aws-sdk-transfer 1.17.0 → 1.22.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-transfer.rb +4 -4
- data/lib/aws-sdk-transfer/client.rb +431 -217
- data/lib/aws-sdk-transfer/client_api.rb +23 -1
- data/lib/aws-sdk-transfer/errors.rb +16 -0
- data/lib/aws-sdk-transfer/resource.rb +1 -7
- data/lib/aws-sdk-transfer/types.rb +625 -354
- metadata +8 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b4db4a56c0a0adf16002ad4b1fe63dfadfc49c44cd8db6acd43ee52bd1543bed
|
4
|
+
data.tar.gz: 49de814671006e70ac823c3f731546299fcc590330fcb5320eed112a9c1e5fe2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ea931e340d96e0b27b286dd0dea466d868dbb2ce53f0952f40004a9b51d8c9bbb2b64a6a84a784af14dc694db5e68d21b4749704260e36629c582e48205e9508
|
7
|
+
data.tar.gz: f68f4e8ebe6d2dd04c6aeb180665498fa1980723e0d6988fb9b8a3971bc603375726422e431ed79388b47aa9c80c69854b5da22c8481b8e1b1f919af30f17e5a
|
data/lib/aws-sdk-transfer.rb
CHANGED
@@ -15,7 +15,7 @@ require_relative 'aws-sdk-transfer/errors'
|
|
15
15
|
require_relative 'aws-sdk-transfer/resource'
|
16
16
|
require_relative 'aws-sdk-transfer/customizations'
|
17
17
|
|
18
|
-
# This module provides support for AWS Transfer
|
18
|
+
# This module provides support for AWS Transfer Family. This module is available in the
|
19
19
|
# `aws-sdk-transfer` gem.
|
20
20
|
#
|
21
21
|
# # Client
|
@@ -31,13 +31,13 @@ require_relative 'aws-sdk-transfer/customizations'
|
|
31
31
|
#
|
32
32
|
# # Errors
|
33
33
|
#
|
34
|
-
# Errors returned from AWS Transfer
|
34
|
+
# Errors returned from AWS Transfer Family are defined in the
|
35
35
|
# {Errors} module and all extend {Errors::ServiceError}.
|
36
36
|
#
|
37
37
|
# begin
|
38
38
|
# # do stuff
|
39
39
|
# rescue Aws::Transfer::Errors::ServiceError
|
40
|
-
# # rescues all AWS Transfer
|
40
|
+
# # rescues all AWS Transfer Family API errors
|
41
41
|
# end
|
42
42
|
#
|
43
43
|
# See {Errors} for more information.
|
@@ -45,6 +45,6 @@ require_relative 'aws-sdk-transfer/customizations'
|
|
45
45
|
# @service
|
46
46
|
module Aws::Transfer
|
47
47
|
|
48
|
-
GEM_VERSION = '1.
|
48
|
+
GEM_VERSION = '1.22.1'
|
49
49
|
|
50
50
|
end
|
@@ -24,6 +24,7 @@ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
|
|
24
24
|
require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
25
25
|
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
26
26
|
require 'aws-sdk-core/plugins/transfer_encoding.rb'
|
27
|
+
require 'aws-sdk-core/plugins/http_checksum.rb'
|
27
28
|
require 'aws-sdk-core/plugins/signature_v4.rb'
|
28
29
|
require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
|
29
30
|
|
@@ -69,6 +70,7 @@ module Aws::Transfer
|
|
69
70
|
add_plugin(Aws::Plugins::ClientMetricsPlugin)
|
70
71
|
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
71
72
|
add_plugin(Aws::Plugins::TransferEncoding)
|
73
|
+
add_plugin(Aws::Plugins::HttpChecksum)
|
72
74
|
add_plugin(Aws::Plugins::SignatureV4)
|
73
75
|
add_plugin(Aws::Plugins::Protocols::JsonRpc)
