aws-sdk-transfer 1.18.0 → 1.23.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-transfer.rb +3 -1
- data/lib/aws-sdk-transfer/client.rb +169 -42
- data/lib/aws-sdk-transfer/client_api.rb +5 -1
- data/lib/aws-sdk-transfer/errors.rb +2 -0
- data/lib/aws-sdk-transfer/resource.rb +2 -0
- data/lib/aws-sdk-transfer/types.rb +320 -123
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1501e1563bf7f9af211fa870cd288173b03ea5fb6a76ff76d91b75fc0edbad09
|
4
|
+
data.tar.gz: aedfc9f789f4ce46dfde7f0c107aba5720ae654d9d248fcd8cfa46ff2ee7c0dc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8eec295cbaaca3cfb99daff5a8c36de76127f32e4f0af4bf6b039c28fd222986704f575d1b10b1064d29d4fadbc75fa27bb386fb11500730431e4282d3d2f6d6
|
7
|
+
data.tar.gz: f9790503c56f0d7cd4f9231baffb09fc35428ff6460f3e3b6d786c10518726fe2a9146eb0048484e179ca820efa1170707cdfb2045a0956b29cae7536511530b
|
data/lib/aws-sdk-transfer.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -45,6 +47,6 @@ require_relative 'aws-sdk-transfer/customizations'
|
|
45
47
|
# @service
|
46
48
|
module Aws::Transfer
|
47
49
|
|
48
|
-
GEM_VERSION = '1.
|
50
|
+
GEM_VERSION = '1.23.0'
|
49
51
|
|
50
52
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -24,6 +26,7 @@ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
|
|
24
26
|
require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
25
27
|
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
26
28
|
require 'aws-sdk-core/plugins/transfer_encoding.rb'
|
29
|
+
require 'aws-sdk-core/plugins/http_checksum.rb'
|
27
30
|
require 'aws-sdk-core/plugins/signature_v4.rb'
|
28
31
|
require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
|
29
32
|
|
@@ -69,6 +72,7 @@ module Aws::Transfer
|
|
69
72
|
add_plugin(Aws::Plugins::ClientMetricsPlugin)
|
70
73
|
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
71
74
|
add_plugin(Aws::Plugins::TransferEncoding)
|
75
|
+
add_plugin(Aws::Plugins::HttpChecksum)
|
72
76
|
add_plugin(Aws::Plugins::SignatureV4)
|
73
77
|
add_plugin(Aws::Plugins::Protocols::JsonRpc)
