aws-sdk-transfer 1.16.0 → 1.21.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/lib/aws-sdk-transfer.rb +8 -5
- data/lib/aws-sdk-transfer/client.rb +491 -224
- data/lib/aws-sdk-transfer/client_api.rb +23 -1
- data/lib/aws-sdk-transfer/errors.rb +46 -8
- data/lib/aws-sdk-transfer/resource.rb +1 -0
- data/lib/aws-sdk-transfer/types.rb +625 -354
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 67a0c6b2bf618b9a8b340f195400c14b6e421127dd8685ee7378e717d3def22d
|
4
|
+
data.tar.gz: aa5b8280984fc5a26d203eee779be235dedbe519e10884a510fba4173bec12c6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: df790f8da05a6e03ad6820ef5820c3255766e0665796f621182aea1a544ff8f6fb43fb634331a3af4fb97048045db4aef8a36c4deae8b0a46c9cf36a830d4dd8
|
7
|
+
data.tar.gz: f85dde748a522956bfe04dc61debbc644e8e78d0e56549b901302e62ae60da1271e35a9b5687f27177838176167ca1e98471d770ecdd4b3eda6ffcf65cc10e45
|
data/lib/aws-sdk-transfer.rb
CHANGED
@@ -15,7 +15,7 @@ require_relative 'aws-sdk-transfer/errors'
|
|
15
15
|
require_relative 'aws-sdk-transfer/resource'
|
16
16
|
require_relative 'aws-sdk-transfer/customizations'
|
17
17
|
|
18
|
-
# This module provides support for AWS Transfer
|
18
|
+
# This module provides support for AWS Transfer Family. This module is available in the
|
19
19
|
# `aws-sdk-transfer` gem.
|
20
20
|
#
|
21
21
|
# # Client
|
@@ -24,17 +24,20 @@ require_relative 'aws-sdk-transfer/customizations'
|
|
24
24
|
# methods each accept a hash of request parameters and return a response
|
25
25
|
# structure.
|
26
26
|
#
|
27
|
+
# transfer = Aws::Transfer::Client.new
|
28
|
+
# resp = transfer.create_server(params)
|
29
|
+
#
|
27
30
|
# See {Client} for more information.
|
28
31
|
#
|
29
32
|
# # Errors
|
30
33
|
#
|
31
|
-
# Errors returned from AWS Transfer
|
32
|
-
# extend {Errors::ServiceError}.
|
34
|
+
# Errors returned from AWS Transfer Family are defined in the
|
35
|
+
# {Errors} module and all extend {Errors::ServiceError}.
|
33
36
|
#
|
34
37
|
# begin
|
35
38
|
# # do stuff
|
36
39
|
# rescue Aws::Transfer::Errors::ServiceError
|
37
|
-
# # rescues all
|
40
|
+
# # rescues all AWS Transfer Family API errors
|
38
41
|
# end
|
39
42
|
#
|
40
43
|
# See {Errors} for more information.
|
@@ -42,6 +45,6 @@ require_relative 'aws-sdk-transfer/customizations'
|
|
42
45
|
# @service
|
43
46
|
module Aws::Transfer
|
44
47
|
|
45
|
-
GEM_VERSION = '1.
|
48
|
+
GEM_VERSION = '1.21.0'
|
46
49
|
|
47
50
|
end
|
@@ -30,6 +30,18 @@ require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
|
|
30
30
|
Aws::Plugins::GlobalConfiguration.add_identifier(:transfer)