|
74
76
|
|
@@ -105,7 +107,7 @@ module Aws::Transfer
|
|
105
107
|
# @option options [required, String] :region
|
106
108
|
# The AWS region to connect to. The configured `:region` is
|
107
109
|
# used to determine the service `:endpoint`. When not passed,
|
108
|
-
# a default `:region` is
|
110
|
+
# a default `:region` is searched for in the following locations:
|
109
111
|
#
|
110
112
|
# * `Aws.config[:region]`
|
111
113
|
# * `ENV['AWS_REGION']`
|
@@ -161,7 +163,7 @@ module Aws::Transfer
|
|
161
163
|
# @option options [String] :endpoint
|
162
164
|
# The client endpoint is normally constructed from the `:region`
|
163
165
|
# option. You should only configure an `:endpoint` when connecting
|
164
|
-
# to test endpoints. This should be
|
166
|
+
# to test or custom endpoints. This should be a valid HTTP(S) URI.
|
165
167
|
#
|
166
168
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
167
169
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
@@ -176,7 +178,7 @@ module Aws::Transfer
|
|
176
178
|
# requests fetching endpoints information. Defaults to 60 sec.
|
177
179
|
#
|
178
180
|
# @option options [Boolean] :endpoint_discovery (false)
|
179
|
-
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
181
|
+
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
180
182
|
#
|
181
183
|
# @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
|
182
184
|
# The log formatter.
|
@@ -279,8 +281,7 @@ module Aws::Transfer
|
|
279
281
|
#
|
280
282
|
# @option options [Integer] :http_read_timeout (60) The default
|
281
283
|
# number of seconds to wait for response data. This value can
|
282
|
-
# safely be set
|
283
|
-
# per-request on the session yielded by {#session_for}.
|
284
|
+
# safely be set per-request on the session.
|
284
285
|
#
|
285
286
|
# @option options [Float] :http_idle_timeout (5) The number of
|
286
287
|
# seconds a connection is allowed to sit idle before it is
|
@@ -292,7 +293,7 @@ module Aws::Transfer
|
|
292
293
|
# request body. This option has no effect unless the request has
|
293
294
|
# "Expect" header set to "100-continue". Defaults to `nil` which
|
294
295
|
# disables this behaviour. This value can safely be set per
|
295
|
-
# request on the session
|
296
|
+
# request on the session.
|
296
297
|
#
|
297
298
|
# @option options [Boolean] :http_wire_trace (false) When `true`,
|
298
299
|
# HTTP debug output will be sent to the `:logger`.
|
@@ -319,58 +320,140 @@ module Aws::Transfer
|
|
319
320
|
|
320
321
|
# @!group API Operations
|
321
322
|
|
322
|
-
# Instantiates an autoscaling virtual server based on
|
323
|
-
#
|
324
|
-
# or when you work with users, use the
|
325
|
-
# property that is assigned to the newly
|
323
|
+
# Instantiates an autoscaling virtual server based on the selected file
|
324
|
+
# transfer protocol in AWS. When you make updates to your file transfer
|
325
|
+
# protocol-enabled server or when you work with users, use the
|
326
|
+
# service-generated `ServerId` property that is assigned to the newly
|
327
|
+
# created server.
|
328
|
+
#
|
329
|
+
# @option params [String] :certificate
|
330
|
+
# The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM)
|
331
|
+
# certificate. Required when `Protocols` is set to `FTPS`.
|
332
|
+
#
|
333
|
+
# To request a new public certificate, see [Request a public
|
334
|
+
# certificate][1] in the <i> AWS Certificate Manager User Guide</i>.
|
335
|
+
#
|
336
|
+
# To import an existing certificate into ACM, see [Importing
|
337
|
+
# certificates into ACM][2] in the <i> AWS Certificate Manager User
|
338
|
+
# Guide</i>.
|
339
|
+
#
|
340
|
+
# To request a private certificate to use FTPS through private IP
|
341
|
+
# addresses, see [Request a private certificate][3] in the <i> AWS
|
342
|
+
# Certificate Manager User Guide</i>.
|
343
|
+
#
|
344
|
+
# Certificates with the following cryptographic algorithms and key sizes
|
345
|
+
# are supported:
|
346
|
+
#
|
347
|
+
# * 2048-bit RSA (RSA\_2048)
|
348
|
+
#
|
349
|
+
# * 4096-bit RSA (RSA\_4096)
|
350
|
+
#
|
351
|
+
# * Elliptic Prime Curve 256 bit (EC\_prime256v1)
|
352
|
+
#
|
353
|
+
# * Elliptic Prime Curve 384 bit (EC\_secp384r1)
|
354
|
+
#
|
355
|
+
# * Elliptic Prime Curve 521 bit (EC\_secp521r1)
|
356
|
+
#
|
357
|
+
# <note markdown="1"> The certificate must be a valid SSL/TLS X.509 version 3 certificate
|
358
|
+
# with FQDN or IP address specified and information about the issuer.
|
359
|
+
#
|
360
|
+
# </note>
|
361
|
+
#
|
362
|
+
#
|
363
|
+
#
|
364
|
+
# [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
|
365
|
+
# [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
|
366
|
+
# [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html
|
326
367
|
#
|
327
368
|
# @option params [Types::EndpointDetails] :endpoint_details
|
328
369
|
# The virtual private cloud (VPC) endpoint settings that are configured
|
329
|
-
# for your
|
330
|
-
# your
|
331
|
-
#
|
332
|
-
#
|
370
|
+
# for your file transfer protocol-enabled server. When you host your
|
371
|
+
# endpoint within your VPC, you can make it accessible only to resources
|
372
|
+
# within your VPC, or you can attach Elastic IPs and make it accessible
|
373
|
+
# to clients over the internet. Your VPC's default security groups are
|
374
|
+
# automatically assigned to your endpoint.
|
333
375
|
#
|
334
376
|
# @option params [String] :endpoint_type
|
335
|
-
# The type of VPC endpoint that you want your
|
336
|
-
#
|
337
|
-
#
|
338
|
-
# your
|
377
|
+
# The type of VPC endpoint that you want your file transfer
|
378
|
+
# protocol-enabled server to connect to. You can choose to connect to
|
379
|
+
# the public internet or a VPC endpoint. With a VPC endpoint, you can
|
380
|
+
# restrict access to your server and resources only within your VPC.
|
381
|
+
#
|
382
|
+
# <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With this
|
383
|
+
# endpoint type, you have the option to directly associate up to three
|
384
|
+
# Elastic IPv4 addresses (BYO IP included) with your server's endpoint
|
385
|
+
# and use VPC security groups to restrict traffic by the client's
|
386
|
+
# public IP address. This is not possible with `EndpointType` set to
|
387
|
+
# `VPC_ENDPOINT`.
|
388
|
+
#
|
389
|
+
# </note>
|
339
390
|
#
|
340
391
|
# @option params [String] :host_key
|
341
|
-
# The RSA private key as generated by the `ssh-keygen -N "" -f
|
392
|
+
# The RSA private key as generated by the `ssh-keygen -N "" -m PEM -f
|
342
393
|
# my-new-server-key` command.
|
343
394
|
#
|
344
395
|
# If you aren't planning to migrate existing users from an existing
|
345
|
-
# SFTP server to a new
|
396
|
+
# SFTP-enabled server to a new server, don't update the host key.
|
346
397
|
# Accidentally changing a server's host key can be disruptive.
|
347
398
|
#
|
348
|
-
# For more information, see
|
349
|
-
#
|
350
|
-
#
|
399
|
+
# For more information, see [Change the host key for your SFTP-enabled
|
400
|
+
# server][1] in the *AWS Transfer Family User Guide*.
|
401
|
+
#
|
402
|
+
#
|
403
|
+
#
|
404
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key
|
351
405
|
#
|
352
406
|
# @option params [Types::IdentityProviderDetails] :identity_provider_details
|
353
|
-
#
|
354
|
-
#
|
355
|
-
#
|
356
|
-
#
|
357
|
-
# `IdentityProviderType` is set to `SERVICE_MANAGED`.
|
407
|
+
# Required when `IdentityProviderType` is set to `API_GATEWAY`. Accepts
|
408
|
+
# an array containing all of the information required to call a
|
409
|
+
# customer-supplied authentication API, including the API Gateway URL.
|
410
|
+
# Not required when `IdentityProviderType` is set to `SERVICE_MANAGED`.
|
358
411
|
#
|
359
412
|
# @option params [String] :identity_provider_type
|
360
|
-
# Specifies the mode of authentication for
|
361
|
-
# value is `SERVICE_MANAGED`, which
|
362
|
-
#
|
363
|
-
# `API_GATEWAY` value to integrate with
|
364
|
-
# choosing. The `API_GATEWAY` setting
|
365
|
-
# Gateway endpoint URL to call for
|
366
|
-
# `IdentityProviderDetails` parameter.
|
413
|
+
# Specifies the mode of authentication for a file transfer
|
414
|
+
# protocol-enabled server. The default value is `SERVICE_MANAGED`, which
|
415
|
+
# allows you to store and access user credentials within the AWS
|
416
|
+
# Transfer Family service. Use the `API_GATEWAY` value to integrate with
|
417
|
+
# an identity provider of your choosing. The `API_GATEWAY` setting
|
418
|
+
# requires you to provide an API Gateway endpoint URL to call for
|
419
|
+
# authentication using the `IdentityProviderDetails` parameter.
|
367
420
|
#
|
368
421
|
# @option params [String] :logging_role
|
369
|
-
#
|
370
|
-
#
|
422
|
+
# Allows the service to write your users' activity to your Amazon
|
423
|
+
# CloudWatch logs for monitoring and auditing purposes.
|
424
|
+
#
|
425
|
+
# @option params [Array<String>] :protocols
|
426
|
+
# Specifies the file transfer protocol or protocols over which your file
|
427
|
+
# transfer protocol client can connect to your server's endpoint. The
|
428
|
+
# available protocols are:
|
429
|
+
#
|
430
|
+
# * `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer
|
431
|
+
# over SSH
|
432
|
+
#
|
433
|
+
# * `FTPS` (File Transfer Protocol Secure): File transfer with TLS
|
434
|
+
# encryption
|
435
|
+
#
|
436
|
+
# * `FTP` (File Transfer Protocol): Unencrypted file transfer
|
437
|
+
#
|
438
|
+
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in AWS
|
439
|
+
# Certificate Manager (ACM) which will be used to identify your server
|
440
|
+
# when clients connect to it over FTPS.
|
441
|
+
#
|
442
|
+
# If `Protocol` includes either `FTP` or `FTPS`, then the `EndpointType`
|
443
|
+
# must be `VPC` and the `IdentityProviderType` must be `API_GATEWAY`.
|
444
|
+
#
|
445
|
+
# If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
|
446
|
+
# associated.
|
447
|
+
#
|
448
|
+
# If `Protocol` is set only to `SFTP`, the `EndpointType` can be set to
|
449
|
+
# `PUBLIC` and the `IdentityProviderType` can be set to
|
450
|
+
# `SERVICE_MANAGED`.
|
451
|
+
#
|
452
|
+
# </note>
|
371
453
|
#
|
372
454
|
# @option params [Array<Types::Tag>] :tags
|
373
|
-
# Key-value pairs that can be used to group and search for
|
455
|
+
# Key-value pairs that can be used to group and search for file transfer
|
456
|
+
# protocol-enabled servers.
|
374
457
|
#
|
375
458
|
# @return [Types::CreateServerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
376
459
|
#
|
@@ -379,6 +462,7 @@ module Aws::Transfer
|
|
379
462
|
# @example Request syntax with placeholder values
|
380
463
|
#
|
381
464
|
# resp = client.create_server({
|
465
|
+
# certificate: "Certificate",
|
382
466
|
# endpoint_details: {
|
383
467
|
# address_allocation_ids: ["AddressAllocationId"],
|
384
468
|
# subnet_ids: ["SubnetId"],
|
@@ -393,6 +477,7 @@ module Aws::Transfer
|
|
393
477
|
# },
|
394
478
|
# identity_provider_type: "SERVICE_MANAGED", # accepts SERVICE_MANAGED, API_GATEWAY
|
395
479
|
# logging_role: "Role",
|
480
|
+
# protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
|
396
481
|
# tags: [
|
397
482
|
# {
|
398
483
|
# key: "TagKey", # required
|
@@ -414,54 +499,57 @@ module Aws::Transfer
|
|
414
499
|
req.send_request(options)