|
74
78
|
|
@@ -105,7 +109,7 @@ module Aws::Transfer
|
|
105
109
|
# @option options [required, String] :region
|
106
110
|
# The AWS region to connect to. The configured `:region` is
|
107
111
|
# used to determine the service `:endpoint`. When not passed,
|
108
|
-
# a default `:region` is
|
112
|
+
# a default `:region` is searched for in the following locations:
|
109
113
|
#
|
110
114
|
# * `Aws.config[:region]`
|
111
115
|
# * `ENV['AWS_REGION']`
|
@@ -161,7 +165,7 @@ module Aws::Transfer
|
|
161
165
|
# @option options [String] :endpoint
|
162
166
|
# The client endpoint is normally constructed from the `:region`
|
163
167
|
# option. You should only configure an `:endpoint` when connecting
|
164
|
-
# to test endpoints. This should be
|
168
|
+
# to test or custom endpoints. This should be a valid HTTP(S) URI.
|
165
169
|
#
|
166
170
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
167
171
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
@@ -176,7 +180,7 @@ module Aws::Transfer
|
|
176
180
|
# requests fetching endpoints information. Defaults to 60 sec.
|
177
181
|
#
|
178
182
|
# @option options [Boolean] :endpoint_discovery (false)
|
179
|
-
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
183
|
+
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
180
184
|
#
|
181
185
|
# @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
|
182
186
|
# The log formatter.
|
@@ -328,6 +332,41 @@ module Aws::Transfer
|
|
328
332
|
# The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM)
|
329
333
|
# certificate. Required when `Protocols` is set to `FTPS`.
|
330
334
|
#
|
335
|
+
# To request a new public certificate, see [Request a public
|
336
|
+
# certificate][1] in the <i> AWS Certificate Manager User Guide</i>.
|
337
|
+
#
|
338
|
+
# To import an existing certificate into ACM, see [Importing
|
339
|
+
# certificates into ACM][2] in the <i> AWS Certificate Manager User
|
340
|
+
# Guide</i>.
|
341
|
+
#
|
342
|
+
# To request a private certificate to use FTPS through private IP
|
343
|
+
# addresses, see [Request a private certificate][3] in the <i> AWS
|
344
|
+
# Certificate Manager User Guide</i>.
|
345
|
+
#
|
346
|
+
# Certificates with the following cryptographic algorithms and key sizes
|
347
|
+
# are supported:
|
348
|
+
#
|
349
|
+
# * 2048-bit RSA (RSA\_2048)
|
350
|
+
#
|
351
|
+
# * 4096-bit RSA (RSA\_4096)
|
352
|
+
#
|
353
|
+
# * Elliptic Prime Curve 256 bit (EC\_prime256v1)
|
354
|
+
#
|
355
|
+
# * Elliptic Prime Curve 384 bit (EC\_secp384r1)
|
356
|
+
#
|
357
|
+
# * Elliptic Prime Curve 521 bit (EC\_secp521r1)
|
358
|
+
#
|
359
|
+
# <note markdown="1"> The certificate must be a valid SSL/TLS X.509 version 3 certificate
|
360
|
+
# with FQDN or IP address specified and information about the issuer.
|
361
|
+
#
|
362
|
+
# </note>
|
363
|
+
#
|
364
|
+
#
|
365
|
+
#
|
366
|
+
# [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
|
367
|
+
# [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
|
368
|
+
# [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html
|
369
|
+
#
|
331
370
|
# @option params [Types::EndpointDetails] :endpoint_details
|
332
371
|
# The virtual private cloud (VPC) endpoint settings that are configured
|
333
372
|
# for your file transfer protocol-enabled server. When you host your
|
@@ -339,24 +378,32 @@ module Aws::Transfer
|
|
339
378
|
# @option params [String] :endpoint_type
|
340
379
|
# The type of VPC endpoint that you want your file transfer
|
341
380
|
# protocol-enabled server to connect to. You can choose to connect to
|
342
|
-
# the public internet or a
|
343
|
-
#
|
344
|
-
#
|
381
|
+
# the public internet or a VPC endpoint. With a VPC endpoint, you can
|
382
|
+
# restrict access to your server and resources only within your VPC.
|
383
|
+
#
|
384
|
+
# <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With this
|
385
|
+
# endpoint type, you have the option to directly associate up to three
|
386
|
+
# Elastic IPv4 addresses (BYO IP included) with your server's endpoint
|
387
|
+
# and use VPC security groups to restrict traffic by the client's
|
388
|
+
# public IP address. This is not possible with `EndpointType` set to
|
389
|
+
# `VPC_ENDPOINT`.
|
390
|
+
#
|
391
|
+
# </note>
|
345
392
|
#
|
346
393
|
# @option params [String] :host_key
|
347
|
-
# The RSA private key as generated by the `ssh-keygen -N "" -f
|
394
|
+
# The RSA private key as generated by the `ssh-keygen -N "" -m PEM -f
|
348
395
|
# my-new-server-key` command.
|
349
396
|
#
|
350
397
|
# If you aren't planning to migrate existing users from an existing
|
351
398
|
# SFTP-enabled server to a new server, don't update the host key.
|
352
399
|
# Accidentally changing a server's host key can be disruptive.
|
353
400
|
#
|
354
|
-
# For more information, see [
|
355
|
-
#
|
401
|
+
# For more information, see [Change the host key for your SFTP-enabled
|
402
|
+
# server][1] in the *AWS Transfer Family User Guide*.
|
356
403
|
#
|
357
404
|
#
|
358
405
|
#
|
359
|
-
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/
|
406
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key
|
360
407
|
#
|
361
408
|
# @option params [Types::IdentityProviderDetails] :identity_provider_details
|
362
409
|
# Required when `IdentityProviderType` is set to `API_GATEWAY`. Accepts
|
@@ -382,13 +429,29 @@ module Aws::Transfer
|
|
382
429
|
# transfer protocol client can connect to your server's endpoint. The
|
383
430
|
# available protocols are:
|
384
431
|
#
|
385
|
-
# * Secure Shell (SSH) File Transfer Protocol
|
386
|
-
# SSH
|
432
|
+
# * `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer
|
433
|
+
# over SSH
|
387
434
|
#
|
388
|
-
# * File Transfer Protocol Secure
|
435
|
+
# * `FTPS` (File Transfer Protocol Secure): File transfer with TLS
|
389
436
|
# encryption
|
390
437
|
#
|
391
|
-
# * File Transfer Protocol
|
438
|
+
# * `FTP` (File Transfer Protocol): Unencrypted file transfer
|
439
|
+
#
|
440
|
+
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in AWS
|
441
|
+
# Certificate Manager (ACM) which will be used to identify your server
|
442
|
+
# when clients connect to it over FTPS.
|
443
|
+
#
|
444
|
+
# If `Protocol` includes either `FTP` or `FTPS`, then the `EndpointType`
|
445
|
+
# must be `VPC` and the `IdentityProviderType` must be `API_GATEWAY`.
|
446
|
+
#
|
447
|
+
# If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
|
448
|
+
# associated.
|
449
|
+
#
|
450
|
+
# If `Protocol` is set only to `SFTP`, the `EndpointType` can be set to
|
451
|
+
# `PUBLIC` and the `IdentityProviderType` can be set to
|
452
|
+
# `SERVICE_MANAGED`.
|
453
|
+
#
|
454
|
+
# </note>
|
392
455
|
#
|
393
456
|
# @option params [Array<Types::Tag>] :tags
|
394
457
|
# Key-value pairs that can be used to group and search for file transfer
|
@@ -451,7 +514,8 @@ module Aws::Transfer
|
|
451
514
|
# The landing directory (folder) for a user when they log in to the file
|
452
515
|
# transfer protocol-enabled server using the client.
|
453
516
|
#
|
454
|
-
# An example is
|
517
|
+
# An example is <i>
|
518
|
+
# <code>your-Amazon-S3-bucket-name>/home/username</code> </i>.
|
455
519
|
#
|
456
520
|
# @option params [String] :home_directory_type
|
457
521
|
# The type of landing directory (folder) you want your users' home
|
@@ -468,8 +532,8 @@ module Aws::Transfer
|
|
468
532
|
# You will need to specify the "`Entry`" and "`Target`" pair, where
|
469
533
|
# `Entry` shows how the path is made visible and `Target` is the actual
|
470
534
|
# Amazon S3 path. If you only specify a target, it will be displayed as
|
471
|
-
# is. You will need to also make sure that your
|
472
|
-
#
|
535
|
+
# is. You will need to also make sure that your IAM role provides access
|
536
|
+
# to paths in `Target`. The following is an example.
|
473
537
|
#
|
474
538
|
# `'[ "/bucket2/documentation", \{ "Entry": "your-personal-report.pdf",
|
475
539
|
# "Target": "/bucket3/customized-reports/$\{transfer:UserName\}.pdf" \}
|
@@ -503,8 +567,8 @@ module Aws::Transfer
|
|
503
567
|
# You save the policy as a JSON blob and pass it in the `Policy`
|
504
568
|
# argument.
|
505
569
|
#
|
506
|
-
# For an example of a scope-down policy, see [Creating a
|
507
|
-
#
|
570
|
+
# For an example of a scope-down policy, see [Creating a scope-down
|
571
|
+
# policy][1].
|
508
572
|
#
|
509
573
|
# For more information, see [AssumeRole][2] in the *AWS Security Token
|
510
574
|
# Service API Reference*.
|
@@ -1110,12 +1174,6 @@ module Aws::Transfer
|
|
1110
1174
|
# protocol-enabled server. That server's user authentication method is
|
1111
1175
|
# tested with a user name and password.
|
1112
1176
|
#
|
1113
|
-
# @option params [required, String] :user_name
|
1114
|
-
# The name of the user account to be tested.
|
1115
|
-
#
|
1116
|
-
# @option params [String] :user_password
|
1117
|
-
# The password of the user account to be tested.
|
1118
|
-
#
|
1119
1177
|
# @option params [String] :server_protocol
|
1120
1178
|
# The type of file transfer protocol to be tested.
|
1121
1179
|
#
|
@@ -1127,6 +1185,15 @@ module Aws::Transfer
|
|
1127
1185
|
#
|
1128
1186
|
# * File Transfer Protocol (FTP)
|
1129
1187
|
#
|
1188
|
+
# @option params [String] :source_ip
|
1189
|
+
# The source IP address of the user account to be tested.
|
1190
|
+
#
|
1191
|
+
# @option params [required, String] :user_name
|
1192
|
+
# The name of the user account to be tested.
|
1193
|
+
#
|
1194
|
+
# @option params [String] :user_password
|
1195
|
+
# The password of the user account to be tested.
|
1196
|
+
#
|
1130
1197
|
# @return [Types::TestIdentityProviderResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1131
1198
|
#
|
1132
1199
|
# * {Types::TestIdentityProviderResponse#response #response} => String
|
@@ -1138,9 +1205,10 @@ module Aws::Transfer
|
|
1138
1205
|
#
|
1139
1206
|
# resp = client.test_identity_provider({
|
1140
1207
|
# server_id: "ServerId", # required
|
1208
|
+