|
31
31
|
|
32
32
|
module Aws::Transfer
|
33
|
+
# An API client for Transfer. To construct a client, you need to configure a `:region` and `:credentials`.
|
34
|
+
#
|
35
|
+
# client = Aws::Transfer::Client.new(
|
36
|
+
# region: region_name,
|
37
|
+
# credentials: credentials,
|
38
|
+
# # ...
|
39
|
+
# )
|
40
|
+
#
|
41
|
+
# For details on configuring region and credentials see
|
42
|
+
# the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
|
43
|
+
#
|
44
|
+
# See {#initialize} for a full list of supported configuration options.
|
33
45
|
class Client < Seahorse::Client::Base
|
34
46
|
|
35
47
|
include Aws::ClientStubs
|
@@ -93,7 +105,7 @@ module Aws::Transfer
|
|
93
105
|
# @option options [required, String] :region
|
94
106
|
# The AWS region to connect to. The configured `:region` is
|
95
107
|
# used to determine the service `:endpoint`. When not passed,
|
96
|
-
# a default `:region` is
|
108
|
+
# a default `:region` is searched for in the following locations:
|
97
109
|
#
|
98
110
|
# * `Aws.config[:region]`
|
99
111
|
# * `ENV['AWS_REGION']`
|
@@ -108,6 +120,12 @@ module Aws::Transfer
|
|
108
120
|
# When set to `true`, a thread polling for endpoints will be running in
|
109
121
|
# the background every 60 secs (default). Defaults to `false`.
|
110
122
|
#
|
123
|
+
# @option options [Boolean] :adaptive_retry_wait_to_fill (true)
|
124
|
+
# Used only in `adaptive` retry mode. When true, the request will sleep
|
125
|
+
# until there is sufficent client side capacity to retry the request.
|
126
|
+
# When false, the request will raise a `RetryCapacityNotAvailableError` and will
|
127
|
+
# not retry instead of sleeping.
|
128
|
+
#
|
111
129
|
# @option options [Boolean] :client_side_monitoring (false)
|
112
130
|
# When `true`, client-side metrics will be collected for all API requests from
|
113
131
|
# this client.
|
@@ -132,6 +150,10 @@ module Aws::Transfer
|
|
132
150
|
# When `true`, an attempt is made to coerce request parameters into
|
133
151
|
# the required types.
|
134
152
|
#
|
153
|
+
# @option options [Boolean] :correct_clock_skew (true)
|
154
|
+
# Used only in `standard` and adaptive retry modes. Specifies whether to apply
|
155
|
+
# a clock skew correction and retry requests with skewed client clocks.
|
156
|
+
#
|
135
157
|
# @option options [Boolean] :disable_host_prefix_injection (false)
|
136
158
|
# Set to true to disable SDK automatically adding host prefix
|
137
159
|
# to default service endpoint when available.
|
@@ -139,7 +161,7 @@ module Aws::Transfer
|
|
139
161
|
# @option options [String] :endpoint
|
140
162
|
# The client endpoint is normally constructed from the `:region`
|
141
163
|
# option. You should only configure an `:endpoint` when connecting
|
142
|
-
# to test endpoints. This should be
|
164
|
+
# to test endpoints. This should be a valid HTTP(S) URI.
|
143
165
|
#
|
144
166
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
145
167
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
@@ -154,7 +176,7 @@ module Aws::Transfer
|
|
154
176
|
# requests fetching endpoints information. Defaults to 60 sec.
|
155
177
|
#
|
156
178
|
# @option options [Boolean] :endpoint_discovery (false)
|
157
|
-
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
179
|
+
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
158
180
|
#
|
159
181
|
# @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
|
160
182
|
# The log formatter.
|
@@ -166,15 +188,29 @@ module Aws::Transfer
|
|
166
188
|
# The Logger instance to send log messages to. If this option
|
167
189
|
# is not set, logging will be disabled.
|
168
190
|
#
|
191
|
+
# @option options [Integer] :max_attempts (3)
|
192
|
+
# An integer representing the maximum number attempts that will be made for
|
193
|
+
# a single request, including the initial attempt. For example,
|
194
|
+
# setting this value to 5 will result in a request being retried up to
|
195
|
+
# 4 times. Used in `standard` and `adaptive` retry modes.
|
196
|
+
#
|
169
197
|
# @option options [String] :profile ("default")
|
170
198
|
# Used when loading credentials from the shared credentials file
|
171
199
|
# at HOME/.aws/credentials. When not specified, 'default' is used.
|
172
200
|
#
|
201
|
+
# @option options [Proc] :retry_backoff
|
202
|
+
# A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
|
203
|
+
# This option is only used in the `legacy` retry mode.
|
204
|
+
#
|
173
205
|
# @option options [Float] :retry_base_delay (0.3)
|
174
|
-
# The base delay in seconds used by the default backoff function.
|
206
|
+
# The base delay in seconds used by the default backoff function. This option
|
207
|
+
# is only used in the `legacy` retry mode.
|
175
208
|
#
|
176
209
|
# @option options [Symbol] :retry_jitter (:none)
|
177
|
-
# A delay randomiser function used by the default backoff function.
|
210
|
+
# A delay randomiser function used by the default backoff function.
|
211
|
+
# Some predefined functions can be referenced by name - :none, :equal, :full,
|
212
|
+
# otherwise a Proc that takes and returns a number. This option is only used
|
213
|
+
# in the `legacy` retry mode.
|
178
214
|
#
|
179
215
|
# @see https://www.awsarchitectureblog.com/2015/03/backoff.html
|
180
216
|
#
|
@@ -182,11 +218,30 @@ module Aws::Transfer
|
|
182
218
|
# The maximum number of times to retry failed requests. Only
|
183
219
|
# ~ 500 level server errors and certain ~ 400 level client errors
|
184
220
|
# are retried. Generally, these are throttling errors, data
|
185
|
-
# checksum errors, networking errors, timeout errors
|
186
|
-
# errors from expired credentials.
|
221
|
+
# checksum errors, networking errors, timeout errors, auth errors,
|
222
|
+
# endpoint discovery, and errors from expired credentials.
|
223
|
+
# This option is only used in the `legacy` retry mode.
|
187
224
|
#
|
188
225
|
# @option options [Integer] :retry_max_delay (0)
|
189
|
-
# The maximum number of seconds to delay between retries (0 for no limit)
|
226
|
+
# The maximum number of seconds to delay between retries (0 for no limit)
|
227
|
+
# used by the default backoff function. This option is only used in the
|
228
|
+
# `legacy` retry mode.
|
229
|
+
#
|
230
|
+
# @option options [String] :retry_mode ("legacy")
|
231
|
+
# Specifies which retry algorithm to use. Values are:
|
232
|
+
#
|
233
|
+
# * `legacy` - The pre-existing retry behavior. This is default value if
|
234
|
+
# no retry mode is provided.
|
235
|
+
#
|
236
|
+
# * `standard` - A standardized set of retry rules across the AWS SDKs.
|
237
|
+
# This includes support for retry quotas, which limit the number of
|
238
|
+
# unsuccessful retries a client can make.
|
239
|
+
#
|
240
|
+
# * `adaptive` - An experimental retry mode that includes all the
|
241
|
+
# functionality of `standard` mode along with automatic client side
|
242
|
+
# throttling. This is a provisional mode that may change behavior
|
243
|
+
# in the future.
|
244
|
+
#
|
190
245
|
#
|
191
246
|
# @option options [String] :secret_access_key
|
192
247
|
#
|
@@ -219,16 +274,15 @@ module Aws::Transfer
|
|
219
274
|
# requests through. Formatted like 'http://proxy.com:123'.
|
220
275
|
#
|
221
276
|
# @option options [Float] :http_open_timeout (15) The number of
|
222
|
-
# seconds to wait when opening a HTTP session before
|
277
|
+
# seconds to wait when opening a HTTP session before raising a
|
223
278
|
# `Timeout::Error`.
|
224
279
|
#
|
225
280
|
# @option options [Integer] :http_read_timeout (60) The default
|
226
281
|
# number of seconds to wait for response data. This value can
|
227
|
-
# safely be set
|
228
|
-
# per-request on the session yeidled by {#session_for}.
|
282
|
+
# safely be set per-request on the session.
|
229
283
|
#
|
230
284
|
# @option options [Float] :http_idle_timeout (5) The number of
|
231
|
-
# seconds a connection is allowed to sit
|
285
|
+
# seconds a connection is allowed to sit idle before it is
|
232
286
|
# considered stale. Stale connections are closed and removed
|
233
287
|
# from the pool before making a request.
|
234
288
|
#
|
@@ -237,7 +291,7 @@ module Aws::Transfer
|
|
237
291
|
# request body. This option has no effect unless the request has
|
238
292
|
# "Expect" header set to "100-continue". Defaults to `nil` which
|
239
293
|
# disables this behaviour. This value can safely be set per
|
240
|
-
# request on the session
|
294
|
+
# request on the session.
|
241
295
|
#
|
242
296
|
# @option options [Boolean] :http_wire_trace (false) When `true`,
|
243
297
|
# HTTP debug output will be sent to the `:logger`.
|
@@ -264,58 +318,140 @@ module Aws::Transfer
|
|
264
318
|
|
265
319
|
# @!group API Operations
|
266