|
415
500
|
end
|
416
501
|
|
417
|
-
# Creates a user and associates them with an existing
|
418
|
-
#
|
419
|
-
#
|
420
|
-
#
|
421
|
-
# the
|
422
|
-
#
|
423
|
-
#
|
424
|
-
#
|
502
|
+
# Creates a user and associates them with an existing file transfer
|
503
|
+
# protocol-enabled server. You can only create and associate users with
|
504
|
+
# servers that have the `IdentityProviderType` set to `SERVICE_MANAGED`.
|
505
|
+
# Using parameters for `CreateUser`, you can specify the user name, set
|
506
|
+
# the home directory, store the user's public key, and assign the
|
507
|
+
# user's AWS Identity and Access Management (IAM) role. You can also
|
508
|
+
# optionally add a scope-down policy, and assign metadata with tags that
|
509
|
+
# can be used to group and search for users.
|
425
510
|
#
|
426
511
|
# @option params [String] :home_directory
|
427
|
-
# The landing directory (folder) for a user when they log in to the
|
428
|
-
# server using
|
512
|
+
# The landing directory (folder) for a user when they log in to the file
|
513
|
+
# transfer protocol-enabled server using the client.
|
429
514
|
#
|
430
|
-
# An example is
|
515
|
+
# An example is <i>
|
516
|
+
# <code>your-Amazon-S3-bucket-name>/home/username</code> </i>.
|
431
517
|
#
|
432
518
|
# @option params [String] :home_directory_type
|
433
519
|
# The type of landing directory (folder) you want your users' home
|
434
|
-
# directory to be when they log into the
|
435
|
-
# `PATH`, the user will see the absolute Amazon
|
436
|
-
#
|
437
|
-
#
|
438
|
-
#
|
520
|
+
# directory to be when they log into the file transfer protocol-enabled
|
521
|
+
# server. If you set it to `PATH`, the user will see the absolute Amazon
|
522
|
+
# S3 bucket paths as is in their file transfer protocol clients. If you
|
523
|
+
# set it `LOGICAL`, you will need to provide mappings in the
|
524
|
+
# `HomeDirectoryMappings` for how you want to make Amazon S3 paths
|
525
|
+
# visible to your users.
|
439
526
|
#
|
440
527
|
# @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
|
441
|
-
# Logical directory mappings that specify what S3 paths and keys
|
442
|
-
# be visible to your user and how you want to make them visible.
|
443
|
-
# will need to specify the "`Entry`" and "`Target`" pair, where
|
528
|
+
# Logical directory mappings that specify what Amazon S3 paths and keys
|
529
|
+
# should be visible to your user and how you want to make them visible.
|
530
|
+
# You will need to specify the "`Entry`" and "`Target`" pair, where
|
444
531
|
# `Entry` shows how the path is made visible and `Target` is the actual
|
445
|
-
# S3 path. If you only specify a target, it will be displayed as
|
446
|
-
# will need to also make sure that your
|
447
|
-
# paths in `Target`. The following is an example.
|
532
|
+
# Amazon S3 path. If you only specify a target, it will be displayed as
|
533
|
+
# is. You will need to also make sure that your IAM role provides access
|
534
|
+
# to paths in `Target`. The following is an example.
|
448
535
|
#
|
449
536
|
# `'[ "/bucket2/documentation", \{ "Entry": "your-personal-report.pdf",
|
450
537
|
# "Target": "/bucket3/customized-reports/$\{transfer:UserName\}.pdf" \}
|
451
538
|
# ]'`
|
452
539
|
#
|
453
|
-
# In most cases, you can use this value instead of the scope
|
540
|
+
# In most cases, you can use this value instead of the scope-down policy
|
454
541
|
# to lock your user down to the designated home directory ("chroot").
|
455
542
|
# To do this, you can set `Entry` to '/' and set `Target` to the
|
456
543
|
# HomeDirectory parameter value.
|
457
544
|
#
|
458
|
-
# <note markdown="1"> If the target of a logical directory entry does not exist in
|
459
|
-
# entry will be ignored. As a workaround, you can use the
|
460
|
-
# create 0 byte objects as place holders for your directory.
|
461
|
-
# the CLI, use the s3api call instead of s3 so you can use
|
462
|
-
# put-object operation. For example, you use the following: `aws
|
463
|
-
# put-object --bucket bucketname --key path/to/folder/`. Make sure
|
464
|
-
# the end of the key name ends in a / for it to be considered a
|
545
|
+
# <note markdown="1"> If the target of a logical directory entry does not exist in Amazon
|
546
|
+
# S3, the entry will be ignored. As a workaround, you can use the Amazon
|
547
|
+
# S3 api to create 0 byte objects as place holders for your directory.
|
548
|
+
# If using the CLI, use the `s3api` call instead of `s3` so you can use
|
549
|
+
# the put-object operation. For example, you use the following: `aws
|
550
|
+
# s3api put-object --bucket bucketname --key path/to/folder/`. Make sure
|
551
|
+
# that the end of the key name ends in a '/' for it to be considered a
|
552
|
+
# folder.
|
465
553
|
#
|
466
554
|
# </note>
|
467
555
|
#
|
@@ -472,47 +560,52 @@ module Aws::Transfer
|
|
472
560
|
# policy include `$\{Transfer:UserName\}`,
|
473
561
|
# `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
|
474
562
|
#
|
475
|
-
# <note markdown="1"> For scope-down policies, AWS Transfer
|
563
|
+
# <note markdown="1"> For scope-down policies, AWS Transfer Family stores the policy as a
|
476
564
|
# JSON blob, instead of the Amazon Resource Name (ARN) of the policy.
|
477
565
|
# You save the policy as a JSON blob and pass it in the `Policy`
|
478
566
|
# argument.
|
479
567
|
#
|
480
|
-
# For an example of a scope-down policy, see
|
481
|
-
#
|
482
|
-
# a Scope-Down Policy.
|
568
|
+
# For an example of a scope-down policy, see [Creating a scope-down
|
569
|
+
# policy][1].
|
483
570
|
#
|
484
|
-
# For more information, see
|
485
|
-
#
|
486
|
-
# in the *AWS Security Token Service API Reference*.
|
571
|
+
# For more information, see [AssumeRole][2] in the *AWS Security Token
|
572
|
+
# Service API Reference*.
|
487
573
|
#
|
488
574
|
# </note>
|
489
575
|
#
|
576
|
+
#
|
577
|
+
#
|
578
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/users.html#users-policies-scope-down
|
579
|
+
# [2]: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
|
580
|
+
#
|
490
581
|
# @option params [required, String] :role
|
491
|
-
# The IAM role that controls your
|
582
|
+
# The IAM role that controls your users' access to your Amazon S3
|
492
583
|
# bucket. The policies attached to this role will determine the level of
|
493
584
|