# server_protocol: "SFTP", # accepts SFTP, FTP, FTPS
|
1209
|
+
# source_ip: "SourceIp",
|
1141
1210
|
# user_name: "UserName", # required
|
1142
1211
|
# user_password: "UserPassword",
|
1143
|
-
# server_protocol: "SFTP", # accepts SFTP, FTP, FTPS
|
1144
1212
|
# })
|
1145
1213
|
#
|
1146
1214
|
# @example Response structure
|
@@ -1203,6 +1271,41 @@ module Aws::Transfer
|
|
1203
1271
|
# The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM)
|
1204
1272
|
# certificate. Required when `Protocols` is set to `FTPS`.
|
1205
1273
|
#
|
1274
|
+
# To request a new public certificate, see [Request a public
|
1275
|
+
# certificate][1] in the <i> AWS Certificate Manager User Guide</i>.
|
1276
|
+
#
|
1277
|
+
# To import an existing certificate into ACM, see [Importing
|
1278
|
+
# certificates into ACM][2] in the <i> AWS Certificate Manager User
|
1279
|
+
# Guide</i>.
|
1280
|
+
#
|
1281
|
+
# To request a private certificate to use FTPS through private IP
|
1282
|
+
# addresses, see [Request a private certificate][3] in the <i> AWS
|
1283
|
+
# Certificate Manager User Guide</i>.
|
1284
|
+
#
|
1285
|
+
# Certificates with the following cryptographic algorithms and key sizes
|
1286
|
+
# are supported:
|
1287
|
+
#
|
1288
|
+
# * 2048-bit RSA (RSA\_2048)
|
1289
|
+
#
|
1290
|
+
# * 4096-bit RSA (RSA\_4096)
|
1291
|
+
#
|
1292
|
+
# * Elliptic Prime Curve 256 bit (EC\_prime256v1)
|
1293
|
+
#
|
1294
|
+
# * Elliptic Prime Curve 384 bit (EC\_secp384r1)
|
1295
|
+
#
|
1296
|
+
# * Elliptic Prime Curve 521 bit (EC\_secp521r1)
|
1297
|
+
#
|
1298
|
+
# <note markdown="1"> The certificate must be a valid SSL/TLS X.509 version 3 certificate
|
1299
|
+
# with FQDN or IP address specified and information about the issuer.
|
1300
|
+
#
|
1301
|
+
# </note>
|
1302
|
+
#
|
1303
|
+
#
|
1304
|
+
#
|
1305
|
+
# [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
|
1306
|
+
# [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
|
1307
|
+
# [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html
|
1308
|
+
#
|
1206
1309
|
# @option params [Types::EndpointDetails] :endpoint_details
|
1207
1310
|
# The virtual private cloud (VPC) endpoint settings that are configured
|
1208
1311
|
# for your file transfer protocol-enabled server. With a VPC endpoint,
|
@@ -1213,11 +1316,20 @@ module Aws::Transfer
|
|
1213
1316
|
# @option params [String] :endpoint_type
|
1214
1317
|
# The type of endpoint that you want your file transfer protocol-enabled
|
1215
1318
|
# server to connect to. You can choose to connect to the public internet
|
1216
|
-
# or a VPC endpoint. With a VPC endpoint,
|
1217
|
-
#
|
1319
|
+
# or a VPC endpoint. With a VPC endpoint, you can restrict access to
|
1320
|
+
# your server and resources only within your VPC.
|
1321
|
+
#
|
1322
|
+
# <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With this
|
1323
|
+
# endpoint type, you have the option to directly associate up to three
|
1324
|
+
# Elastic IPv4 addresses (BYO IP included) with your server's endpoint
|
1325
|
+
# and use VPC security groups to restrict traffic by the client's
|
1326
|
+
# public IP address. This is not possible with `EndpointType` set to
|
1327
|
+
# `VPC_ENDPOINT`.
|
1328
|
+
#
|
1329
|
+
# </note>
|
1218
1330
|
#
|
1219
1331
|
# @option params [String] :host_key
|
1220
|
-
# The RSA private key as generated by `ssh-keygen -N "" -f
|
1332
|
+
# The RSA private key as generated by `ssh-keygen -N "" -m PEM -f
|
1221
1333
|
# my-new-server-key`.
|
1222
1334
|
#
|
1223
1335
|
# If you aren't planning to migrate existing users from an existing
|
@@ -1225,12 +1337,12 @@ module Aws::Transfer
|
|
1225
1337
|
# the host key. Accidentally changing a server's host key can be
|
1226
1338
|
# disruptive.
|
1227
1339
|
#
|
1228
|
-
# For more information, see [
|
1229
|
-
#
|
1340
|
+
# For more information, see [Change the host key for your SFTP-enabled
|
1341
|
+
# server][1] in the *AWS Transfer Family User Guide*.
|
1230
1342
|
#
|
1231
1343
|
#
|
1232
1344
|
#
|
1233
|
-
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/
|
1345
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key
|
1234
1346
|
#
|
1235
1347
|
# @option params [Types::IdentityProviderDetails] :identity_provider_details
|
1236
1348
|
# An array containing all of the information required to call a
|
@@ -1254,6 +1366,22 @@ module Aws::Transfer
|
|
1254
1366
|
#
|
1255
1367
|
# * File Transfer Protocol (FTP): Unencrypted file transfer
|
1256
1368
|
#
|
1369
|
+
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in AWS
|
1370
|
+
# Certificate Manager (ACM) which will be used to identify your server
|
1371
|
+
# when clients connect to it over FTPS.
|
1372
|
+
#
|
1373
|
+
# If `Protocol` includes either `FTP` or `FTPS`, then the `EndpointType`
|
1374
|
+
# must be `VPC` and the `IdentityProviderType` must be `API_GATEWAY`.
|
1375
|
+
#
|
1376
|
+
# If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
|
1377
|
+
# associated.
|
1378
|
+
#
|
1379
|
+
# If `Protocol` is set only to `SFTP`, the `EndpointType` can be set to
|
1380
|
+
# `PUBLIC` and the `IdentityProviderType` can be set to
|
1381
|
+
# `SERVICE_MANAGED`.
|
1382
|
+
#
|
1383
|
+
# </note>
|
1384
|
+
#
|
1257
1385
|
# @option params [required, String] :server_id
|
1258
1386
|
# A system-assigned unique identifier for a file transfer
|
1259
1387
|
# protocol-enabled server instance that the user account is assigned to.
|
@@ -1325,8 +1453,8 @@ module Aws::Transfer
|
|
1325
1453
|
# You will need to specify the "`Entry`" and "`Target`" pair, where
|
1326
1454
|
# `Entry` shows how the path is made visible and `Target` is the actual
|
1327
1455
|
# Amazon S3 path. If you only specify a target, it will be displayed as
|
1328
|
-
# is. You will need to also make sure that your
|
1329
|
-
#
|
1456
|
+
# is. You will need to also make sure that your IAM role provides access
|
1457
|
+
# to paths in `Target`. The following is an example.
|
1330
1458
|
#
|
1331
1459
|
# `'[ "/bucket2/documentation", \{ "Entry": "your-personal-report.pdf",
|
1332
1460
|
# "Target": "/bucket3/customized-reports/$\{transfer:UserName\}.pdf" \}
|
@@ -1350,19 +1478,18 @@ module Aws::Transfer
|
|
1350
1478
|
#
|
1351
1479
|
# @option params [String] :policy
|
1352
1480
|
# Allows you to supply a scope-down policy for your user so you can use
|
1353
|
-
# the same
|
1354
|
-
#
|
1355
|
-
#
|
1356
|
-
# `$\{Transfer:
|
1357
|
-
# `$\{Transfer:HomeBucket\}`.
|
1481
|
+
# the same IAM role across multiple users. The policy scopes down user
|
1482
|
+
# access to portions of your Amazon S3 bucket. Variables you can use
|
1483
|
+
# inside this policy include `$\{Transfer:UserName\}`,
|
1484
|
+
# `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
|
1358
1485
|
#
|
1359
1486
|
# <note markdown="1"> For scope-down policies, AWS Transfer Family stores the policy as a
|
1360
1487
|
# JSON blob, instead of the Amazon Resource Name (ARN) of the policy.
|
1361
1488
|
# You save the policy as a JSON blob and pass it in the `Policy`
|
1362
1489
|
# argument.
|
1363
1490
|
#
|
1364
|
-
# For an example of a scope-down policy, see [Creating a
|
1365
|
-
#
|
1491
|
+
# For an example of a scope-down policy, see [Creating a scope-down
|
1492
|
+
# policy][1].
|
1366
1493
|
#
|
1367
1494
|
# For more information, see [AssumeRole][2] in the *AWS Security Token
|
1368
1495
|
# Service API Reference*.
|
@@ -1444,7 +1571,7 @@ module Aws::Transfer
|
|
1444
1571
|
params: params,
|
1445
1572
|
config: config)
|
1446
1573
|
context[:gem_name] = 'aws-sdk-transfer'
|
1447
|
-
context[:gem_version] = '1.
|
1574
|
+
context[:gem_version] = '1.23.0'
|
1448
1575
|
Seahorse::Client::Request.new(handlers, context)
|
1449
1576
|
end
|
1450
1577
|
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -75,6 +77,7 @@ module Aws::Transfer
|
|
75
77
|
ServerId = Shapes::StringShape.new(name: 'ServerId')
|
76
78
|
ServiceErrorMessage = Shapes::StringShape.new(name: 'ServiceErrorMessage')
|
77
79
|
ServiceUnavailableException = Shapes::StructureShape.new(name: 'ServiceUnavailableException')
|
80
|
+
SourceIp = Shapes::StringShape.new(name: 'SourceIp')
|
78
81
|
SshPublicKey = Shapes::StructureShape.new(name: 'SshPublicKey')
|
79
82
|
SshPublicKeyBody = Shapes::StringShape.new(name: 'SshPublicKeyBody')
|
80
83
|
SshPublicKeyCount = Shapes::IntegerShape.new(name: 'SshPublicKeyCount')
|
@@ -323,9 +326,10 @@ module Aws::Transfer
|
|
323
326
|
Tags.member = Shapes::ShapeRef.new(shape: Tag)
|
324
327
|
|
325
328
|
TestIdentityProviderRequest.add_member(:server_id, Shapes::ShapeRef.new(shape: ServerId, required: true, location_name: "ServerId"))
|
329
|
+
TestIdentityProviderRequest.add_member(:server_protocol, Shapes::ShapeRef.new(shape: Protocol, location_name: "ServerProtocol"))
|
330
|
+
TestIdentityProviderRequest.add_member(:source_ip, Shapes::ShapeRef.new(shape: SourceIp, location_name: "SourceIp"))
|
326
331
|
TestIdentityProviderRequest.add_member(:user_name, Shapes::ShapeRef.new(shape: UserName, required: true, location_name: "UserName"))
|
327
332
|
TestIdentityProviderRequest.add_member(:user_password, Shapes::ShapeRef.new(shape: UserPassword, location_name: "UserPassword"))
|
328
|
-
TestIdentityProviderRequest.add_member(:server_protocol, Shapes::ShapeRef.new(shape: Protocol, location_name: "ServerProtocol"))
|
329
333
|
TestIdentityProviderRequest.struct_class = Types::TestIdentityProviderRequest
|
330
334
|
|
331
335
|
TestIdentityProviderResponse.add_member(:response, Shapes::ShapeRef.new(shape: Response, location_name: "Response"))
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -17,6 +19,7 @@ module Aws::Transfer
|
|
17
19
|
#
|
18
20
|
class AccessDeniedException < Struct.new(
|
19
21
|
:message)
|
22
|
+
SENSITIVE = []
|
20
23
|
include Aws::Structure
|
21
24
|
end
|
22
25
|
|
@@ -31,6 +34,7 @@ module Aws::Transfer
|
|
31
34
|
#
|
32
35
|
class ConflictException < Struct.new(
|
33
36
|
:message)
|
37
|
+
SENSITIVE = []