320
|
|
267
|
-
# Instantiates an autoscaling virtual server based on
|
268
|
-
#
|
269
|
-
# or when you work with users, use the
|
270
|
-
# property that is assigned to the newly
|
321
|
+
# Instantiates an autoscaling virtual server based on the selected file
|
322
|
+
# transfer protocol in AWS. When you make updates to your file transfer
|
323
|
+
# protocol-enabled server or when you work with users, use the
|
324
|
+
# service-generated `ServerId` property that is assigned to the newly
|
325
|
+
# created server.
|
326
|
+
#
|
327
|
+
# @option params [String] :certificate
|
328
|
+
# The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM)
|
329
|
+
# certificate. Required when `Protocols` is set to `FTPS`.
|
330
|
+
#
|
331
|
+
# To request a new public certificate, see [Request a public
|
332
|
+
# certificate][1] in the <i> AWS Certificate Manager User Guide</i>.
|
333
|
+
#
|
334
|
+
# To import an existing certificate into ACM, see [Importing
|
335
|
+
# certificates into ACM][2] in the <i> AWS Certificate Manager User
|
336
|
+
# Guide</i>.
|
337
|
+
#
|
338
|
+
# To request a private certificate to use FTPS through private IP
|
339
|
+
# addresses, see [Request a private certificate][3] in the <i> AWS
|
340
|
+
# Certificate Manager User Guide</i>.
|
341
|
+
#
|
342
|
+
# Certificates with the following cryptographic algorithms and key sizes
|
343
|
+
# are supported:
|
344
|
+
#
|
345
|
+
# * 2048-bit RSA (RSA\_2048)
|
346
|
+
#
|
347
|
+
# * 4096-bit RSA (RSA\_4096)
|
348
|
+
#
|
349
|
+
# * Elliptic Prime Curve 256 bit (EC\_prime256v1)
|
350
|
+
#
|
351
|
+
# * Elliptic Prime Curve 384 bit (EC\_secp384r1)
|
352
|
+
#
|
353
|
+
# * Elliptic Prime Curve 521 bit (EC\_secp521r1)
|
354
|
+
#
|
355
|
+
# <note markdown="1"> The certificate must be a valid SSL/TLS X.509 version 3 certificate
|
356
|
+
# with FQDN or IP address specified and information about the issuer.
|
357
|
+
#
|
358
|
+
# </note>
|
359
|
+
#
|
360
|
+
#
|
361
|
+
#
|
362
|
+
# [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
|
363
|
+
# [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
|
364
|
+
# [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html
|
271
365
|
#
|
272
366
|
# @option params [Types::EndpointDetails] :endpoint_details
|
273
367
|
# The virtual private cloud (VPC) endpoint settings that are configured
|
274
|
-
# for your
|
275
|
-
# your
|
276
|
-
#
|
277
|
-
#
|
368
|
+
# for your file transfer protocol-enabled server. When you host your
|
369
|
+
# endpoint within your VPC, you can make it accessible only to resources
|
370
|
+
# within your VPC, or you can attach Elastic IPs and make it accessible
|
371
|
+
# to clients over the internet. Your VPC's default security groups are
|
372
|
+
# automatically assigned to your endpoint.
|
278
373
|
#
|
279
374
|
# @option params [String] :endpoint_type
|
280
|
-
# The type of VPC endpoint that you want your
|
281
|
-
#
|
282
|
-
#
|
283
|
-
# your
|
375
|
+
# The type of VPC endpoint that you want your file transfer
|
376
|
+
# protocol-enabled server to connect to. You can choose to connect to
|
377
|
+
# the public internet or a VPC endpoint. With a VPC endpoint, you can
|
378
|
+
# restrict access to your server and resources only within your VPC.
|
379
|
+
#
|
380
|
+
# <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With this
|
381
|
+
# endpoint type, you have the option to directly associate up to three
|
382
|
+
# Elastic IPv4 addresses (BYO IP included) with your server's endpoint
|
383
|
+
# and use VPC security groups to restrict traffic by the client's
|
384
|
+
# public IP address. This is not possible with `EndpointType` set to
|
385
|
+
# `VPC_ENDPOINT`.
|
386
|
+
#
|
387
|
+
# </note>
|
284
388
|
#
|
285
389
|
# @option params [String] :host_key
|
286
|
-
# The RSA private key as generated by the `ssh-keygen -N "" -f
|
390
|
+
# The RSA private key as generated by the `ssh-keygen -N "" -m PEM -f
|
287
391
|
# my-new-server-key` command.
|
288
392
|
#
|
289
393
|
# If you aren't planning to migrate existing users from an existing
|
290
|
-
# SFTP server to a new
|
394
|
+
# SFTP-enabled server to a new server, don't update the host key.
|
291
395
|
# Accidentally changing a server's host key can be disruptive.
|
292
396
|
#
|
293
|
-
# For more information, see
|
294
|
-
#
|
295
|
-
#
|
397
|
+
# For more information, see [Change the host key for your SFTP-enabled
|
398
|
+
# server][1] in the *AWS Transfer Family User Guide*.
|
399
|
+
#
|
400
|
+
#
|
401
|
+
#
|
402
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key
|
296
403
|
#
|
297
404
|
# @option params [Types::IdentityProviderDetails] :identity_provider_details
|
298
|
-
#
|
299
|
-
#
|
300
|
-
#
|
301
|
-
#
|
302
|
-
# `IdentityProviderType` is set to `SERVICE_MANAGED`.
|
405
|
+
# Required when `IdentityProviderType` is set to `API_GATEWAY`. Accepts
|
406
|
+
# an array containing all of the information required to call a
|
407
|
+
# customer-supplied authentication API, including the API Gateway URL.
|
408
|
+
# Not required when `IdentityProviderType` is set to `SERVICE_MANAGED`.
|
303
409
|
#
|
304
410
|
# @option params [String] :identity_provider_type
|
305
|
-
# Specifies the mode of authentication for
|
306
|
-
# value is `SERVICE_MANAGED`, which
|
307
|
-
#
|
308
|
-
# `API_GATEWAY` value to integrate with
|
309
|
-
# choosing. The `API_GATEWAY` setting
|
310
|
-
# Gateway endpoint URL to call for
|
311
|
-
# `IdentityProviderDetails` parameter.
|
411
|
+
# Specifies the mode of authentication for a file transfer
|
412
|
+
# protocol-enabled server. The default value is `SERVICE_MANAGED`, which
|
413
|
+
# allows you to store and access user credentials within the AWS
|
414
|
+
# Transfer Family service. Use the `API_GATEWAY` value to integrate with
|
415
|
+
# an identity provider of your choosing. The `API_GATEWAY` setting
|
416
|
+
# requires you to provide an API Gateway endpoint URL to call for
|
417
|
+
# authentication using the `IdentityProviderDetails` parameter.
|
312
418
|
#
|
313
419
|
# @option params [String] :logging_role
|
314
|
-
#
|
315
|
-
#
|
420
|
+
# Allows the service to write your users' activity to your Amazon
|
421
|
+
# CloudWatch logs for monitoring and auditing purposes.
|
422
|
+
#
|
423
|
+
# @option params [Array<String>] :protocols
|
424
|
+
# Specifies the file transfer protocol or protocols over which your file
|
425
|
+
# transfer protocol client can connect to your server's endpoint. The
|
426
|
+
# available protocols are:
|
427
|
+
#
|
428
|
+
# * `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer
|
429
|
+
# over SSH
|
430
|
+
#
|
431
|
+
# * `FTPS` (File Transfer Protocol Secure): File transfer with TLS
|
432
|
+
# encryption
|
433
|
+
#
|
434
|
+
# * `FTP` (File Transfer Protocol): Unencrypted file transfer
|
435
|
+
#
|
436
|
+
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in AWS
|
437
|
+
# Certificate Manager (ACM) which will be used to identify your server
|
438
|
+
# when clients connect to it over FTPS.
|
439
|
+
#
|
440
|
+
# If `Protocol` includes either `FTP` or `FTPS`, then the `EndpointType`
|
441
|
+
# must be `VPC` and the `IdentityProviderType` must be `API_GATEWAY`.
|
442
|
+
#
|
443
|
+
# If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
|
444
|
+
# associated.
|
445
|
+
#
|
446
|
+
# If `Protocol` is set only to `SFTP`, the `EndpointType` can be set to
|
447
|
+
# `PUBLIC` and the `IdentityProviderType` can be set to
|
448
|
+
# `SERVICE_MANAGED`.
|
449
|
+
#
|
450
|
+
# </note>
|
316
451
|
#
|
317
452
|
# @option params [Array<Types::Tag>] :tags
|
318
|
-
# Key-value pairs that can be used to group and search for
|
453
|
+
# Key-value pairs that can be used to group and search for file transfer
|
454
|
+
# protocol-enabled servers.
|
319
455
|
#
|
320
456
|
# @return [Types::CreateServerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
321
457
|
#
|
@@ -324,6 +460,7 @@ module Aws::Transfer
|
|
324
460
|
# @example Request syntax with placeholder values
|
325
461
|
#
|
326
462
|
# resp = client.create_server({
|
463
|
+
# certificate: "Certificate",
|
327
464
|
# endpoint_details: {
|
328
465
|
# address_allocation_ids: ["AddressAllocationId"],
|
329
466
|
# subnet_ids: ["SubnetId"],
|
@@ -338,6 +475,7 @@ module Aws::Transfer
|
|
338
475
|
# },
|
339
476
|
# identity_provider_type: "SERVICE_MANAGED", # accepts SERVICE_MANAGED, API_GATEWAY
|
340
477
|
# logging_role: "Role",
|
478
|
+
# protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
|
341
479
|
# tags: [
|
342
480
|
# {
|
343
481
|
# key: "TagKey", # required
|
@@ -359,54 +497,57 @@ module Aws::Transfer
|
|
359
497
|
req.send_request(options)