# access you want to provide your users when transferring files into and
|
494
585
|
# out of your Amazon S3 bucket or buckets. The IAM role should also
|
495
|
-
# contain a trust relationship that allows the
|
496
|
-
# your resources when servicing your
|
586
|
+
# contain a trust relationship that allows the file transfer
|
587
|
+
# protocol-enabled server to access your resources when servicing your
|
588
|
+
# users' transfer requests.
|
497
589
|
#
|
498
590
|
# @option params [required, String] :server_id
|
499
|
-
# A system-assigned unique identifier for
|
500
|
-
# is the specific
|
591
|
+
# A system-assigned unique identifier for a file transfer
|
592
|
+
# protocol-enabled server instance. This is the specific server that you
|
593
|
+
# added your user to.
|
501
594
|
#
|
502
595
|
# @option params [String] :ssh_public_key_body
|
503
596
|
# The public portion of the Secure Shell (SSH) key used to authenticate
|
504
|
-
# the user to the
|
597
|
+
# the user to the file transfer protocol-enabled server.
|
505
598
|
#
|
506
599
|
# @option params [Array<Types::Tag>] :tags
|
507
600
|
# Key-value pairs that can be used to group and search for users. Tags
|
508
601
|
# are metadata attached to users for any purpose.
|
509
602
|
#
|
510
603
|
# @option params [required, String] :user_name
|
511
|
-
# A unique string that identifies a user and is associated with a
|
512
|
-
# as specified by the `ServerId`. This
|
513
|
-
# and a maximum of 32 characters long.
|
514
|
-
# characters: a-z, A-Z, 0-9, underscore, and
|
515
|
-
# can't start with a hyphen.
|
604
|
+
# A unique string that identifies a user and is associated with a file
|
605
|
+
# transfer protocol-enabled server as specified by the `ServerId`. This
|
606
|
+
# user name must be a minimum of 3 and a maximum of 32 characters long.
|
607
|
+
# The following are valid characters: a-z, A-Z, 0-9, underscore, and
|
608
|
+
# hyphen. The user name can't start with a hyphen.
|
516
609
|
#
|
517
610
|
# @return [Types::CreateUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
518
611
|
#
|
@@ -557,13 +650,13 @@ module Aws::Transfer
|
|
557
650
|
req.send_request(options)
|
558
651
|
end
|
559
652
|
|
560
|
-
# Deletes the
|
561
|
-
# specify.
|
653
|
+
# Deletes the file transfer protocol-enabled server that you specify.
|
562
654
|
#
|
563
655
|
# No response returns from this operation.
|
564
656
|
#
|
565
657
|
# @option params [required, String] :server_id
|
566
|
-
# A unique system-assigned identifier for
|
658
|
+
# A unique system-assigned identifier for a file transfer
|
659
|
+
# protocol-enabled server instance.
|
567
660
|
#
|
568
661
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
569
662
|
#
|
@@ -587,8 +680,8 @@ module Aws::Transfer
|
|
587
680
|
# No response is returned from this operation.
|
588
681
|
#
|
589
682
|
# @option params [required, String] :server_id
|
590
|
-
# A system-assigned unique identifier for a
|
591
|
-
#
|
683
|
+
# A system-assigned unique identifier for a file transfer
|
684
|
+
# protocol-enabled server instance that has the user assigned to it.
|
592
685
|
#
|
593
686
|
# @option params [required, String] :ssh_public_key_id
|
594
687
|
# A unique identifier used to reference your user's specific SSH key.
|
@@ -616,7 +709,8 @@ module Aws::Transfer
|
|
616
709
|
req.send_request(options)
|
617
710
|
end
|
618
711
|
|
619
|
-
# Deletes the user belonging to
|
712
|
+
# Deletes the user belonging to a file transfer protocol-enabled server
|
713
|
+
# you specify.
|
620
714
|
#
|
621
715
|
# No response returns from this operation.
|
622
716
|
#
|
@@ -625,12 +719,12 @@ module Aws::Transfer
|
|
625
719
|
# </note>
|
626
720
|
#
|
627
721
|
# @option params [required, String] :server_id
|
628
|
-
# A system-assigned unique identifier for
|
629
|
-
# has the user assigned to it.
|
722
|
+
# A system-assigned unique identifier for a file transfer
|
723
|
+
# protocol-enabled server instance that has the user assigned to it.
|
630
724
|
#
|
631
725
|
# @option params [required, String] :user_name
|
632
|
-
# A unique string that identifies a user that is being deleted from
|
633
|
-
# server.
|
726
|
+
# A unique string that identifies a user that is being deleted from a
|
727
|
+
# file transfer protocol-enabled server.
|
634
728
|
#
|
635
729
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
636
730
|
#
|
@@ -650,15 +744,16 @@ module Aws::Transfer
|
|
650
744
|
req.send_request(options)
|
651
745
|
end
|
652
746
|
|
653
|
-
# Describes
|
654
|
-
# parameter.
|
747
|
+
# Describes a file transfer protocol-enabled server that you specify by
|
748
|
+
# passing the `ServerId` parameter.
|
655
749
|
#
|
656
|
-
# The response contains a description of
|
750
|
+
# The response contains a description of a server's properties. When
|
657
751
|
# you set `EndpointType` to VPC, the response will contain the
|
658
752
|
# `EndpointDetails`.
|
659
753
|
#
|
660
754
|
# @option params [required, String] :server_id
|
661
|
-
# A system-assigned unique identifier for
|
755
|
+
# A system-assigned unique identifier for a file transfer
|
756
|
+
# protocol-enabled server.
|
662
757
|
#
|
663
758
|
# @return [Types::DescribeServerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
664
759
|
#
|
@@ -673,6 +768,7 @@ module Aws::Transfer
|
|
673
768
|
# @example Response structure
|
674
769
|
#
|
675
770
|
# resp.server.arn #=> String
|
771
|
+
# resp.server.certificate #=> String
|
676
772
|
# resp.server.endpoint_details.address_allocation_ids #=> Array
|
677
773
|
# resp.server.endpoint_details.address_allocation_ids[0] #=> String
|
678
774
|
# resp.server.endpoint_details.subnet_ids #=> Array
|
@@ -685,6 +781,8 @@ module Aws::Transfer
|
|
685
781
|
# resp.server.identity_provider_details.invocation_role #=> String
|
686
782
|
# resp.server.identity_provider_type #=> String, one of "SERVICE_MANAGED", "API_GATEWAY"
|
687
783
|
# resp.server.logging_role #=> String
|
784
|
+
# resp.server.protocols #=> Array
|
785
|
+
# resp.server.protocols[0] #=> String, one of "SFTP", "FTP", "FTPS"
|
688
786
|
# resp.server.server_id #=> String
|
689
787
|
# resp.server.state #=> String, one of "OFFLINE", "ONLINE", "STARTING", "STOPPING", "START_FAILED", "STOP_FAILED"
|
690
788
|
# resp.server.tags #=> Array
|
@@ -701,20 +799,21 @@ module Aws::Transfer
|
|
701
799
|
req.send_request(options)