|
34
38
|
include Aws::Structure
|
35
39
|
end
|
36
40
|
|
@@ -65,6 +69,41 @@ module Aws::Transfer
|
|
65
69
|
# @!attribute [rw] certificate
|
66
70
|
# The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM)
|
67
71
|
# certificate. Required when `Protocols` is set to `FTPS`.
|
72
|
+
#
|
73
|
+
# To request a new public certificate, see [Request a public
|
74
|
+
# certificate][1] in the <i> AWS Certificate Manager User Guide</i>.
|
75
|
+
#
|
76
|
+
# To import an existing certificate into ACM, see [Importing
|
77
|
+
# certificates into ACM][2] in the <i> AWS Certificate Manager User
|
78
|
+
# Guide</i>.
|
79
|
+
#
|
80
|
+
# To request a private certificate to use FTPS through private IP
|
81
|
+
# addresses, see [Request a private certificate][3] in the <i> AWS
|
82
|
+
# Certificate Manager User Guide</i>.
|
83
|
+
#
|
84
|
+
# Certificates with the following cryptographic algorithms and key
|
85
|
+
# sizes are supported:
|
86
|
+
#
|
87
|
+
# * 2048-bit RSA (RSA\_2048)
|
88
|
+
#
|
89
|
+
# * 4096-bit RSA (RSA\_4096)
|
90
|
+
#
|
91
|
+
# * Elliptic Prime Curve 256 bit (EC\_prime256v1)
|
92
|
+
#
|
93
|
+
# * Elliptic Prime Curve 384 bit (EC\_secp384r1)
|
94
|
+
#
|
95
|
+
# * Elliptic Prime Curve 521 bit (EC\_secp521r1)
|
96
|
+
#
|
97
|
+
# <note markdown="1"> The certificate must be a valid SSL/TLS X.509 version 3 certificate
|
98
|
+
# with FQDN or IP address specified and information about the issuer.
|
99
|
+
#
|
100
|
+
# </note>
|
101
|
+
#
|
102
|
+
#
|
103
|
+
#
|
104
|
+
# [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
|
105
|
+
# [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
|
106
|
+
# [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html
|
68
107
|
# @return [String]
|
69
108
|
#
|
70
109
|
# @!attribute [rw] endpoint_details
|
@@ -79,25 +118,33 @@ module Aws::Transfer
|
|
79
118
|
# @!attribute [rw] endpoint_type
|
80
119
|
# The type of VPC endpoint that you want your file transfer
|
81
120
|
# protocol-enabled server to connect to. You can choose to connect to
|
82
|
-
# the public internet or a
|
83
|
-
#
|
84
|
-
#
|
121
|
+
# the public internet or a VPC endpoint. With a VPC endpoint, you can
|
122
|
+
# restrict access to your server and resources only within your VPC.
|
123
|
+
#
|
124
|
+
# <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With
|
125
|
+
# this endpoint type, you have the option to directly associate up to
|
126
|
+
# three Elastic IPv4 addresses (BYO IP included) with your server's
|
127
|
+
# endpoint and use VPC security groups to restrict traffic by the
|
128
|
+
# client's public IP address. This is not possible with
|
129
|
+
# `EndpointType` set to `VPC_ENDPOINT`.
|
130
|
+
#
|
131
|
+
# </note>
|
85
132
|
# @return [String]
|
86
133
|
#
|
87
134
|
# @!attribute [rw] host_key
|
88
|
-
# The RSA private key as generated by the `ssh-keygen -N "" -f
|
135
|
+
# The RSA private key as generated by the `ssh-keygen -N "" -m PEM -f
|
89
136
|
# my-new-server-key` command.
|
90
137
|
#
|
91
138
|
# If you aren't planning to migrate existing users from an existing
|
92
139
|
# SFTP-enabled server to a new server, don't update the host key.
|
93
140
|
# Accidentally changing a server's host key can be disruptive.
|
94
141
|
#
|
95
|
-
# For more information, see [
|
96
|
-
#
|
142
|
+
# For more information, see [Change the host key for your SFTP-enabled
|
143
|
+
# server][1] in the *AWS Transfer Family User Guide*.
|
97
144
|
#
|
98
145
|
#
|
99
146
|
#
|
100
|
-
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/
|
147
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key
|
101
148
|
# @return [String]
|
102
149
|
#
|
103
150
|
# @!attribute [rw] identity_provider_details
|
@@ -128,13 +175,30 @@ module Aws::Transfer
|
|
128
175
|
# file transfer protocol client can connect to your server's
|
129
176
|
# endpoint. The available protocols are:
|
130
177
|
#
|
131
|
-
# * Secure Shell (SSH) File Transfer Protocol
|
178
|
+
# * `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer
|
132
179
|
# over SSH
|
133
180
|
#
|
134
|
-
# * File Transfer Protocol Secure
|
181
|
+
# * `FTPS` (File Transfer Protocol Secure): File transfer with TLS
|
135
182
|
# encryption
|
136
183
|
#
|
137
|
-
# * File Transfer Protocol
|
184
|
+
# * `FTP` (File Transfer Protocol): Unencrypted file transfer
|
185
|
+
#
|
186
|
+
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in AWS
|
187
|
+
# Certificate Manager (ACM) which will be used to identify your server
|
188
|
+
# when clients connect to it over FTPS.
|
189
|
+
#
|
190
|
+
# If `Protocol` includes either `FTP` or `FTPS`, then the
|
191
|
+
# `EndpointType` must be `VPC` and the `IdentityProviderType` must be
|
192
|
+
# `API_GATEWAY`.
|
193
|
+
#
|
194
|
+
# If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
|
195
|
+
# associated.
|
196
|
+
#
|
197
|
+
# If `Protocol` is set only to `SFTP`, the `EndpointType` can be set
|
198
|
+
# to `PUBLIC` and the `IdentityProviderType` can be set to
|
199
|
+
# `SERVICE_MANAGED`.
|
200
|
+
#
|
201
|
+
# </note>
|
138
202
|
# @return [Array<String>]
|
139
203
|
#
|
140
204
|
# @!attribute [rw] tags
|
@@ -154,6 +218,7 @@ module Aws::Transfer
|
|
154
218
|
:logging_role,
|
155
219
|
:protocols,
|
156
220
|
:tags)
|
221
|
+
SENSITIVE = [:host_key]
|
157
222
|
include Aws::Structure
|
158
223
|
end
|
159
224
|
|
@@ -166,6 +231,7 @@ module Aws::Transfer
|
|
166
231
|
#
|
167
232
|
class CreateServerResponse < Struct.new(
|
168
233
|
:server_id)
|
234
|
+
SENSITIVE = []
