdown="1"> If the target of a logical directory entry does not exist in Amazon
+    #   S3, the entry will be ignored. As a workaround, you can use the Amazon
+    #   S3 api to create 0 byte objects as place holders for your directory.
+    #   If using the CLI, use the `s3api` call instead of `s3` so you can use
+    #   the put-object operation. For example, you use the following: `aws
+    #   s3api put-object --bucket bucketname --key path/to/folder/`. Make sure
+    #   that the end of the key name ends in a / for it to be considered a
+    #   folder.
     #
     #    </note>
     #
     # @option params [String] :policy
     #   Allows you to supply a scope-down policy for your user so you can use
-    #   the same AWS Identity and Access Management (IAM) role across multiple
-    #   users. The policy scopes down user access to portions of your Amazon
-    #   S3 bucket. Variables you can use inside this policy include
-    #   `$\{Transfer:UserName\}`, `$\{Transfer:HomeDirectory\}`, and
-    #   `$\{Transfer:HomeBucket\}`.
+    #   the same IAM role across multiple users. The policy scopes down user
+    #   access to portions of your Amazon S3 bucket. Variables you can use
+    #   inside this policy include `$\{Transfer:UserName\}`,
+    #   `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
     #
-    #   <note markdown="1"> For scope-down policies, AWS Transfer for SFTP stores the policy as a
+    #   <note markdown="1"> For scope-down policies, AWS Transfer Family stores the policy as a
     #   JSON blob, instead of the Amazon Resource Name (ARN) of the policy.
     #   You save the policy as a JSON blob and pass it in the `Policy`
     #   argument.
     #
-    #    For an example of a scope-down policy, see
-    #   "https://docs.aws.amazon.com/transfer/latest/userguide/users.html#users-policies-scope-down"&gt;Creating
-    #   a Scope-Down Policy.
+    #    For an example of a scope-down policy, see [Creating a scope-down
+    #   policy][1].
     #
-    #    For more information, see
-    #   "https://docs.aws.amazon.com/STS/latest/APIReference/API\_AssumeRole.html"
-    #   in the *AWS Security Token Service API Reference*.
+    #    For more information, see [AssumeRole][2] in the *AWS Security Token
+    #   Service API Reference*.
     #
     #    </note>
     #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/transfer/latest/userguide/users.html#users-policies-scope-down
+    #   [2]: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
+    #
     # @option params [String] :role
-    #   The IAM role that controls your user's access to your Amazon S3
+    #   The IAM role that controls your users' access to your Amazon S3
     #   bucket. The policies attached to this role will determine the level of
     #   access you want to provide your users when transferring files into and
     #   out of your Amazon S3 bucket or buckets. The IAM role should also
-    #   contain a trust relationship that allows the Secure File Transfer
-    #   Protocol (SFTP) server to access your resources when servicing your
-    #   SFTP user's transfer requests.
+    #   contain a trust relationship that allows the file transfer
+    #   protocol-enabled server to access your resources when servicing your
+    #   users' transfer requests.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for an SFTP server instance that
-    #   the user account is assigned to.
+    #   A system-assigned unique identifier for a file transfer
+    #   protocol-enabled server instance that the user account is assigned to.
     #
     # @option params [required, String] :user_name
-    #   A unique string that identifies a user and is associated with a server
-    #   as specified by the `ServerId`. This is the string that will be used
-    #   by your user when they log in to your SFTP server. This user name is a
-    #   minimum of 3 and a maximum of 32 characters long. The following are
-    #   valid characters: a-z, A-Z, 0-9, underscore, and hyphen. The user name
-    #   can't start with a hyphen.
+    #   A unique string that identifies a user and is associated with a file
+    #   transfer protocol-enabled server as specified by the `ServerId`. This
+    #   is the string that will be used by your user when they log in to your
+    #   server. This user name is a minimum of 3 and a maximum of 32
+    #   characters long. The following are valid characters: a-z, A-Z, 0-9,
+    #   underscore, and hyphen. The user name can't start with a hyphen.
     #
     # @return [Types::UpdateUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1300,7 +1567,7 @@ module Aws::Transfer
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-transfer'
-      context[:gem_version] = '1.16.0'
+      context[:gem_version] = '1.21.0'
       Seahorse::Client::Request.new(handlers, context)
     end