|
702
800
|
end
|
703
801
|
|
704
|
-
# Describes the user assigned to
|
705
|
-
# `ServerId` property.
|
802
|
+
# Describes the user assigned to the specific file transfer
|
803
|
+
# protocol-enabled server, as identified by its `ServerId` property.
|
706
804
|
#
|
707
805
|
# The response from this call returns the properties of the user
|
708
806
|
# associated with the `ServerId` value that was specified.
|
709
807
|
#
|
710
808
|
# @option params [required, String] :server_id
|
711
|
-
# A system-assigned unique identifier for
|
712
|
-
# user assigned.
|
809
|
+
# A system-assigned unique identifier for a file transfer
|
810
|
+
# protocol-enabled server that has this user assigned.
|
713
811
|
#
|
714
812
|
# @option params [required, String] :user_name
|
715
|
-
# The name of the user assigned to one or more
|
716
|
-
# part of the sign-in
|
717
|
-
# service and perform file
|
813
|
+
# The name of the user assigned to one or more file transfer
|
814
|
+
# protocol-enabled servers. User names are part of the sign-in
|
815
|
+
# credentials to use the AWS Transfer Family service and perform file
|
816
|
+
# transfer tasks.
|
718
817
|
#
|
719
818
|
# @return [Types::DescribeUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
720
819
|
#
|
@@ -758,20 +857,22 @@ module Aws::Transfer
|
|
758
857
|
end
|
759
858
|
|
760
859
|
# Adds a Secure Shell (SSH) public key to a user account identified by a
|
761
|
-
# `UserName` value assigned to
|
762
|
-
# `ServerId`.
|
860
|
+
# `UserName` value assigned to the specific file transfer
|
861
|
+
# protocol-enabled server, identified by `ServerId`.
|
763
862
|
#
|
764
863
|
# The response returns the `UserName` value, the `ServerId` value, and
|
765
864
|
# the name of the `SshPublicKeyId`.
|
766
865
|
#
|
767
866
|
# @option params [required, String] :server_id
|
768
|
-
# A system-assigned unique identifier for
|
867
|
+
# A system-assigned unique identifier for a file transfer
|
868
|
+
# protocol-enabled server.
|
769
869
|
#
|
770
870
|
# @option params [required, String] :ssh_public_key_body
|
771
871
|
# The public key portion of an SSH key pair.
|
772
872
|
#
|
773
873
|
# @option params [required, String] :user_name
|
774
|
-
# The name of the user account that is assigned to one or more
|
874
|
+
# The name of the user account that is assigned to one or more file
|
875
|
+
# transfer protocol-enabled servers.
|
775
876
|
#
|
776
877
|
# @return [Types::ImportSshPublicKeyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
777
878
|
#
|
@@ -802,24 +903,26 @@ module Aws::Transfer
|
|
802
903
|
req.send_request(options)
|
803
904
|
end
|
804
905
|
|
805
|
-
# Lists the
|
806
|
-
#
|
906
|
+
# Lists the file transfer protocol-enabled servers that are associated
|
907
|
+
# with your AWS account.
|
807
908
|
#
|
808
909
|
# @option params [Integer] :max_results
|
809
|
-
# Specifies the number of
|
810
|
-
# `ListServers` query.
|
910
|
+
# Specifies the number of file transfer protocol-enabled servers to
|
911
|
+
# return as a response to the `ListServers` query.
|
811
912
|
#
|
812
913
|
# @option params [String] :next_token
|
813
|
-
# When additional results are obtained from the
|
914
|
+
# When additional results are obtained from the`ListServers` command, a
|
814
915
|
# `NextToken` parameter is returned in the output. You can then pass the
|
815
916
|
# `NextToken` parameter in a subsequent command to continue listing
|
816
|
-
# additional servers.
|
917
|
+
# additional file transfer protocol-enabled servers.
|
817
918
|
#
|
818
919
|
# @return [Types::ListServersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
819
920
|
#
|
820
921
|
# * {Types::ListServersResponse#next_token #next_token} => String
|
821
922
|
# * {Types::ListServersResponse#servers #servers} => Array<Types::ListedServer>
|
822
923
|
#
|
924
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
925
|
+
#
|
823
926
|
# @example Request syntax with placeholder values
|
824
927
|
#
|
825
928
|
# resp = client.list_servers({
|
@@ -872,6 +975,8 @@ module Aws::Transfer
|
|
872
975
|
# * {Types::ListTagsForResourceResponse#next_token #next_token} => String
|
873
976
|
# * {Types::ListTagsForResourceResponse#tags #tags} => Array<Types::Tag>
|
874
977
|
#
|
978
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
979
|
+
#
|
875
980
|
# @example Request syntax with placeholder values
|
876
981
|
#
|
877
982
|
# resp = client.list_tags_for_resource({
|
@@ -897,8 +1002,8 @@ module Aws::Transfer
|
|
897
1002
|
req.send_request(options)
|
898
1003
|
end
|
899
1004
|
|
900
|
-
# Lists the users for
|
901
|
-
# `ServerId` parameter.
|
1005
|
+
# Lists the users for a file transfer protocol-enabled server that you
|
1006
|
+
# specify by passing the `ServerId` parameter.
|
902
1007
|
#
|
903
1008
|
# @option params [Integer] :max_results
|
904
1009
|
# Specifies the number of users to return as a response to the
|
@@ -911,8 +1016,8 @@ module Aws::Transfer
|
|
911
1016
|
# additional users.
|
912
1017
|
#
|
913
1018
|
# @option params [required, String] :server_id
|
914
|
-
# A system-assigned unique identifier for a
|
915
|
-
#
|
1019
|
+
# A system-assigned unique identifier for a file transfer
|
1020
|
+
# protocol-enabled server that has users assigned to it.
|
916
1021
|
#
|
917
1022
|
# @return [Types::ListUsersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
918
1023
|
#
|
@@ -920,6 +1025,8 @@ module Aws::Transfer
|
|
920
1025
|
# * {Types::ListUsersResponse#server_id #server_id} => String
|
921
1026
|
# * {Types::ListUsersResponse#users #users} => Array<Types::ListedUser>
|
922
1027
|
#
|
1028
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1029
|
+
#
|
923
1030
|
# @example Request syntax with placeholder values
|
924
1031
|
#
|
925
1032
|
# resp = client.list_users({
|
@@ -949,10 +1056,10 @@ module Aws::Transfer
|
|
949
1056
|
req.send_request(options)
|
950
1057
|
end
|
951
1058
|
|
952
|
-
# Changes the state of a
|
953
|
-
#
|
954
|
-
#
|
955
|
-
#
|
1059
|
+
# Changes the state of a file transfer protocol-enabled server from
|
1060
|
+
# `OFFLINE` to `ONLINE`. It has no impact on a server that is already
|
1061
|
+
# `ONLINE`. An `ONLINE` server can accept and process file transfer
|
1062
|
+
# jobs.
|
956
1063
|
#
|
957
1064
|
# The state of `STARTING` indicates that the server is in an
|
958
1065
|
# intermediate state, either not fully able to respond, or not fully
|
@@ -961,7 +1068,8 @@ module Aws::Transfer
|
|
961
1068
|
# No response is returned from this call.
|
962
1069
|
#
|
963
1070
|
# @option params [required, String] :server_id
|
964
|
-
# A system-assigned unique identifier for
|
1071
|
+
# A system-assigned unique identifier for a file transfer
|
1072
|
+
# protocol-enabled server that you start.
|
965
1073
|
#
|
966
1074
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
967
1075
|
#
|
@@ -980,12 +1088,12 @@ module Aws::Transfer
|
|
980
1088
|
req.send_request(options)