|
169
235
|
include Aws::Structure
|
170
236
|
end
|
171
237
|
|
@@ -198,7 +264,8 @@ module Aws::Transfer
|
|
198
264
|
# The landing directory (folder) for a user when they log in to the
|
199
265
|
# file transfer protocol-enabled server using the client.
|
200
266
|
#
|
201
|
-
# An example is
|
267
|
+
# An example is <i>
|
268
|
+
# <code>your-Amazon-S3-bucket-name>/home/username</code> </i>.
|
202
269
|
# @return [String]
|
203
270
|
#
|
204
271
|
# @!attribute [rw] home_directory_type
|
@@ -217,8 +284,8 @@ module Aws::Transfer
|
|
217
284
|
# visible. You will need to specify the "`Entry`" and "`Target`"
|
218
285
|
# pair, where `Entry` shows how the path is made visible and `Target`
|
219
286
|
# is the actual Amazon S3 path. If you only specify a target, it will
|
220
|
-
# be displayed as is. You will need to also make sure that your
|
221
|
-
#
|
287
|
+
# be displayed as is. You will need to also make sure that your IAM
|
288
|
+
# role provides access to paths in `Target`. The following is an
|
222
289
|
# example.
|
223
290
|
#
|
224
291
|
# `'[ "/bucket2/documentation", \{ "Entry":
|
@@ -254,8 +321,8 @@ module Aws::Transfer
|
|
254
321
|
# You save the policy as a JSON blob and pass it in the `Policy`
|
255
322
|
# argument.
|
256
323
|
#
|
257
|
-
# For an example of a scope-down policy, see [Creating a
|
258
|
-
#
|
324
|
+
# For an example of a scope-down policy, see [Creating a scope-down
|
325
|
+
# policy][1].
|
259
326
|
#
|
260
327
|
# For more information, see [AssumeRole][2] in the *AWS Security Token
|
261
328
|
# Service API Reference*.
|
@@ -314,6 +381,7 @@ module Aws::Transfer
|
|
314
381
|
:ssh_public_key_body,
|
315
382
|
:tags,
|
316
383
|
:user_name)
|
384
|
+
SENSITIVE = []
|
317
385
|
include Aws::Structure
|
318
386
|
end
|
319
387
|
|
@@ -332,6 +400,7 @@ module Aws::Transfer
|
|
332
400
|
class CreateUserResponse < Struct.new(
|
333
401
|
:server_id,
|
334
402
|
:user_name)
|
403
|
+
SENSITIVE = []
|
335
404
|
include Aws::Structure
|
336
405
|
end
|
337
406
|
|
@@ -351,6 +420,7 @@ module Aws::Transfer
|
|
351
420
|
#
|
352
421
|
class DeleteServerRequest < Struct.new(
|
353
422
|
:server_id)
|
423
|
+
SENSITIVE = []
|
354
424
|
include Aws::Structure
|
355
425
|
end
|
356
426
|
|
@@ -383,6 +453,7 @@ module Aws::Transfer
|
|
383
453
|
:server_id,
|
384
454
|
:ssh_public_key_id,
|
385
455
|
:user_name)
|
456
|
+
SENSITIVE = []
|
386
457
|
include Aws::Structure
|
387
458
|
end
|
388
459
|
|
@@ -409,6 +480,7 @@ module Aws::Transfer
|
|
409
480
|
class DeleteUserRequest < Struct.new(
|
410
481
|
:server_id,
|
411
482
|
:user_name)
|
483
|
+
SENSITIVE = []
|
412
484
|
include Aws::Structure
|
413
485
|
end
|
414
486
|
|
@@ -428,6 +500,7 @@ module Aws::Transfer
|
|
428
500
|
#
|
429
501
|
class DescribeServerRequest < Struct.new(
|
430
502
|
:server_id)
|
503
|
+
SENSITIVE = []
|
431
504
|
include Aws::Structure
|
432
505
|
end
|
433
506
|
|
@@ -440,6 +513,7 @@ module Aws::Transfer
|
|
440
513
|
#
|
441
514
|
class DescribeServerResponse < Struct.new(
|
442
515
|
:server)
|
516
|
+
SENSITIVE = []
|
443
517
|
include Aws::Structure
|
444
518
|
end
|
445
519
|
|
@@ -468,6 +542,7 @@ module Aws::Transfer
|
|
468
542
|
class DescribeUserRequest < Struct.new(
|
469
543
|
:server_id,
|
470
544
|
:user_name)
|
545
|
+
SENSITIVE = []
|
471
546
|
include Aws::Structure
|
472
547
|
end
|
473
548
|
|
@@ -486,14 +561,17 @@ module Aws::Transfer
|
|
486
561
|
class DescribeUserResponse < Struct.new(
|
487
562
|
:server_id,
|
488
563
|
:user)
|
564
|
+
SENSITIVE = []