|
360
498
|
end
|
361
499
|
|
362
|
-
# Creates a user and associates them with an existing
|
363
|
-
#
|
364
|
-
#
|
365
|
-
#
|
366
|
-
# the
|
367
|
-
#
|
368
|
-
#
|
369
|
-
#
|
500
|
+
# Creates a user and associates them with an existing file transfer
|
501
|
+
# protocol-enabled server. You can only create and associate users with
|
502
|
+
# servers that have the `IdentityProviderType` set to `SERVICE_MANAGED`.
|
503
|
+
# Using parameters for `CreateUser`, you can specify the user name, set
|
504
|
+
# the home directory, store the user's public key, and assign the
|
505
|
+
# user's AWS Identity and Access Management (IAM) role. You can also
|
506
|
+
# optionally add a scope-down policy, and assign metadata with tags that
|
507
|
+
# can be used to group and search for users.
|
370
508
|
#
|
371
509
|
# @option params [String] :home_directory
|
372
|
-
# The landing directory (folder) for a user when they log in to the
|
373
|
-
# server using
|
510
|
+
# The landing directory (folder) for a user when they log in to the file
|
511
|
+
# transfer protocol-enabled server using the client.
|
374
512
|
#
|
375
|
-
# An example is
|
513
|
+
# An example is <i>
|
514
|
+
# <code>your-Amazon-S3-bucket-name>/home/username</code> </i>.
|
376
515
|
#
|
377
516
|
# @option params [String] :home_directory_type
|
378
517
|
# The type of landing directory (folder) you want your users' home
|
379
|
-
# directory to be when they log into the
|
380
|
-
# `PATH`, the user will see the absolute Amazon
|
381
|
-
#
|
382
|
-
#
|
383
|
-
#
|
518
|
+
# directory to be when they log into the file transfer protocol-enabled
|
519
|
+
# server. If you set it to `PATH`, the user will see the absolute Amazon
|
520
|
+
# S3 bucket paths as is in their file transfer protocol clients. If you
|
521
|
+
# set it `LOGICAL`, you will need to provide mappings in the
|
522
|
+
# `HomeDirectoryMappings` for how you want to make Amazon S3 paths
|
523
|
+
# visible to your users.
|
384
524
|
#
|
385
525
|
# @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
|
386
|
-
# Logical directory mappings that specify what S3 paths and keys
|
387
|
-
# be visible to your user and how you want to make them visible.
|
388
|
-
# will need to specify the "`Entry`" and "`Target`" pair, where
|
526
|
+
# Logical directory mappings that specify what Amazon S3 paths and keys
|
527
|
+
# should be visible to your user and how you want to make them visible.
|
528
|
+
# You will need to specify the "`Entry`" and "`Target`" pair, where
|
389
529
|
# `Entry` shows how the path is made visible and `Target` is the actual
|
390
|
-
# S3 path. If you only specify a target, it will be displayed as
|
391
|
-
# will need to also make sure that your
|
392
|
-
# paths in `Target`. The following is an example.
|
530
|
+
# Amazon S3 path. If you only specify a target, it will be displayed as
|
531
|
+
# is. You will need to also make sure that your IAM role provides access
|
532
|
+
# to paths in `Target`. The following is an example.
|
393
533
|
#
|
394
534
|
# `'[ "/bucket2/documentation", \{ "Entry": "your-personal-report.pdf",
|
395
535
|
# "Target": "/bucket3/customized-reports/$\{transfer:UserName\}.pdf" \}
|
396
536
|
# ]'`
|
397
537
|
#
|
398
|
-
# In most cases, you can use this value instead of the scope
|
538
|
+
# In most cases, you can use this value instead of the scope-down policy
|
399
539
|
# to lock your user down to the designated home directory ("chroot").
|
400
540
|
# To do this, you can set `Entry` to '/' and set `Target` to the
|
401
541
|
# HomeDirectory parameter value.
|
402
542
|
#
|
403
|
-
# <note markdown="1"> If the target of a logical directory entry does not exist in
|
404
|
-
# entry will be ignored. As a workaround, you can use the
|
405
|
-
# create 0 byte objects as place holders for your directory.
|
406
|
-
# the CLI, use the s3api call instead of s3 so you can use
|
407
|
-
# put-object operation. For example, you use the following: `aws
|
408
|
-
# put-object --bucket bucketname --key path/to/folder/`. Make sure
|
409
|
-
# the end of the key name ends in a / for it to be considered a
|
543
|
+
# <note markdown="1"> If the target of a logical directory entry does not exist in Amazon
|
544
|
+
# S3, the entry will be ignored. As a workaround, you can use the Amazon
|
545
|
+
# S3 api to create 0 byte objects as place holders for your directory.
|
546
|
+
# If using the CLI, use the `s3api` call instead of `s3` so you can use
|
547
|
+
# the put-object operation. For example, you use the following: `aws
|
548
|
+
# s3api put-object --bucket bucketname --key path/to/folder/`. Make sure
|
549
|
+
# that the end of the key name ends in a '/' for it to be considered a
|
550
|
+
# folder.
|
410
551
|
#
|
411
552
|
# </note>
|
412
553
|
#
|
@@ -417,47 +558,52 @@ module Aws::Transfer
|
|
417
558
|
# policy include `$\{Transfer:UserName\}`,
|
418
559
|
# `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
|
419
560
|
#
|
420
|
-
# <note markdown="1"> For scope-down policies, AWS Transfer
|
561
|
+
# <note markdown="1"> For scope-down policies, AWS Transfer Family stores the policy as a
|
421
562
|
# JSON blob, instead of the Amazon Resource Name (ARN) of the policy.
|
422
563
|
# You save the policy as a JSON blob and pass it in the `Policy`
|
423
564
|
# argument.
|
424
565
|
#
|
425
|
-
# For an example of a scope-down policy, see
|
426
|
-
#
|
427
|
-
# a Scope-Down Policy.
|
566
|
+
# For an example of a scope-down policy, see [Creating a scope-down
|
567
|
+
# policy][1].
|
428
568
|
#
|
429
|
-
# For more information, see
|
430
|
-
#
|
431
|
-
# in the *AWS Security Token Service API Reference*.
|
569
|
+
# For more information, see [AssumeRole][2] in the *AWS Security Token
|
570
|
+
# Service API Reference*.
|
432
571
|
#
|
433
572
|
# </note>
|
434
573
|
#
|
574
|
+
#
|
575
|
+
#
|
576
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/users.html#users-policies-scope-down
|
577
|
+
# [2]: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
|
578
|
+
#
|
435
579
|
# @option params [required, String] :role
|
436
|
-
# The IAM role that controls your
|
580
|
+
# The IAM role that controls your users' access to your Amazon S3
|
437
581
|
# bucket. The policies attached to this role will determine the level of
|
438
582
|
# access you want to provide your users when transferring files into and
|
439
583
|
# out of your Amazon S3 bucket or buckets. The IAM role should also
|
440
|
-
# contain a trust relationship that allows the
|
441
|
-
# your resources when servicing your
|
584
|
+
# contain a trust relationship that allows the file transfer
|
585
|
+
# protocol-enabled server to access your resources when servicing your
|
586
|
+
# users' transfer requests.
|
442
587
|
#
|
443
588
|
# @option params [required, String] :server_id
|
444
|
-
# A system-assigned unique identifier for
|
445
|
-
# is the specific
|
589
|
+
# A system-assigned unique identifier for a file transfer
|
590
|
+
# protocol-enabled server instance. This is the specific server that you
|
591
|
+
# added your user to.
|
446
592
|
#
|
447
593
|
# @option params [String] :ssh_public_key_body
|
448
594
|
# The public portion of the Secure Shell (SSH) key used to authenticate
|
449
|
-
# the user to the
|
595
|
+
# the user to the file transfer protocol-enabled server.
|
450
596
|
#
|
451
597
|
# @option params [Array<Types::Tag>] :tags
|
452
598
|
# Key-value pairs that can be used to group and search for users. Tags
|
453
599
|
# are metadata attached to users for any purpose.
|
454
600
|
#
|
455
601
|
# @option params [required, String] :user_name
|
456
|
-
# A unique string that identifies a user and is associated with a
|
457
|
-
# as specified by the `ServerId`. This
|
458
|
-
# and a maximum of 32 characters long.
|
459
|
-
# characters: a-z, A-Z, 0-9, underscore, and
|
460
|
-
# can't start with a hyphen.
|
602
|
+
# A unique string that identifies a user and is associated with a file
|
603
|
+
# transfer protocol-enabled server as specified by the `ServerId`. This
|
604
|
+
# user name must be a minimum of 3 and a maximum of 32 characters long.
|
605
|
+
# The following are valid characters: a-z, A-Z, 0-9, underscore, and
|
606
|
+
# hyphen. The user name can't start with a hyphen.
|
461
607
|
#
|
462
608
|
# @return [Types::CreateUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
463
609
|
#
|
@@ -502,13 +648,13 @@ module Aws::Transfer
|
|
502
648
|
req.send_request(options)
|
503
649
|
end
|
504
650
|
|
505
|
-
# Deletes the
|
506
|
-
# specify.
|
651
|
+
# Deletes the file transfer protocol-enabled server that you specify.
|
507
652
|
#
|
508
653
|
# No response returns from this operation.
|
509
654
|
#
|
510
655
|
# @option params [required, String] :server_id
|
511
|
-
# A unique system-assigned identifier for
|
656
|
+
# A unique system-assigned identifier for a file transfer
|
657
|
+
# protocol-enabled server instance.
|
512
658
|
#
|
513
659
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
514
660
|
#
|
@@ -532,8 +678,8 @@ module Aws::Transfer
|
|
532
678
|
# No response is returned from this operation.
|
533
679
|
#
|
534
680
|
# @option params [required, String] :server_id
|
535
|
-
# A system-assigned unique identifier for a
|
536
|
-
#
|
681
|
+
# A system-assigned unique identifier for a file transfer
|
682
|
+
# protocol-enabled server instance that has the user assigned to it.
|
537
683
|
#
|
538
684
|
# @option params [required, String] :ssh_public_key_id
|
539
685
|
# A unique identifier used to reference your user's specific SSH key.
|
@@ -561,7 +707,8 @@ module Aws::Transfer
|
|
561
707
|
req.send_request(options)