|
981
1089
|
end
|
982
1090
|
|
983
|
-
# Changes the state of
|
984
|
-
# `OFFLINE` server cannot accept and process
|
985
|
-
# Information tied to your server such as server
|
986
|
-
# not affected by stopping your server.
|
987
|
-
# reduce or impact your
|
988
|
-
# billing.
|
1091
|
+
# Changes the state of a file transfer protocol-enabled server from
|
1092
|
+
# `ONLINE` to `OFFLINE`. An `OFFLINE` server cannot accept and process
|
1093
|
+
# file transfer jobs. Information tied to your server, such as server
|
1094
|
+
# and user properties, are not affected by stopping your server.
|
1095
|
+
# Stopping the server will not reduce or impact your file transfer
|
1096
|
+
# protocol endpoint billing.
|
989
1097
|
#
|
990
1098
|
# The state of `STOPPING` indicates that the server is in an
|
991
1099
|
# intermediate state, either not fully able to respond, or not fully
|
@@ -994,8 +1102,8 @@ module Aws::Transfer
|
|
994
1102
|
# No response is returned from this call.
|
995
1103
|
#
|
996
1104
|
# @option params [required, String] :server_id
|
997
|
-
# A system-assigned unique identifier for
|
998
|
-
# stopped.
|
1105
|
+
# A system-assigned unique identifier for a file transfer
|
1106
|
+
# protocol-enabled server that you stopped.
|
999
1107
|
#
|
1000
1108
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1001
1109
|
#
|
@@ -1052,19 +1160,34 @@ module Aws::Transfer
|
|
1052
1160
|
req.send_request(options)
|
1053
1161
|
end
|
1054
1162
|
|
1055
|
-
# If the `IdentityProviderType` of
|
1056
|
-
# whether your API Gateway is set up
|
1057
|
-
# that you call this operation to test
|
1058
|
-
# soon as you create your server. By doing
|
1059
|
-
# issues with the API Gateway integration to
|
1060
|
-
# successfully use the service.
|
1163
|
+
# If the `IdentityProviderType` of a file transfer protocol-enabled
|
1164
|
+
# server is `API_Gateway`, tests whether your API Gateway is set up
|
1165
|
+
# successfully. We highly recommend that you call this operation to test
|
1166
|
+
# your authentication method as soon as you create your server. By doing
|
1167
|
+
# so, you can troubleshoot issues with the API Gateway integration to
|
1168
|
+
# ensure that your users can successfully use the service.
|
1061
1169
|
#
|
1062
1170
|
# @option params [required, String] :server_id
|
1063
|
-
# A system-assigned identifier for a specific
|
1064
|
-
#
|
1171
|
+
# A system-assigned identifier for a specific file transfer
|
1172
|
+
# protocol-enabled server. That server's user authentication method is
|
1173
|
+
# tested with a user name and password.
|
1174
|
+
#
|
1175
|
+
# @option params [String] :server_protocol
|
1176
|
+
# The type of file transfer protocol to be tested.
|
1177
|
+
#
|
1178
|
+
# The available protocols are:
|
1179
|
+
#
|
1180
|
+
# * Secure Shell (SSH) File Transfer Protocol (SFTP)
|
1181
|
+
#
|
1182
|
+
# * File Transfer Protocol Secure (FTPS)
|
1183
|
+
#
|
1184
|
+
# * File Transfer Protocol (FTP)
|
1185
|
+
#
|
1186
|
+
# @option params [String] :source_ip
|
1187
|
+
# The source IP address of the user account to be tested.
|
1065
1188
|
#
|
1066
1189
|
# @option params [required, String] :user_name
|
1067
|
-
#
|
1190
|
+
# The name of the user account to be tested.
|
1068
1191
|
#
|
1069
1192
|
# @option params [String] :user_password
|
1070
1193
|
# The password of the user account to be tested.
|
@@ -1080,6 +1203,8 @@ module Aws::Transfer
|
|
1080
1203
|
#
|
1081
1204
|
# resp = client.test_identity_provider({
|
1082
1205
|
# server_id: "ServerId", # required
|
1206
|
+
# server_protocol: "SFTP", # accepts SFTP, FTP, FTPS
|
1207
|
+
# source_ip: "SourceIp",
|
1083
1208
|
# user_name: "UserName", # required
|
1084
1209
|
# user_password: "UserPassword",
|
1085
1210
|
# })
|
@@ -1107,9 +1232,9 @@ module Aws::Transfer
|
|
1107
1232
|
# No response is returned from this call.
|
1108
1233
|
#
|
1109
1234
|
# @option params [required, String] :arn
|
1110
|
-
#
|
1111
|
-
#
|
1112
|
-
#
|
1235
|
+
# The value of the resource that will have the tag removed. An Amazon
|
1236
|
+
# Resource Name (ARN) is an identifier for a specific AWS resource, such
|
1237
|
+
# as a server, user, or role.
|
1113
1238
|
#
|
1114
1239
|
# @option params [required, Array<String>] :tag_keys
|
1115
1240
|
# TagKeys are key-value pairs assigned to ARNs that can be used to group
|
@@ -1134,48 +1259,130 @@ module Aws::Transfer
|
|
1134
1259
|
req.send_request(options)