|
489
565
|
include Aws::Structure
|
490
566
|
end
|
491
567
|
|
492
568
|
# Describes the properties of a file transfer protocol-enabled server
|
493
569
|
# that was specified. Information returned includes the following: the
|
494
|
-
# server Amazon Resource Name (ARN), the
|
495
|
-
#
|
496
|
-
#
|
570
|
+
# server Amazon Resource Name (ARN), the certificate ARN (if the FTPS
|
571
|
+
# protocol was selected), the endpoint type and details, the
|
572
|
+
# authentication configuration and type, the logging role, the file
|
573
|
+
# transfer protocol or protocols, the server ID and state, and assigned
|
574
|
+
# tags or metadata.
|
497
575
|
#
|
498
576
|
# @!attribute [rw] arn
|
499
577
|
# Specifies the unique Amazon Resource Name (ARN) for a file transfer
|
@@ -501,25 +579,26 @@ module Aws::Transfer
|
|
501
579
|
# @return [String]
|
502
580
|
#
|
503
581
|
# @!attribute [rw] certificate
|
504
|
-
#
|
505
|
-
#
|
582
|
+
# Specifies the ARN of the AWS Certificate Manager (ACM) certificate.
|
583
|
+
# Required when `Protocols` is set to `FTPS`.
|
506
584
|
# @return [String]
|
507
585
|
#
|
508
586
|
# @!attribute [rw] endpoint_details
|
509
|
-
#
|
587
|
+
# Specifies the virtual private cloud (VPC) endpoint settings that you
|
510
588
|
# configured for your file transfer protocol-enabled server.
|
511
589
|
# @return [Types::EndpointDetails]
|
512
590
|
#
|
513
591
|
# @!attribute [rw] endpoint_type
|
514
|
-
#
|
515
|
-
# is connected to. If your server is connected
|
516
|
-
# server isn't accessible over the public
|
592
|
+
# Defines the type of endpoint that your file transfer
|
593
|
+
# protocol-enabled server is connected to. If your server is connected
|
594
|
+
# to a VPC endpoint, your server isn't accessible over the public
|
595
|
+
# internet.
|
517
596
|
# @return [String]
|
518
597
|
#
|
519
598
|
# @!attribute [rw] host_key_fingerprint
|
520
|
-
#
|
521
|
-
#
|
522
|
-
#
|
599
|
+
# Specifies the Base64-encoded SHA256 fingerprint of the server's
|
600
|
+
# host key. This value is equivalent to the output of the `ssh-keygen
|
601
|
+
# -l -f my-new-server-key` command.
|
523
602
|
# @return [String]
|
524
603
|
#
|
525
604
|
# @!attribute [rw] identity_provider_details
|
@@ -529,19 +608,19 @@ module Aws::Transfer
|
|
529
608
|
# @return [Types::IdentityProviderDetails]
|
530
609
|
#
|
531
610
|
# @!attribute [rw] identity_provider_type
|
532
|
-
#
|
533
|
-
# A value of `SERVICE_MANAGED` means that you are using this
|
534
|
-
# transfer protocol-enabled server to store and access user
|
611
|
+
# Specifies the mode of authentication method enabled for this
|
612
|
+
# service. A value of `SERVICE_MANAGED` means that you are using this
|
613
|
+
# file transfer protocol-enabled server to store and access user
|
535
614
|
# credentials within the service. A value of `API_GATEWAY` indicates
|
536
615
|
# that you have integrated an API Gateway endpoint that will be
|
537
616
|
# invoked for authenticating your user into the service.
|
538
617
|
# @return [String]
|
539
618
|
#
|
540
619
|
# @!attribute [rw] logging_role
|
541
|
-
#
|
542
|
-
# file transfer protocol-enabled server to turn on Amazon
|
543
|
-
# logging for Amazon S3 events. When set, user activity can
|
544
|
-
# in your CloudWatch logs.
|
620
|
+
# Specifies the AWS Identity and Access Management (IAM) role that
|
621
|
+
# allows a file transfer protocol-enabled server to turn on Amazon
|
622
|
+
# CloudWatch logging for Amazon S3 events. When set, user activity can
|
623
|
+
# be viewed in your CloudWatch logs.
|
545
624
|
# @return [String]
|
546
625
|
#
|
547
626
|
# @!attribute [rw] protocols
|
@@ -549,25 +628,25 @@ module Aws::Transfer
|
|
549
628
|
# file transfer protocol client can connect to your server's
|
550
629
|
# endpoint. The available protocols are:
|
551
630
|
#
|
552
|
-
# * Secure Shell (SSH) File Transfer Protocol
|
631
|
+
# * `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer
|
553
632
|
# over SSH
|
554
633
|
#
|
555
|
-
# * File Transfer Protocol Secure
|
634
|
+
# * `FTPS` (File Transfer Protocol Secure): File transfer with TLS
|
556
635
|
# encryption
|
557
636
|
#
|
558
|
-
# * File Transfer Protocol
|
637
|
+
# * `FTP` (File Transfer Protocol): Unencrypted file transfer
|
559
638
|
# @return [Array<String>]
|
560
639
|
#
|
561
640
|
# @!attribute [rw] server_id
|
562
|
-
#
|
641
|
+
# Specifies the unique system-assigned identifier for a file transfer
|
563
642
|
# protocol-enabled server that you instantiate.
|
564
643
|
# @return [String]
|
565
644
|
#
|
566
645
|
# @!attribute [rw] state
|
567
|
-
#
|
568
|
-
# server that was described. A value of `ONLINE` indicates
|
569
|
-
# server can accept jobs and transfer files. A `State` value
|
570
|
-
# `OFFLINE` means that the server cannot perform file transfer
|
646
|
+
# Specifies the condition of a file transfer protocol-enabled server
|
647
|
+
# for the server that was described. A value of `ONLINE` indicates
|
648
|
+
# that the server can accept jobs and transfer files. A `State` value
|
649
|
+
# of `OFFLINE` means that the server cannot perform file transfer
|
571
650
|
# operations.
|
572
651
|
#
|
573
652
|
# The states of `STARTING` and `STOPPING` indicate that the server is
|
@@ -577,13 +656,13 @@ module Aws::Transfer
|
|
577
656
|
# @return [String]
|
578
657
|
#
|
579
658
|
# @!attribute [rw] tags
|
580
|
-
#
|
659
|
+
# Specifies the key-value pairs that you can use to search for and
|
581
660
|
# group file transfer protocol-enabled servers that were assigned to
|
582
661
|
# the server that was described.
|
583
662
|
# @return [Array<Types::Tag>]
|
584
663
|
#
|
585
664
|
# @!attribute [rw] user_count
|
586
|
-
#
|
665
|
+
# Specifies the number of users that are assigned to a file transfer
|
587
666
|
# protocol-enabled server you specified with the `ServerId`.
|
588
667
|
# @return [Integer]
|
589
668
|
#
|
@@ -603,31 +682,33 @@ module Aws::Transfer
|
|
603
682
|
:state,
|
604
683
|
:tags,
|
605
684
|
:user_count)
|
685
|
+
SENSITIVE = []
|
606
686
|
include Aws::Structure
|
607
687
|
end
|
608
688
|
|
609
689
|
# Returns properties of the user that you want to describe.
|
610
690
|
#
|
611
691
|
# @!attribute [rw] arn
|
612
|
-
#
|
613
|
-
# requested to be described.
|
692
|
+
# Specifies the unique Amazon Resource Name (ARN) for the user that
|
693
|
+
# was requested to be described.
|
614
694
|
# @return [String]
|
615
695
|
#
|
616
696
|
# @!attribute [rw] home_directory
|
617
697
|
# Specifies the landing directory (or folder), which is the location
|
618
|
-
# that files are written to or read from in an Amazon S3 bucket for
|
619
|
-
# the described user. An example is
|
620
|
-
# name
|
698
|
+
# that files are written to or read from in an Amazon S3 bucket, for
|
699
|
+
# the described user. An example is <i>
|
700
|
+
# <code>your-Amazon-S3-bucket-name>/home/username</code> </i>.
|
621
701
|
# @return [String]
|
622
702
|
#
|
623
703
|
# @!attribute [rw] home_directory_mappings
|
624
|
-
#
|
704
|
+
# Specifies the logical directory mappings that specify what Amazon S3
|
625
705
|
# paths and keys should be visible to your user and how you want to
|
626
706
|
# make them visible. You will need to specify the "`Entry`" and
|
627
707
|
# "`Target`" pair, where `Entry` shows how the path is made visible
|
628
708
|
# and `Target` is the actual Amazon S3 path. If you only specify a
|
629
709
|
# target, it will be displayed as is. You will need to also make sure
|
630
|
-
# that your AWS
|
710
|
+
# that your AWS Identity and Access Management (IAM) role provides
|
711
|
+
# access to paths in `Target`.
|
631
712
|
#
|
632
713
|
# In most cases, you can use this value instead of the scope-down
|
633
714
|
# policy to lock your user down to the designated home directory
|
@@ -636,13 +717,13 @@ module Aws::Transfer
|
|
636
717
|
# @return [Array<Types::HomeDirectoryMapEntry>]
|
637
718
|
#
|
638
719
|
# @!attribute [rw] home_directory_type
|
639
|
-
#
|
640
|
-
# see when they log into the file transfer protocol-enabled
|
641
|
-
# you set it to `PATH`, the user will see the absolute
|
642
|
-
# bucket paths as is in their file transfer protocol
|
643
|
-
# set it `LOGICAL`, you will need to provide mappings
|
644
|
-
# `HomeDirectoryMappings` for how you want to make Amazon S3
|
645
|
-
# visible to your users.
|
720
|
+
# Specifies the type of landing directory (folder) you mapped for your
|
721
|
+
# users to see when they log into the file transfer protocol-enabled
|
722
|
+
# server. If you set it to `PATH`, the user will see the absolute
|
723
|
+
# Amazon S3 bucket paths as is in their file transfer protocol
|
724
|
+
# clients. If you set it `LOGICAL`, you will need to provide mappings
|
725
|
+
# in the `HomeDirectoryMappings` for how you want to make Amazon S3
|
726
|
+
# paths visible to your users.
|
646
727
|
# @return [String]
|
647
728
|
#
|
648
729
|
# @!attribute [rw] policy
|
@@ -660,20 +741,20 @@ module Aws::Transfer
|
|
660
741
|
# @return [String]
|
661
742
|
#
|
662
743
|
# @!attribute [rw] ssh_public_keys
|
663
|
-
#
|
744
|
+
# Specifies the public key portion of the Secure Shell (SSH) keys
|
664
745
|
# stored for the described user.
|
665
746
|
# @return [Array<Types::SshPublicKey>]
|
666
747
|
#
|
667
748
|
# @!attribute [rw] tags
|
668
|
-
#
|
669
|
-
# to search for and group users for a variety of purposes.
|
749
|
+
# Specifies the key-value pairs for the user requested. Tag can be
|
750
|
+
# used to search for and group users for a variety of purposes.
|
670
751
|
# @return [Array<Types::Tag>]
|
671
752
|
#
|
672
753
|
# @!attribute [rw] user_name
|
673
|
-
#
|
674
|
-
# are used for authentication purposes. This is the string
|
675
|
-
# be used by your user when they log in to your file
|
676
|
-
# protocol-enabled server.
|
754
|
+
# Specifies the name of the user that was requested to be described.
|
755
|
+
# User names are used for authentication purposes. This is the string
|
756
|
+
# that will be used by your user when they log in to your file
|
757
|
+
# transfer protocol-enabled server.
|
677
758
|
# @return [String]
|
678
759
|
#
|
679
760
|
# @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedUser AWS API Documentation
|
@@ -688,6 +769,7 @@ module Aws::Transfer
|
|
688
769
|
:ssh_public_keys,
|
689
770
|
:tags,
|
690
771
|
:user_name)
|
772
|
+
SENSITIVE = []