|
562
708
|
end
|
563
709
|
|
564
|
-
# Deletes the user belonging to
|
710
|
+
# Deletes the user belonging to a file transfer protocol-enabled server
|
711
|
+
# you specify.
|
565
712
|
#
|
566
713
|
# No response returns from this operation.
|
567
714
|
#
|
@@ -570,12 +717,12 @@ module Aws::Transfer
|
|
570
717
|
# </note>
|
571
718
|
#
|
572
719
|
# @option params [required, String] :server_id
|
573
|
-
# A system-assigned unique identifier for
|
574
|
-
# has the user assigned to it.
|
720
|
+
# A system-assigned unique identifier for a file transfer
|
721
|
+
# protocol-enabled server instance that has the user assigned to it.
|
575
722
|
#
|
576
723
|
# @option params [required, String] :user_name
|
577
|
-
# A unique string that identifies a user that is being deleted from
|
578
|
-
# server.
|
724
|
+
# A unique string that identifies a user that is being deleted from a
|
725
|
+
# file transfer protocol-enabled server.
|
579
726
|
#
|
580
727
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
581
728
|
#
|
@@ -595,15 +742,16 @@ module Aws::Transfer
|
|
595
742
|
req.send_request(options)
|
596
743
|
end
|
597
744
|
|
598
|
-
# Describes
|
599
|
-
# parameter.
|
745
|
+
# Describes a file transfer protocol-enabled server that you specify by
|
746
|
+
# passing the `ServerId` parameter.
|
600
747
|
#
|
601
|
-
# The response contains a description of
|
748
|
+
# The response contains a description of a server's properties. When
|
602
749
|
# you set `EndpointType` to VPC, the response will contain the
|
603
750
|
# `EndpointDetails`.
|
604
751
|
#
|
605
752
|
# @option params [required, String] :server_id
|
606
|
-
# A system-assigned unique identifier for
|
753
|
+
# A system-assigned unique identifier for a file transfer
|
754
|
+
# protocol-enabled server.
|
607
755
|
#
|
608
756
|
# @return [Types::DescribeServerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
609
757
|
#
|
@@ -618,6 +766,7 @@ module Aws::Transfer
|
|
618
766
|
# @example Response structure
|
619
767
|
#
|
620
768
|
# resp.server.arn #=> String
|
769
|
+
# resp.server.certificate #=> String
|
621
770
|
# resp.server.endpoint_details.address_allocation_ids #=> Array
|
622
771
|
# resp.server.endpoint_details.address_allocation_ids[0] #=> String
|
623
772
|
# resp.server.endpoint_details.subnet_ids #=> Array
|
@@ -630,6 +779,8 @@ module Aws::Transfer
|
|
630
779
|
# resp.server.identity_provider_details.invocation_role #=> String
|
631
780
|
# resp.server.identity_provider_type #=> String, one of "SERVICE_MANAGED", "API_GATEWAY"
|
632
781
|
# resp.server.logging_role #=> String
|
782
|
+
# resp.server.protocols #=> Array
|
783
|
+
# resp.server.protocols[0] #=> String, one of "SFTP", "FTP", "FTPS"
|
633
784
|
# resp.server.server_id #=> String
|
634
785
|
# resp.server.state #=> String, one of "OFFLINE", "ONLINE", "STARTING", "STOPPING", "START_FAILED", "STOP_FAILED"
|
635
786
|
# resp.server.tags #=> Array
|
@@ -646,20 +797,21 @@ module Aws::Transfer
|
|
646
797
|
req.send_request(options)
|
647
798
|
end
|
648
799
|
|
649
|
-
# Describes the user assigned to
|
650
|
-
# `ServerId` property.
|
800
|
+
# Describes the user assigned to the specific file transfer
|
801
|
+
# protocol-enabled server, as identified by its `ServerId` property.
|
651
802
|
#
|
652
803
|
# The response from this call returns the properties of the user
|
653
804
|
# associated with the `ServerId` value that was specified.
|
654
805
|
#
|
655
806
|
# @option params [required, String] :server_id
|
656
|
-
# A system-assigned unique identifier for
|
657
|
-
# user assigned.
|
807
|
+
# A system-assigned unique identifier for a file transfer
|
808
|
+
# protocol-enabled server that has this user assigned.
|
658
809
|
#
|
659
810
|
# @option params [required, String] :user_name
|
660
|
-
# The name of the user assigned to one or more
|
661
|
-
# part of the sign-in
|
662
|
-
# service and perform file
|
811
|
+
# The name of the user assigned to one or more file transfer
|
812
|
+
# protocol-enabled servers. User names are part of the sign-in
|
813
|
+
# credentials to use the AWS Transfer Family service and perform file
|
814
|
+
# transfer tasks.
|
663
815
|
#
|
664
816
|
# @return [Types::DescribeUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
665
817
|
#
|
@@ -703,20 +855,22 @@ module Aws::Transfer
|
|
703
855
|
end
|
704
856
|
|
705
857
|
# Adds a Secure Shell (SSH) public key to a user account identified by a
|
706
|
-
# `UserName` value assigned to
|
707
|
-
# `ServerId`.
|
858
|
+
# `UserName` value assigned to the specific file transfer
|
859
|
+
# protocol-enabled server, identified by `ServerId`.
|
708
860
|
#
|
709
861
|
# The response returns the `UserName` value, the `ServerId` value, and
|
710
862
|
# the name of the `SshPublicKeyId`.
|
711
863
|
#
|
712
864
|
# @option params [required, String] :server_id
|
713
|
-
# A system-assigned unique identifier for
|
865
|
+
# A system-assigned unique identifier for a file transfer
|
866
|
+
# protocol-enabled server.
|
714
867
|
#
|
715
868
|
# @option params [required, String] :ssh_public_key_body
|
716
869
|
# The public key portion of an SSH key pair.
|
717
870
|
#
|
718
871
|
# @option params [required, String] :user_name
|
719
|
-
# The name of the user account that is assigned to one or more
|
872
|
+
# The name of the user account that is assigned to one or more file
|
873
|
+
# transfer protocol-enabled servers.
|
720
874
|
#
|
721
875
|
# @return [Types::ImportSshPublicKeyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
722
876
|
#
|
@@ -747,24 +901,26 @@ module Aws::Transfer
|
|
747
901
|
req.send_request(options)
|
748
902
|
end
|
749
903
|
|
750
|
-
# Lists the
|
751
|
-
#
|
904
|
+
# Lists the file transfer protocol-enabled servers that are associated
|
905
|
+
# with your AWS account.
|
752
906
|
#
|
753
907
|
# @option params [Integer] :max_results
|
754
|
-
# Specifies the number of
|
755
|
-
# `ListServers` query.
|
908
|
+
# Specifies the number of file transfer protocol-enabled servers to
|
909
|
+
# return as a response to the `ListServers` query.
|
756
910
|
#
|
757
911
|
# @option params [String] :next_token
|
758
|
-
# When additional results are obtained from the
|
912
|
+
# When additional results are obtained from the`ListServers` command, a
|
759
913
|
# `NextToken` parameter is returned in the output. You can then pass the
|
760
914
|
# `NextToken` parameter in a subsequent command to continue listing
|
761
|
-
# additional servers.
|
915
|
+
# additional file transfer protocol-enabled servers.
|
762
916
|
#
|
763
917
|
# @return [Types::ListServersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
764
918
|
#
|
765
919
|
# * {Types::ListServersResponse#next_token #next_token} => String
|
766
920
|
# * {Types::ListServersResponse#servers #servers} => Array<Types::ListedServer>
|
767
921
|
#
|
922
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
923
|
+
#
|
768
924
|
# @example Request syntax with placeholder values
|
769
925
|
#
|
770
926
|
# resp = client.list_servers({
|
@@ -817,6 +973,8 @@ module Aws::Transfer
|
|
817
973
|
# * {Types::ListTagsForResourceResponse#next_token #next_token} => String
|
818
974
|
# * {Types::ListTagsForResourceResponse#tags #tags} => Array<Types::Tag>
|
819
975
|
#
|
976
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
977
|
+
#
|
820
978
|
# @example Request syntax with placeholder values
|
821
979
|
#
|
822
980
|
# resp = client.list_tags_for_resource({
|
@@ -842,8 +1000,8 @@ module Aws::Transfer
|
|
842
1000
|
req.send_request(options)