|
1135
1260
|
end
|
1136
1261
|
|
1137
|
-
# Updates the
|
1262
|
+
# Updates the file transfer protocol-enabled server's properties after
|
1263
|
+
# that server has been created.
|
1264
|
+
#
|
1265
|
+
# The `UpdateServer` call returns the `ServerId` of the server you
|
1266
|
+
# updated.
|
1267
|
+
#
|
1268
|
+
# @option params [String] :certificate
|
1269
|
+
# The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM)
|
1270
|
+
# certificate. Required when `Protocols` is set to `FTPS`.
|
1271
|
+
#
|
1272
|
+
# To request a new public certificate, see [Request a public
|
1273
|
+
# certificate][1] in the <i> AWS Certificate Manager User Guide</i>.
|
1274
|
+
#
|
1275
|
+
# To import an existing certificate into ACM, see [Importing
|
1276
|
+
# certificates into ACM][2] in the <i> AWS Certificate Manager User
|
1277
|
+
# Guide</i>.
|
1278
|
+
#
|
1279
|
+
# To request a private certificate to use FTPS through private IP
|
1280
|
+
# addresses, see [Request a private certificate][3] in the <i> AWS
|
1281
|
+
# Certificate Manager User Guide</i>.
|
1282
|
+
#
|
1283
|
+
# Certificates with the following cryptographic algorithms and key sizes
|
1284
|
+
# are supported:
|
1285
|
+
#
|
1286
|
+
# * 2048-bit RSA (RSA\_2048)
|
1138
1287
|
#
|
1139
|
-
#
|
1140
|
-
#
|
1288
|
+
# * 4096-bit RSA (RSA\_4096)
|
1289
|
+
#
|
1290
|
+
# * Elliptic Prime Curve 256 bit (EC\_prime256v1)
|
1291
|
+
#
|
1292
|
+
# * Elliptic Prime Curve 384 bit (EC\_secp384r1)
|
1293
|
+
#
|
1294
|
+
# * Elliptic Prime Curve 521 bit (EC\_secp521r1)
|
1295
|
+
#
|
1296
|
+
# <note markdown="1"> The certificate must be a valid SSL/TLS X.509 version 3 certificate
|
1297
|
+
# with FQDN or IP address specified and information about the issuer.
|
1298
|
+
#
|
1299
|
+
# </note>
|
1300
|
+
#
|
1301
|
+
#
|
1302
|
+
#
|
1303
|
+
# [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
|
1304
|
+
# [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
|
1305
|
+
# [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html
|
1141
1306
|
#
|
1142
1307
|
# @option params [Types::EndpointDetails] :endpoint_details
|
1143
1308
|
# The virtual private cloud (VPC) endpoint settings that are configured
|
1144
|
-
# for your
|
1145
|
-
# your
|
1146
|
-
# incoming internet traffic, you will need to associate
|
1147
|
-
# Elastic IP addresses with your server's endpoint.
|
1309
|
+
# for your file transfer protocol-enabled server. With a VPC endpoint,
|
1310
|
+
# you can restrict access to your server to resources only within your
|
1311
|
+
# VPC. To control incoming internet traffic, you will need to associate
|
1312
|
+
# one or more Elastic IP addresses with your server's endpoint.
|
1148
1313
|
#
|
1149
1314
|
# @option params [String] :endpoint_type
|
1150
|
-
# The type of endpoint that you want your
|
1151
|
-
# can choose to connect to the public internet
|
1152
|
-
#
|
1153
|
-
#
|
1315
|
+
# The type of endpoint that you want your file transfer protocol-enabled
|
1316
|
+
# server to connect to. You can choose to connect to the public internet
|
1317
|
+
# or a VPC endpoint. With a VPC endpoint, you can restrict access to
|
1318
|
+
# your server and resources only within your VPC.
|
1319
|
+
#
|
1320
|
+
# <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With this
|
1321
|
+
# endpoint type, you have the option to directly associate up to three
|
1322
|
+
# Elastic IPv4 addresses (BYO IP included) with your server's endpoint
|
1323
|
+
# and use VPC security groups to restrict traffic by the client's
|
1324
|
+
# public IP address. This is not possible with `EndpointType` set to
|
1325
|
+
# `VPC_ENDPOINT`.
|
1326
|
+
#
|
1327
|
+
# </note>
|
1154
1328
|
#
|
1155
1329
|
# @option params [String] :host_key
|
1156
|
-
# The RSA private key as generated by `ssh-keygen -N "" -f
|
1330
|
+
# The RSA private key as generated by `ssh-keygen -N "" -m PEM -f
|
1157
1331
|
# my-new-server-key`.
|
1158
1332
|
#
|
1159
1333
|
# If you aren't planning to migrate existing users from an existing
|
1160
|
-
#
|
1161
|
-
# Accidentally changing a server's host key can be
|
1334
|
+
# file transfer protocol-enabled server to a new server, don't update
|
1335
|
+
# the host key. Accidentally changing a server's host key can be
|
1336
|
+
# disruptive.
|
1337
|
+
#
|
1338
|
+
# For more information, see [Change the host key for your SFTP-enabled
|
1339
|
+
# server][1] in the *AWS Transfer Family User Guide*.
|
1340
|
+
#
|
1341
|
+
#
|
1162
1342
|
#
|
1163
|
-
#
|
1164
|
-
# "https://docs.aws.amazon.com/transfer/latest/userguide/configuring-servers.html#change-host-key"
|
1165
|
-
# in the *AWS SFTP User Guide.*
|
1343
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key
|
1166
1344
|
#
|
1167
1345
|
# @option params [Types::IdentityProviderDetails] :identity_provider_details
|
1168
|
-
#
|
1169
|
-
#
|
1346
|
+
# An array containing all of the information required to call a
|
1347
|
+
# customer's authentication API method.
|
1170
1348
|
#
|
1171
1349
|
# @option params [String] :logging_role
|
1172
|
-
#
|
1173
|
-
#
|
1174
|
-
#
|
1350
|
+
# Changes the AWS Identity and Access Management (IAM) role that allows
|
1351
|
+
# Amazon S3 events to be logged in Amazon CloudWatch, turning logging on
|
1352
|
+
# or off.
|
1353
|
+
#
|
1354
|
+
# @option params [Array<String>] :protocols
|
1355
|
+
# Specifies the file transfer protocol or protocols over which your file
|
1356
|
+
# transfer protocol client can connect to your server's endpoint. The
|
1357
|
+
# available protocols are:
|
1358
|
+
#
|
1359
|
+
# * Secure Shell (SSH) File Transfer Protocol (SFTP): File transfer over
|
1360
|
+
# SSH
|
1361
|
+
#
|
1362
|
+
# * File Transfer Protocol Secure (FTPS): File transfer with TLS
|
1363
|
+
# encryption
|
1364
|
+
#
|
1365
|
+
# * File Transfer Protocol (FTP): Unencrypted file transfer
|
1366
|
+
#
|
1367
|
+
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in AWS
|
1368
|
+
# Certificate Manager (ACM) which will be used to identify your server
|
1369
|
+
# when clients connect to it over FTPS.
|
1370
|
+
#
|
1371
|
+
# If `Protocol` includes either `FTP` or `FTPS`, then the `EndpointType`
|
1372
|
+
# must be `VPC` and the `IdentityProviderType` must be `API_GATEWAY`.
|
1373
|
+
#
|
1374
|
+
# If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
|
1375
|
+
# associated.
|
1376
|
+
#
|
1377
|
+
# If `Protocol` is set only to `SFTP`, the `EndpointType` can be set to
|
1378
|
+
# `PUBLIC` and the `IdentityProviderType` can be set to
|
1379
|
+
# `SERVICE_MANAGED`.
|
1380
|
+
#
|
1381
|
+
# </note>
|
1175
1382
|
#
|
1176
1383
|
# @option params [required, String] :server_id
|
1177
|
-
# A system-assigned unique identifier for
|
1178
|
-
# the user account is assigned to.
|
1384
|
+
# A system-assigned unique identifier for a file transfer
|
1385
|
+
# protocol-enabled server instance that the user account is assigned to.
|
1179
1386
|
#
|
1180
1387
|
# @return [Types::UpdateServerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1181
1388
|
#
|
@@ -1184,6 +1391,7 @@ module Aws::Transfer
|
|
1184
1391
|
# @example Request syntax with placeholder values
|
1185
1392
|
#
|
1186
1393
|
# resp = client.update_server({
|
1394
|
+
# certificate: "Certificate",
|
1187
1395
|
# endpoint_details: {
|
1188
1396
|
# address_allocation_ids: ["AddressAllocationId"],
|
1189
1397
|
# subnet_ids: ["SubnetId"],
|
@@ -1197,6 +1405,7 @@ module Aws::Transfer
|
|
1197
1405
|
# invocation_role: "Role",
|
1198
1406
|
# },
|
1199
1407
|
# logging_role: "NullableRole",
|
1408
|
+
# protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
|
1200
1409
|
# server_id: "ServerId", # required
|
1201
1410
|
# })
|
1202
1411
|
#
|
@@ -1221,90 +1430,95 @@ module Aws::Transfer
|
|
1221
1430
|
# user.
|
1222
1431
|
#
|
1223
1432
|
# @option params [String] :home_directory
|
1224
|
-
#
|
1225
|
-
#
|
1433
|
+