|
691
773
|
include Aws::Structure
|
692
774
|
end
|
693
775
|
|
@@ -720,15 +802,28 @@ module Aws::Transfer
|
|
720
802
|
# @!attribute [rw] subnet_ids
|
721
803
|
# A list of subnet IDs that are required to host your file transfer
|
722
804
|
# protocol-enabled server endpoint in your VPC.
|
805
|
+
#
|
806
|
+
# <note markdown="1"> This property can only be used when `EndpointType` is set to `VPC`.
|
807
|
+
#
|
808
|
+
# </note>
|
723
809
|
# @return [Array<String>]
|
724
810
|
#
|
725
811
|
# @!attribute [rw] vpc_endpoint_id
|
726
812
|
# The ID of the VPC endpoint.
|
813
|
+
#
|
814
|
+
# <note markdown="1"> This property can only be used when `EndpointType` is set to
|
815
|
+
# `VPC_ENDPOINT`.
|
816
|
+
#
|
817
|
+
# </note>
|
727
818
|
# @return [String]
|
728
819
|
#
|
729
820
|
# @!attribute [rw] vpc_id
|
730
821
|
# The VPC ID of the VPC in which a file transfer protocol-enabled
|
731
822
|
# server's endpoint will be hosted.
|
823
|
+
#
|
824
|
+
# <note markdown="1"> This property can only be used when `EndpointType` is set to `VPC`.
|
825
|
+
#
|
826
|
+
# </note>
|
732
827
|
# @return [String]
|
733
828
|
#
|
734
829
|
# @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/EndpointDetails AWS API Documentation
|
@@ -738,6 +833,7 @@ module Aws::Transfer
|
|
738
833
|
:subnet_ids,
|
739
834
|
:vpc_endpoint_id,
|
740
835
|
:vpc_id)
|
836
|
+
SENSITIVE = []
|
741
837
|
include Aws::Structure
|
742
838
|
end
|
743
839
|
|
@@ -765,6 +861,7 @@ module Aws::Transfer
|
|
765
861
|
class HomeDirectoryMapEntry < Struct.new(
|
766
862
|
:entry,
|
767
863
|
:target)
|
864
|
+
SENSITIVE = []
|
768
865
|
include Aws::Structure
|
769
866
|
end
|
770
867
|
|
@@ -781,7 +878,7 @@ module Aws::Transfer
|
|
781
878
|
# }
|
782
879
|
#
|
783
880
|
# @!attribute [rw] url
|
784
|
-
#
|
881
|
+
# Provides the location of the service endpoint used to authenticate
|
785
882
|
# users.
|
786
883
|
# @return [String]
|
787
884
|
#
|
@@ -795,6 +892,7 @@ module Aws::Transfer
|
|
795
892
|
class IdentityProviderDetails < Struct.new(
|
796
893
|
:url,
|
797
894
|
:invocation_role)
|
895
|
+
SENSITIVE = []
|
798
896
|
include Aws::Structure
|
799
897
|
end
|
800
898
|
|
@@ -827,6 +925,7 @@ module Aws::Transfer
|
|
827
925
|
:server_id,
|
828
926
|
:ssh_public_key_body,
|
829
927
|
:user_name)
|
928
|
+
SENSITIVE = []
|
830
929
|
include Aws::Structure
|
831
930
|
end
|
832
931
|
|
@@ -854,6 +953,7 @@ module Aws::Transfer
|
|
854
953
|
:server_id,
|
855
954
|
:ssh_public_key_id,
|
856
955
|
:user_name)
|
956
|
+
SENSITIVE = []
|
857
957
|
include Aws::Structure
|
858
958
|
end
|
859
959
|
|
@@ -867,6 +967,7 @@ module Aws::Transfer
|
|
867
967
|
#
|
868
968
|
class InternalServiceError < Struct.new(
|
869
969
|
:message)
|
970
|
+
SENSITIVE = []
|
870
971
|
include Aws::Structure
|
871
972
|
end
|
872
973
|
|
@@ -879,6 +980,7 @@ module Aws::Transfer
|
|
879
980
|
#
|
880
981
|
class InvalidNextTokenException < Struct.new(
|
881
982
|
:message)
|
983
|
+
SENSITIVE = []
|
882
984
|
include Aws::Structure
|
883
985
|
end
|
884
986
|
|
@@ -891,6 +993,7 @@ module Aws::Transfer
|
|
891
993
|
#
|
892
994
|
class InvalidRequestException < Struct.new(
|
893
995
|
:message)
|
996
|
+
SENSITIVE = []
|
894
997
|
include Aws::Structure
|
895
998
|
end
|
896
999
|
|
@@ -919,6 +1022,7 @@ module Aws::Transfer
|
|
919
1022
|
class ListServersRequest < Struct.new(
|
920
1023
|
:max_results,
|
921
1024
|
:next_token)
|
1025
|
+
SENSITIVE = []
|
922
1026
|
include Aws::Structure
|
923
1027
|
end
|
924
1028
|
|
@@ -938,6 +1042,7 @@ module Aws::Transfer
|
|
938
1042
|
class ListServersResponse < Struct.new(
|
939
1043
|
:next_token,
|
940
1044
|
:servers)
|
1045
|
+
SENSITIVE = []
|
941
1046
|
include Aws::Structure
|
942
1047
|
end
|
943
1048
|
|
@@ -974,6 +1079,7 @@ module Aws::Transfer
|
|
974
1079
|
:arn,
|
975
1080
|
:max_results,
|
976
1081
|
:next_token)
|
1082
|
+
SENSITIVE = []
|
977
1083
|
include Aws::Structure
|
978
1084
|
end
|
979
1085
|
|
@@ -1000,6 +1106,7 @@ module Aws::Transfer
|
|
1000
1106
|
:arn,
|
1001
1107
|
:next_token,
|
1002
1108
|
:tags)
|
1109
|
+
SENSITIVE = []
|
1003
1110
|
include Aws::Structure
|
1004
1111
|
end
|
1005
1112
|
|
@@ -1035,6 +1142,7 @@ module Aws::Transfer
|
|
1035
1142
|
:max_results,
|
1036
1143
|
:next_token,
|
1037
1144
|
:server_id)
|
1145
|
+
SENSITIVE = []
|
1038
1146
|
include Aws::Structure
|
1039
1147
|
end
|
1040
1148
|
|
@@ -1061,6 +1169,7 @@ module Aws::Transfer
|
|
1061
1169
|
:next_token,
|
1062
1170
|
:server_id,
|
1063
1171
|
:users)
|
1172
|
+
SENSITIVE = []