|
843
1001
|
end
|
844
1002
|
|
845
|
-
# Lists the users for
|
846
|
-
# `ServerId` parameter.
|
1003
|
+
# Lists the users for a file transfer protocol-enabled server that you
|
1004
|
+
# specify by passing the `ServerId` parameter.
|
847
1005
|
#
|
848
1006
|
# @option params [Integer] :max_results
|
849
1007
|
# Specifies the number of users to return as a response to the
|
@@ -856,8 +1014,8 @@ module Aws::Transfer
|
|
856
1014
|
# additional users.
|
857
1015
|
#
|
858
1016
|
# @option params [required, String] :server_id
|
859
|
-
# A system-assigned unique identifier for a
|
860
|
-
#
|
1017
|
+
# A system-assigned unique identifier for a file transfer
|
1018
|
+
# protocol-enabled server that has users assigned to it.
|
861
1019
|
#
|
862
1020
|
# @return [Types::ListUsersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
863
1021
|
#
|
@@ -865,6 +1023,8 @@ module Aws::Transfer
|
|
865
1023
|
# * {Types::ListUsersResponse#server_id #server_id} => String
|
866
1024
|
# * {Types::ListUsersResponse#users #users} => Array<Types::ListedUser>
|
867
1025
|
#
|
1026
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1027
|
+
#
|
868
1028
|
# @example Request syntax with placeholder values
|
869
1029
|
#
|
870
1030
|
# resp = client.list_users({
|
@@ -894,10 +1054,10 @@ module Aws::Transfer
|
|
894
1054
|
req.send_request(options)
|
895
1055
|
end
|
896
1056
|
|
897
|
-
# Changes the state of a
|
898
|
-
#
|
899
|
-
#
|
900
|
-
#
|
1057
|
+
# Changes the state of a file transfer protocol-enabled server from
|
1058
|
+
# `OFFLINE` to `ONLINE`. It has no impact on a server that is already
|
1059
|
+
# `ONLINE`. An `ONLINE` server can accept and process file transfer
|
1060
|
+
# jobs.
|
901
1061
|
#
|
902
1062
|
# The state of `STARTING` indicates that the server is in an
|
903
1063
|
# intermediate state, either not fully able to respond, or not fully
|
@@ -906,7 +1066,8 @@ module Aws::Transfer
|
|
906
1066
|
# No response is returned from this call.
|
907
1067
|
#
|
908
1068
|
# @option params [required, String] :server_id
|
909
|
-
# A system-assigned unique identifier for
|
1069
|
+
# A system-assigned unique identifier for a file transfer
|
1070
|
+
# protocol-enabled server that you start.
|
910
1071
|
#
|
911
1072
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
912
1073
|
#
|
@@ -925,12 +1086,12 @@ module Aws::Transfer
|
|
925
1086
|
req.send_request(options)
|
926
1087
|
end
|
927
1088
|
|
928
|
-
# Changes the state of
|
929
|
-
# `OFFLINE` server cannot accept and process
|
930
|
-
# Information tied to your server such as server
|
931
|
-
# not affected by stopping your server.
|
932
|
-
# reduce or impact your
|
933
|
-
# billing.
|
1089
|
+
# Changes the state of a file transfer protocol-enabled server from
|
1090
|
+
# `ONLINE` to `OFFLINE`. An `OFFLINE` server cannot accept and process
|
1091
|
+
# file transfer jobs. Information tied to your server, such as server
|
1092
|
+
# and user properties, are not affected by stopping your server.
|
1093
|
+
# Stopping the server will not reduce or impact your file transfer
|
1094
|
+
# protocol endpoint billing.
|
934
1095
|
#
|
935
1096
|
# The state of `STOPPING` indicates that the server is in an
|
936
1097
|
# intermediate state, either not fully able to respond, or not fully
|
@@ -939,8 +1100,8 @@ module Aws::Transfer
|
|
939
1100
|
# No response is returned from this call.
|
940
1101
|
#
|
941
1102
|
# @option params [required, String] :server_id
|
942
|
-
# A system-assigned unique identifier for
|
943
|
-
# stopped.
|
1103
|
+
# A system-assigned unique identifier for a file transfer
|
1104
|
+
# protocol-enabled server that you stopped.
|
944
1105
|
#
|
945
1106
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
946
1107
|
#
|
@@ -997,19 +1158,34 @@ module Aws::Transfer
|
|
997
1158
|
req.send_request(options)
|
998
1159
|
end
|
999
1160
|
|
1000
|
-
# If the `IdentityProviderType` of
|
1001
|
-
# whether your API Gateway is set up
|
1002
|
-
# that you call this operation to test
|
1003
|
-
# soon as you create your server. By doing
|
1004
|
-
# issues with the API Gateway integration to
|
1005
|
-
# successfully use the service.
|
1161
|
+
# If the `IdentityProviderType` of a file transfer protocol-enabled
|
1162
|
+
# server is `API_Gateway`, tests whether your API Gateway is set up
|
1163
|
+
# successfully. We highly recommend that you call this operation to test
|
1164
|
+
# your authentication method as soon as you create your server. By doing
|
1165
|
+
# so, you can troubleshoot issues with the API Gateway integration to
|
1166
|
+
# ensure that your users can successfully use the service.
|
1006
1167
|
#
|
1007
1168
|
# @option params [required, String] :server_id
|
1008
|
-
# A system-assigned identifier for a specific
|
1009
|
-
#
|
1169
|
+
# A system-assigned identifier for a specific file transfer
|
1170
|
+
# protocol-enabled server. That server's user authentication method is
|
1171
|
+
# tested with a user name and password.
|
1172
|
+
#
|
1173
|
+
# @option params [String] :server_protocol
|
1174
|
+
# The type of file transfer protocol to be tested.
|
1175
|
+
#
|
1176
|
+
# The available protocols are:
|
1177
|
+
#
|
1178
|
+
# * Secure Shell (SSH) File Transfer Protocol (SFTP)
|
1179
|
+
#
|
1180
|
+
# * File Transfer Protocol Secure (FTPS)
|
1181
|
+
#
|
1182
|
+
# * File Transfer Protocol (FTP)
|
1183
|
+
#
|
1184
|
+
# @option params [String] :source_ip
|
1185
|
+
# The source IP address of the user account to be tested.
|
1010
1186
|
#
|
1011
1187
|
# @option params [required, String] :user_name
|
1012
|
-
#
|
1188
|
+
# The name of the user account to be tested.
|
1013
1189
|
#
|
1014
1190
|
# @option params [String] :user_password
|
1015
1191
|
# The password of the user account to be tested.
|
@@ -1025,6 +1201,8 @@ module Aws::Transfer
|
|
1025
1201
|
#
|
1026
1202
|
# resp = client.test_identity_provider({
|
1027
1203
|
# server_id: "ServerId", # required
|
1204
|
+
# server_protocol: "SFTP", # accepts SFTP, FTP, FTPS
|
1205
|
+
# source_ip: "SourceIp",
|
1028
1206
|
# user_name: "UserName", # required
|
1029
1207
|
# user_password: "UserPassword",
|
1030
1208
|
# })
|
@@ -1052,9 +1230,9 @@ module Aws::Transfer
|
|
1052
1230
|
# No response is returned from this call.
|
1053
1231
|
#
|
1054
1232
|
# @option params [required, String] :arn
|
1055
|
-
#
|
1056
|
-
#
|
1057
|
-
#
|
1233
|
+
# The value of the resource that will have the tag removed. An Amazon
|
1234
|
+
# Resource Name (ARN) is an identifier for a specific AWS resource, such
|
1235
|
+
# as a server, user, or role.
|
1058
1236
|
#
|
1059
1237
|
# @option params [required, Array<String>] :tag_keys
|
1060
1238
|
# TagKeys are key-value pairs assigned to ARNs that can be used to group
|
@@ -1079,48 +1257,130 @@ module Aws::Transfer
|
|
1079
1257
|
req.send_request(options)