# Specifies the landing directory (folder) for a user when they log in
|
1434
|
+
# to the file transfer protocol-enabled server using their file transfer
|
1435
|
+
# protocol client.
|
1226
1436
|
#
|
1227
|
-
# An example is
|
1437
|
+
# An example is `your-Amazon-S3-bucket-name>/home/username`.
|
1228
1438
|
#
|
1229
1439
|
# @option params [String] :home_directory_type
|
1230
1440
|
# The type of landing directory (folder) you want your users' home
|
1231
|
-
# directory to be when they log into the
|
1232
|
-
# `PATH`, the user will see the absolute Amazon
|
1233
|
-
#
|
1234
|
-
#
|
1235
|
-
#
|
1441
|
+
# directory to be when they log into the file transfer protocol-enabled
|
1442
|
+
# server. If you set it to `PATH`, the user will see the absolute Amazon
|
1443
|
+
# S3 bucket paths as is in their file transfer protocol clients. If you
|
1444
|
+
# set it `LOGICAL`, you will need to provide mappings in the
|
1445
|
+
# `HomeDirectoryMappings` for how you want to make Amazon S3 paths
|
1446
|
+
# visible to your users.
|
1236
1447
|
#
|
1237
1448
|
# @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
|
1238
|
-
# Logical directory mappings that specify what S3 paths and keys
|
1239
|
-
# be visible to your user and how you want to make them visible.
|
1240
|
-
# will need to specify the "`Entry`" and "`Target`" pair, where
|
1449
|
+
# Logical directory mappings that specify what Amazon S3 paths and keys
|
1450
|
+
# should be visible to your user and how you want to make them visible.
|
1451
|
+
# You will need to specify the "`Entry`" and "`Target`" pair, where
|
1241
1452
|
# `Entry` shows how the path is made visible and `Target` is the actual
|
1242
|
-
# S3 path. If you only specify a target, it will be displayed as
|
1243
|
-
# will need to also make sure that your
|
1244
|
-
# paths in `Target`. The following is an example.
|
1453
|
+
# Amazon S3 path. If you only specify a target, it will be displayed as
|
1454
|
+
# is. You will need to also make sure that your IAM role provides access
|
1455
|
+
# to paths in `Target`. The following is an example.
|
1245
1456
|
#
|
1246
1457
|
# `'[ "/bucket2/documentation", \{ "Entry": "your-personal-report.pdf",
|
1247
1458
|
# "Target": "/bucket3/customized-reports/$\{transfer:UserName\}.pdf" \}
|
1248
1459
|
# ]'`
|
1249
1460
|
#
|
1250
|
-
# In most cases, you can use this value instead of the scope
|
1461
|
+
# In most cases, you can use this value instead of the scope-down policy
|
1251
1462
|
# to lock your user down to the designated home directory ("chroot").
|
1252
1463
|
# To do this, you can set `Entry` to '/' and set `Target` to the
|
1253
1464
|
# HomeDirectory parameter value.
|
1254
1465
|
#
|
1255
|
-
# <note markdown="1"> If the target of a logical directory entry does not exist in
|
1256
|
-
# entry will be ignored. As a workaround, you can use the
|
1257
|
-
# create 0 byte objects as place holders for your directory.
|
1258
|
-
# the CLI, use the s3api call instead of s3 so you can use
|
1259
|
-
# put-object operation. For example, you use the following: `aws
|
1260
|
-
# put-object --bucket bucketname --key path/to/folder/`. Make sure
|
1261
|
-
# the end of the key name ends in a / for it to be considered a
|
1466
|
+
# <note markdown="1"> If the target of a logical directory entry does not exist in Amazon
|
1467
|
+
# S3, the entry will be ignored. As a workaround, you can use the Amazon
|
1468
|
+
# S3 api to create 0 byte objects as place holders for your directory.
|
1469
|
+
# If using the CLI, use the `s3api` call instead of `s3` so you can use
|
1470
|
+
# the put-object operation. For example, you use the following: `aws
|
1471
|
+
# s3api put-object --bucket bucketname --key path/to/folder/`. Make sure
|
1472
|
+
# that the end of the key name ends in a / for it to be considered a
|
1473
|
+
# folder.
|
1262
1474
|
#
|
1263
1475
|
# </note>
|
1264
1476
|
#
|
1265
1477
|
# @option params [String] :policy
|
1266
1478
|
# Allows you to supply a scope-down policy for your user so you can use
|
1267
|
-
# the same
|
1268
|
-
#
|
1269
|
-
#
|
1270
|
-
# `$\{Transfer:
|
1271
|
-
# `$\{Transfer:HomeBucket\}`.
|
1479
|
+
# the same IAM role across multiple users. The policy scopes down user
|
1480
|
+
# access to portions of your Amazon S3 bucket. Variables you can use
|
1481
|
+
# inside this policy include `$\{Transfer:UserName\}`,
|
1482
|
+
# `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
|
1272
1483
|
#
|
1273
|
-
# <note markdown="1"> For scope-down policies, AWS Transfer
|
1484
|
+
# <note markdown="1"> For scope-down policies, AWS Transfer Family stores the policy as a
|
1274
1485
|
# JSON blob, instead of the Amazon Resource Name (ARN) of the policy.
|
1275
1486
|
# You save the policy as a JSON blob and pass it in the `Policy`
|
1276
1487
|
# argument.
|
1277
1488
|
#
|
1278
|
-
# For an example of a scope-down policy, see
|
1279
|
-
#
|
1280
|
-
# a Scope-Down Policy.
|
1489
|
+
# For an example of a scope-down policy, see [Creating a scope-down
|
1490
|
+
# policy][1].
|
1281
1491
|
#
|
1282
|
-
# For more information, see
|
1283
|
-
#
|
1284
|
-
# in the *AWS Security Token Service API Reference*.
|
1492
|
+
# For more information, see [AssumeRole][2] in the *AWS Security Token
|
1493
|
+
# Service API Reference*.
|
1285
1494
|
#
|
1286
1495
|
# </note>
|
1287
1496
|
#
|
1497
|
+
#
|
1498
|
+
#
|
1499
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/users.html#users-policies-scope-down
|
1500
|
+
# [2]: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
|
1501
|
+
#
|
1288
1502
|
# @option params [String] :role
|
1289
|
-
# The IAM role that controls your
|
1503
|
+
# The IAM role that controls your users' access to your Amazon S3
|
1290
1504
|
# bucket. The policies attached to this role will determine the level of
|
1291
1505
|
# access you want to provide your users when transferring files into and
|
1292
1506
|
# out of your Amazon S3 bucket or buckets. The IAM role should also
|
1293
|
-
# contain a trust relationship that allows the
|
1294
|
-
#
|
1295
|
-
#
|
1507
|
+
# contain a trust relationship that allows the file transfer
|
1508
|
+
# protocol-enabled server to access your resources when servicing your
|
1509
|
+
# users' transfer requests.
|
1296
1510
|
#
|
1297
1511
|
# @option params [required, String] :server_id
|
1298
|
-
# A system-assigned unique identifier for
|
1299
|
-
# the user account is assigned to.
|
1512
|
+
# A system-assigned unique identifier for a file transfer
|
1513
|
+
# protocol-enabled server instance that the user account is assigned to.
|
1300
1514
|
#
|
1301
1515
|
# @option params [required, String] :user_name
|
1302
|
-
# A unique string that identifies a user and is associated with a
|
1303
|
-
# as specified by the `ServerId`. This
|
1304
|
-
# by your user when they log in to your
|
1305
|
-
# minimum of 3 and a maximum of 32
|
1306
|
-
# valid characters: a-z, A-Z, 0-9,
|
1307
|
-
# can't start with a hyphen.
|
1516
|
+
# A unique string that identifies a user and is associated with a file
|
1517
|
+
# transfer protocol-enabled server as specified by the `ServerId`. This
|
1518
|
+
# is the string that will be used by your user when they log in to your
|
1519
|
+
# server. This user name is a minimum of 3 and a maximum of 32
|
1520
|
+
# characters long. The following are valid characters: a-z, A-Z, 0-9,
|
1521
|
+
# underscore, and hyphen. The user name can't start with a hyphen.
|
1308
1522
|
#
|
1309
1523
|
# @return [Types::UpdateUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1310
1524
|
#
|
@@ -1355,7 +1569,7 @@ module Aws::Transfer
|
|
1355
1569
|
params: params,
|
1356
1570
|
config: config)
|
1357
1571
|
context[:gem_name] = 'aws-sdk-transfer'
|
1358
|
-
context[:gem_version] = '1.
|
1572
|
+
context[:gem_version] = '1.22.1'
|
1359
1573
|
Seahorse::Client::Request.new(handlers, context)
|
1360
1574
|
end
|
1361
1575
|
|