|
1080
1258
|
end
|
1081
1259
|
|
1082
|
-
# Updates the
|
1260
|
+
# Updates the file transfer protocol-enabled server's properties after
|
1261
|
+
# that server has been created.
|
1262
|
+
#
|
1263
|
+
# The `UpdateServer` call returns the `ServerId` of the server you
|
1264
|
+
# updated.
|
1265
|
+
#
|
1266
|
+
# @option params [String] :certificate
|
1267
|
+
# The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM)
|
1268
|
+
# certificate. Required when `Protocols` is set to `FTPS`.
|
1269
|
+
#
|
1270
|
+
# To request a new public certificate, see [Request a public
|
1271
|
+
# certificate][1] in the <i> AWS Certificate Manager User Guide</i>.
|
1272
|
+
#
|
1273
|
+
# To import an existing certificate into ACM, see [Importing
|
1274
|
+
# certificates into ACM][2] in the <i> AWS Certificate Manager User
|
1275
|
+
# Guide</i>.
|
1276
|
+
#
|
1277
|
+
# To request a private certificate to use FTPS through private IP
|
1278
|
+
# addresses, see [Request a private certificate][3] in the <i> AWS
|
1279
|
+
# Certificate Manager User Guide</i>.
|
1280
|
+
#
|
1281
|
+
# Certificates with the following cryptographic algorithms and key sizes
|
1282
|
+
# are supported:
|
1283
|
+
#
|
1284
|
+
# * 2048-bit RSA (RSA\_2048)
|
1285
|
+
#
|
1286
|
+
# * 4096-bit RSA (RSA\_4096)
|
1287
|
+
#
|
1288
|
+
# * Elliptic Prime Curve 256 bit (EC\_prime256v1)
|
1289
|
+
#
|
1290
|
+
# * Elliptic Prime Curve 384 bit (EC\_secp384r1)
|
1291
|
+
#
|
1292
|
+
# * Elliptic Prime Curve 521 bit (EC\_secp521r1)
|
1293
|
+
#
|
1294
|
+
# <note markdown="1"> The certificate must be a valid SSL/TLS X.509 version 3 certificate
|
1295
|
+
# with FQDN or IP address specified and information about the issuer.
|
1296
|
+
#
|
1297
|
+
# </note>
|
1083
1298
|
#
|
1084
|
-
#
|
1085
|
-
#
|
1299
|
+
#
|
1300
|
+
#
|
1301
|
+
# [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
|
1302
|
+
# [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
|
1303
|
+
# [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html
|
1086
1304
|
#
|
1087
1305
|
# @option params [Types::EndpointDetails] :endpoint_details
|
1088
1306
|
# The virtual private cloud (VPC) endpoint settings that are configured
|
1089
|
-
# for your
|
1090
|
-
# your
|
1091
|
-
# incoming internet traffic, you will need to associate
|
1092
|
-
# Elastic IP addresses with your server's endpoint.
|
1307
|
+
# for your file transfer protocol-enabled server. With a VPC endpoint,
|
1308
|
+
# you can restrict access to your server to resources only within your
|
1309
|
+
# VPC. To control incoming internet traffic, you will need to associate
|
1310
|
+
# one or more Elastic IP addresses with your server's endpoint.
|
1093
1311
|
#
|
1094
1312
|
# @option params [String] :endpoint_type
|
1095
|
-
# The type of endpoint that you want your
|
1096
|
-
# can choose to connect to the public internet
|
1097
|
-
#
|
1098
|
-
#
|
1313
|
+
# The type of endpoint that you want your file transfer protocol-enabled
|
1314
|
+
# server to connect to. You can choose to connect to the public internet
|
1315
|
+
# or a VPC endpoint. With a VPC endpoint, you can restrict access to
|
1316
|
+
# your server and resources only within your VPC.
|
1317
|
+
#
|
1318
|
+
# <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With this
|
1319
|
+
# endpoint type, you have the option to directly associate up to three
|
1320
|
+
# Elastic IPv4 addresses (BYO IP included) with your server's endpoint
|
1321
|
+
# and use VPC security groups to restrict traffic by the client's
|
1322
|
+
# public IP address. This is not possible with `EndpointType` set to
|
1323
|
+
# `VPC_ENDPOINT`.
|
1324
|
+
#
|
1325
|
+
# </note>
|
1099
1326
|
#
|
1100
1327
|
# @option params [String] :host_key
|
1101
|
-
# The RSA private key as generated by `ssh-keygen -N "" -f
|
1328
|
+
# The RSA private key as generated by `ssh-keygen -N "" -m PEM -f
|
1102
1329
|
# my-new-server-key`.
|
1103
1330
|
#
|
1104
1331
|
# If you aren't planning to migrate existing users from an existing
|
1105
|
-
#
|
1106
|
-
# Accidentally changing a server's host key can be
|
1332
|
+
# file transfer protocol-enabled server to a new server, don't update
|
1333
|
+
# the host key. Accidentally changing a server's host key can be
|
1334
|
+
# disruptive.
|
1335
|
+
#
|
1336
|
+
# For more information, see [Change the host key for your SFTP-enabled
|
1337
|
+
# server][1] in the *AWS Transfer Family User Guide*.
|
1107
1338
|
#
|
1108
|
-
#
|
1109
|
-
#
|
1110
|
-
#
|
1339
|
+
#
|
1340
|
+
#
|
1341
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key
|
1111
1342
|
#
|
1112
1343
|
# @option params [Types::IdentityProviderDetails] :identity_provider_details
|
1113
|
-
#
|
1114
|
-
#
|
1344
|
+
# An array containing all of the information required to call a
|
1345
|
+
# customer's authentication API method.
|
1115
1346
|
#
|
1116
1347
|
# @option params [String] :logging_role
|
1117
|
-
#
|
1118
|
-
#
|
1119
|
-
#
|
1348
|
+
# Changes the AWS Identity and Access Management (IAM) role that allows
|
1349
|
+
# Amazon S3 events to be logged in Amazon CloudWatch, turning logging on
|
1350
|
+
# or off.
|
1351
|
+
#
|
1352
|
+
# @option params [Array<String>] :protocols
|
1353
|
+
# Specifies the file transfer protocol or protocols over which your file
|
1354
|
+
# transfer protocol client can connect to your server's endpoint. The
|
1355
|
+
# available protocols are:
|
1356
|
+
#
|
1357
|
+
# * Secure Shell (SSH) File Transfer Protocol (SFTP): File transfer over
|
1358
|
+
# SSH
|
1359
|
+
#
|
1360
|
+
# * File Transfer Protocol Secure (FTPS): File transfer with TLS
|
1361
|
+
# encryption
|
1362
|
+
#
|
1363
|
+
# * File Transfer Protocol (FTP): Unencrypted file transfer
|
1364
|
+
#
|
1365
|
+
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in AWS
|
1366
|
+
# Certificate Manager (ACM) which will be used to identify your server
|
1367
|
+
# when clients connect to it over FTPS.
|
1368
|
+
#
|
1369
|
+
# If `Protocol` includes either `FTP` or `FTPS`, then the `EndpointType`
|
1370
|
+
# must be `VPC` and the `IdentityProviderType` must be `API_GATEWAY`.
|
1371
|
+
#
|
1372
|
+
# If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
|
1373
|
+
# associated.
|
1374
|
+
#
|
1375
|
+
# If `Protocol` is set only to `SFTP`, the `EndpointType` can be set to
|
1376
|
+
# `PUBLIC` and the `IdentityProviderType` can be set to
|
1377
|
+
# `SERVICE_MANAGED`.
|
1378
|
+
#
|
1379
|
+
# </note>
|
1120
1380
|
#
|
1121
1381
|
# @option params [required, String] :server_id
|
1122
|
-
# A system-assigned unique identifier for
|
1123
|
-
# the user account is assigned to.
|
1382
|
+
# A system-assigned unique identifier for a file transfer
|
1383
|
+
# protocol-enabled server instance that the user account is assigned to.
|
1124
1384
|
#
|
1125
1385
|
# @return [Types::UpdateServerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1126
1386
|
#
|
@@ -1129,6 +1389,7 @@ module Aws::Transfer
|
|
1129
1389
|
# @example Request syntax with placeholder values
|
1130
1390
|
#
|
1131
1391
|
# resp = client.update_server({
|
1392
|
+
# certificate: "Certificate",
|
1132
1393
|
# endpoint_details: {
|
1133
1394
|
# address_allocation_ids: ["AddressAllocationId"],
|
1134
1395
|
# subnet_ids: ["SubnetId"],
|
@@ -1142,6 +1403,7 @@ module Aws::Transfer
|
|
1142
1403
|
# invocation_role: "Role",
|
1143
1404
|
# },
|
1144
1405
|
# logging_role: "NullableRole",
|
1406
|
+
# protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
|
1145
1407
|
# server_id: "ServerId", # required
|
1146
1408
|
# })
|
1147
1409
|
#
|
@@ -1166,90 +1428,95 @@ module Aws::Transfer
|
|
1166
1428
|
# user.
|
1167
1429
|
#
|
1168
1430
|
# @option params [String] :home_directory
|
1169
|
-
#
|
1170
|
-
#
|
1431
|
+
# Specifies the landing directory (folder) for a user when they log in
|
1432
|
+
# to the file transfer protocol-enabled server using their file transfer
|
1433
|
+
# protocol client.
|
1171
1434
|
#
|
1172
|
-
# An example is
|
1435
|
+
# An example is `your-Amazon-S3-bucket-name>/home/username`.
|
1173
1436
|
#
|
1174
1437
|
# @option params [String] :home_directory_type
|
1175
1438
|
# The type of landing directory (folder) you want your users' home
|
1176
|
-
# directory to be when they log into the
|
1177
|
-
# `PATH`, the user will see the absolute Amazon
|
1178
|
-
#
|
1179
|
-
#
|
1180
|
-
#
|
1439
|
+
# directory to be when they log into the file transfer protocol-enabled
|
1440
|
+
# server. If you set it to `PATH`, the user will see the absolute Amazon
|
1441
|
+
# S3 bucket paths as is in their file transfer protocol clients. If you
|
1442
|
+
# set it `LOGICAL`, you will need to provide mappings in the
|
1443
|
+
# `HomeDirectoryMappings` for how you want to make Amazon S3 paths
|
1444
|
+
# visible to your users.
|
1181
1445
|
#
|
1182
1446
|
# @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
|
1183
|
-
# Logical directory mappings that specify what S3 paths and keys
|
1184
|
-
# be visible to your user and how you want to make them visible.
|
1185
|
-
# will need to specify the "`Entry`" and "`Target`" pair, where
|
1447
|
+
# Logical directory mappings that specify what Amazon S3 paths and keys
|
1448
|
+
# should be visible to your user and how you want to make them visible.
|
1449
|
+
# You will need to specify the "`Entry`" and "`Target`" pair, where
|
1186
1450
|
# `Entry` shows how the path is made visible and `Target` is the actual
|
1187
|
-
# S3 path. If you only specify a target, it will be displayed as
|
1188
|
-
# will need to also make sure that your
|
1189
|
-
# paths in `Target`. The following is an example.
|
1451
|
+
# Amazon S3 path. If you only specify a target, it will be displayed as
|
1452
|
+
# is. You will need to also make sure that your IAM role provides access
|
1453
|
+
# to paths in `Target`. The following is an example.
|
1190
1454
|
#
|
1191
1455
|
# `'[ "/bucket2/documentation", \{ "Entry": "your-personal-report.pdf",
|
1192
1456
|
# "Target": "/bucket3/customized-reports/$\{transfer:UserName\}.pdf" \}
|
1193
1457
|
# ]'`
|
1194
1458
|
#
|
1195
|
-
# In most cases, you can use this value instead of the scope
|
1459
|
+
# In most cases, you can use this value instead of the scope-down policy
|
1196
1460
|
# to lock your user down to the designated home directory ("chroot").
|
1197
1461
|
# To do this, you can set `Entry` to '/' and set `Target` to the
|
1198
1462
|
# HomeDirectory parameter value.
|
1199
1463
|
#
|
1200
|
-
# <note markdown="1"> If the target of a logical directory entry does not exist in
|
1201
|
-
# entry will be ignored. As a workaround, you can use the
|
1202
|
-
# create 0 byte objects as place holders for your directory.
|
1203
|
-
# the CLI, use the s3api call instead of s3 so you can use
|
1204
|
-
# put-object operation. For example, you use the following: `aws
|
1205
|
-
# put-object --bucket bucketname --key path/to/folder/`. Make sure
|
1206
|
-
# the end of the key name ends in a / for it to be considered a
|
1464
|
+
# <note markdown="1"> If the target of a logical directory entry does not exist in Amazon
|
1465
|
+
# S3, the entry will be ignored. As a workaround, you can use the Amazon
|
1466
|
+
# S3 api to create 0 byte objects as place holders for your directory.
|
1467
|
+
# If using the CLI, use the `s3api` call instead of `s3` so you can use
|
1468
|
+
# the put-object operation. For example, you use the following: `aws
|
1469
|
+
# s3api put-object --bucket bucketname --key path/to/folder/`. Make sure
|
1470
|
+
# that the end of the key name ends in a / for it to be considered a
|
1471
|
+
# folder.
|
1207
1472
|
#
|
1208
1473
|
# </note>
|
1209
1474
|
#
|
1210
1475
|
# @option params [String] :policy
|
1211
1476
|
# Allows you to supply a scope-down policy for your user so you can use
|
1212
|
-
# the same
|
1213
|
-
#
|
1214
|
-
#
|
1215
|
-
# `$\{Transfer:
|
1216
|
-
# `$\{Transfer:HomeBucket\}`.
|
1477
|
+
# the same IAM role across multiple users. The policy scopes down user
|
1478
|
+
# access to portions of your Amazon S3 bucket. Variables you can use
|
1479
|
+
# inside this policy include `$\{Transfer:UserName\}`,
|
1480
|
+
# `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
|
1217
1481
|
#
|
1218
|
-
# <note markdown="1"> For scope-down policies, AWS Transfer
|
1482
|
+
# <note markdown="1"> For scope-down policies, AWS Transfer Family stores the policy as a
|
1219
1483
|
# JSON blob, instead of the Amazon Resource Name (ARN) of the policy.
|
1220
1484
|
# You save the policy as a JSON blob and pass it in the `Policy`
|
1221
1485
|
# argument.
|
1222
1486
|
#
|
1223
|
-
# For an example of a scope-down policy, see
|
1224
|
-
#
|
1225
|
-
# a Scope-Down Policy.
|
1487
|
+
# For an example of a scope-down policy, see [Creating a scope-down
|
1488
|
+
# policy][1].
|
1226
1489
|
#
|
1227
|
-
# For more information, see
|
1228
|
-
#
|
1229
|
-
# in the *AWS Security Token Service API Reference*.
|
1490
|
+
# For more information, see [AssumeRole][2] in the *AWS Security Token
|
1491
|
+
# Service API Reference*.
|
1230
1492
|
#
|
1231
1493
|
# </note>
|
1232
1494
|
#
|
1495
|
+
#
|
1496
|
+
#
|
1497
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/users.html#users-policies-scope-down
|
1498
|
+
# [2]: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
|
1499
|
+
#
|
1233
1500
|
# @option params [String] :role
|
1234
|
-
# The IAM role that controls your
|
1501
|
+
# The IAM role that controls your users' access to your Amazon S3
|
1235
1502
|
# bucket. The policies attached to this role will determine the level of
|
1236
1503
|
# access you want to provide your users when transferring files into and
|
1237
1504
|
# out of your Amazon S3 bucket or buckets. The IAM role should also
|
1238
|
-
# contain a trust relationship that allows the
|
1239
|
-
#
|
1240
|
-
#
|
1505
|
+
# contain a trust relationship that allows the file transfer
|
1506
|
+
# protocol-enabled server to access your resources when servicing your
|
1507
|
+
# users' transfer requests.
|
1241
1508
|
#
|
1242
1509
|
# @option params [required, String] :server_id
|
1243
|
-
# A system-assigned unique identifier for
|
1244
|
-
# the user account is assigned to.
|
1510
|
+
# A system-assigned unique identifier for a file transfer
|
1511
|
+
# protocol-enabled server instance that the user account is assigned to.
|
1245
1512
|
#
|
1246
1513
|
# @option params [required, String] :user_name
|
1247
|
-
# A unique string that identifies a user and is associated with a
|
1248
|
-
# as specified by the `ServerId`. This
|
1249
|
-
# by your user when they log in to your
|
1250
|
-
# minimum of 3 and a maximum of 32
|
1251
|
-
# valid characters: a-z, A-Z, 0-9,
|
1252
|
-
# can't start with a hyphen.
|
1514
|
+
# A unique string that identifies a user and is associated with a file
|
1515
|
+
# transfer protocol-enabled server as specified by the `ServerId`. This
|
1516
|
+
# is the string that will be used by your user when they log in to your
|
1517
|
+
# server. This user name is a minimum of 3 and a maximum of 32
|
1518
|
+
# characters long. The following are valid characters: a-z, A-Z, 0-9,
|
1519
|
+
# underscore, and hyphen. The user name can't start with a hyphen.
|
1253
1520
|
#
|
1254
1521
|
# @return [Types::UpdateUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1255
1522
|
#
|
@@ -1300,7 +1567,7 @@ module Aws::Transfer
|
|
1300
1567
|
params: params,
|
1301
1568
|
config: config)
|
1302
1569
|
context[:gem_name] = 'aws-sdk-transfer'
|
1303
|
-
context[:gem_version] = '1.
|
1570
|
+
context[:gem_version] = '1.21.0'
|
1304
1571
|
Seahorse::Client::Request.new(handlers, context)
|
1305
1572
|
end
|
1306
1573
|
|