|
1064
1173
|
include Aws::Structure
|
1065
1174
|
end
|
1066
1175
|
|
@@ -1068,37 +1177,38 @@ module Aws::Transfer
|
|
1068
1177
|
# specified.
|
1069
1178
|
#
|
1070
1179
|
# @!attribute [rw] arn
|
1071
|
-
#
|
1180
|
+
# Specifies the unique Amazon Resource Name (ARN) for a file transfer
|
1072
1181
|
# protocol-enabled server to be listed.
|
1073
1182
|
# @return [String]
|
1074
1183
|
#
|
1075
1184
|
# @!attribute [rw] identity_provider_type
|
1076
|
-
#
|
1077
|
-
# transfer protocol-enabled server that was specified. This can
|
1185
|
+
# Specifies the authentication method used to validate a user for a
|
1186
|
+
# file transfer protocol-enabled server that was specified. This can
|
1078
1187
|
# include Secure Shell (SSH), user name and password combinations, or
|
1079
1188
|
# your own custom authentication method. Valid values include
|
1080
1189
|
# `SERVICE_MANAGED` or `API_GATEWAY`.
|
1081
1190
|
# @return [String]
|
1082
1191
|
#
|
1083
1192
|
# @!attribute [rw] endpoint_type
|
1084
|
-
#
|
1085
|
-
# server is connected to. If your server is connected
|
1086
|
-
# endpoint, your server isn't accessible over the public
|
1193
|
+
# Specifies the type of VPC endpoint that your file transfer
|
1194
|
+
# protocol-enabled server is connected to. If your server is connected
|
1195
|
+
# to a VPC endpoint, your server isn't accessible over the public
|
1196
|
+
# internet.
|
1087
1197
|
# @return [String]
|
1088
1198
|
#
|
1089
1199
|
# @!attribute [rw] logging_role
|
1090
|
-
#
|
1091
|
-
# file transfer protocol-enabled server to turn on Amazon
|
1092
|
-
# logging.
|
1200
|
+
# Specifies the AWS Identity and Access Management (IAM) role that
|
1201
|
+
# allows a file transfer protocol-enabled server to turn on Amazon
|
1202
|
+
# CloudWatch logging.
|
1093
1203
|
# @return [String]
|
1094
1204
|
#
|
1095
1205
|
# @!attribute [rw] server_id
|
1096
|
-
#
|
1206
|
+
# Specifies the unique system assigned identifier for a file transfer
|
1097
1207
|
# protocol-enabled servers that were listed.
|
1098
1208
|
# @return [String]
|
1099
1209
|
#
|
1100
1210
|
# @!attribute [rw] state
|
1101
|
-
#
|
1211
|
+
# Specifies the condition of a file transfer protocol-enabled server
|
1102
1212
|
# for the server that was described. A value of `ONLINE` indicates
|
1103
1213
|
# that the server can accept jobs and transfer files. A `State` value
|
1104
1214
|
# of `OFFLINE` means that the server cannot perform file transfer
|
@@ -1111,9 +1221,8 @@ module Aws::Transfer
|
|
1111
1221
|
# @return [String]
|
1112
1222
|
#
|
1113
1223
|
# @!attribute [rw] user_count
|
1114
|
-
#
|
1115
|
-
#
|
1116
|
-
# `ServerId`.
|
1224
|
+
# Specifies the number of users that are assigned to a file transfer
|
1225
|
+
# protocol-enabled server you specified with the `ServerId`.
|
1117
1226
|
# @return [Integer]
|
1118
1227
|
#
|
1119
1228
|
# @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListedServer AWS API Documentation
|
@@ -1126,14 +1235,15 @@ module Aws::Transfer
|
|
1126
1235
|
:server_id,
|
1127
1236
|
:state,
|
1128
1237
|
:user_count)
|
1238
|
+
SENSITIVE = []
|
1129
1239
|
include Aws::Structure
|
1130
1240
|
end
|
1131
1241
|
|
1132
1242
|
# Returns properties of the user that you specify.
|
1133
1243
|
#
|
1134
1244
|
# @!attribute [rw] arn
|
1135
|
-
#
|
1136
|
-
# learn about.
|
1245
|
+
# Provides the unique Amazon Resource Name (ARN) for the user that you
|
1246
|
+
# want to learn about.
|
1137
1247
|
# @return [String]
|
1138
1248
|
#
|
1139
1249
|
# @!attribute [rw] home_directory
|
@@ -1142,29 +1252,31 @@ module Aws::Transfer
|
|
1142
1252
|
# @return [String]
|
1143
1253
|
#
|
1144
1254
|
# @!attribute [rw] home_directory_type
|
1145
|
-
#
|
1146
|
-
# home directory. If you set it to `PATH`, the user will see
|
1147
|
-
# absolute Amazon S3 bucket paths as is in their file transfer
|
1255
|
+
# Specifies the type of landing directory (folder) you mapped for your
|
1256
|
+
# users' home directory. If you set it to `PATH`, the user will see
|
1257
|
+
# the absolute Amazon S3 bucket paths as is in their file transfer
|
1148
1258
|
# protocol clients. If you set it `LOGICAL`, you will need to provide
|
1149
1259
|
# mappings in the `HomeDirectoryMappings` for how you want to make
|
1150
1260
|
# Amazon S3 paths visible to your users.
|
1151
1261
|
# @return [String]
|
1152
1262
|
#
|
1153
1263
|
# @!attribute [rw] role
|
1154
|
-
#
|
1155
|
-
# Management (IAM) entity that, in this case,
|
1156
|
-
# protocol-enabled server to act on a user's
|
1157
|
-
# server to inherit the trust relationship that
|
1158
|
-
# perform file operations to their Amazon S3
|
1264
|
+
# Specifies the role that is in use by this user. A *role* is an AWS
|
1265
|
+
# Identity and Access Management (IAM) entity that, in this case,
|
1266
|
+
# allows a file transfer protocol-enabled server to act on a user's
|
1267
|
+
# behalf. It allows the server to inherit the trust relationship that
|
1268
|
+
# enables that user to perform file operations to their Amazon S3
|
1269
|
+
# bucket.
|
1159
1270
|
# @return [String]
|
1160
1271
|
#
|
1161
1272
|
# @!attribute [rw] ssh_public_key_count
|
1162
|
-
#
|
1273
|
+
# Specifies the number of SSH public keys stored for the user you
|
1274
|
+
# specified.
|
1163
1275
|
# @return [Integer]
|
1164
1276
|
#
|
1165
1277
|
# @!attribute [rw] user_name
|
1166
|
-
#
|
1167
|
-
# for authentication purposes.
|
1278
|
+
# Specifies the name of the user whose ARN was specified. User names
|
1279
|
+
# are used for authentication purposes.
|
1168
1280
|
# @return [String]
|
1169
1281
|
#
|
1170
1282
|
# @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListedUser AWS API Documentation
|
@@ -1176,6 +1288,7 @@ module Aws::Transfer
|
|
1176
1288
|
:role,
|
1177
1289
|
:ssh_public_key_count,
|
1178
1290
|
:user_name)
|
1291
|
+
SENSITIVE = []
|
1179
1292
|
include Aws::Structure
|
1180
1293
|
end
|
1181
1294
|
|
@@ -1196,6 +1309,7 @@ module Aws::Transfer
|
|
1196
1309
|
:message,
|
1197
1310
|
:resource,
|
1198
1311
|
:resource_type)
|
1312
|
+
SENSITIVE = []
|
1199
1313
|
include Aws::Structure
|
1200
1314
|
end
|
1201
1315
|
|
@@ -1217,6 +1331,7 @@ module Aws::Transfer
|
|
1217
1331
|
:message,
|
1218
1332
|
:resource,
|
1219
1333
|
:resource_type)
|
1334
|
+
SENSITIVE = []
|
1220
1335
|
include Aws::Structure
|
1221
1336
|
end
|
1222
1337
|
|
@@ -1230,6 +1345,7 @@ module Aws::Transfer
|
|
1230
1345
|
#
|
1231
1346
|
class ServiceUnavailableException < Struct.new(
|
1232
1347
|
:message)
|
1348
|
+
SENSITIVE = []
|
1233
1349
|
include Aws::Structure
|
1234
1350
|
end
|
1235
1351
|
|
@@ -1241,16 +1357,18 @@ module Aws::Transfer
|
|
1241
1357
|
# public key associated with their user name on a specific server.
|
1242
1358
|
#
|
1243
1359
|
# @!attribute [rw] date_imported
|
1244
|
-
#
|
1360
|
+
# Specifies the date that the public key was added to the user
|
1361
|
+
# account.
|
1245
1362
|
# @return [Time]
|
1246
1363
|
#
|
1247
1364
|
# @!attribute [rw] ssh_public_key_body
|
1248
|
-
#
|
1365
|
+
# Specifies the content of the SSH public key as specified by the
|
1366
|
+
# `PublicKeyId`.
|
1249
1367
|
# @return [String]
|
1250
1368
|
#
|
1251
1369
|
# @!attribute [rw] ssh_public_key_id
|
1252
|
-
#
|
1253
|
-
# key.
|
1370
|
+
# Specifies the `SshPublicKeyId` parameter contains the identifier of
|
1371
|
+
# the public key.
|
1254
1372
|
# @return [String]
|
1255
1373
|
#
|
1256
1374
|
# @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/SshPublicKey AWS API Documentation
|
@@ -1259,6 +1377,7 @@ module Aws::Transfer
|
|
1259
1377
|
:date_imported,
|
1260
1378
|
:ssh_public_key_body,
|
1261
1379
|
:ssh_public_key_id)
|
1380
|
+
SENSITIVE = []
|
1262
1381
|
include Aws::Structure
|
1263
1382
|
end
|
1264
1383
|
|
@@ -1278,6 +1397,7 @@ module Aws::Transfer
|
|
1278
1397
|
#
|
1279
1398
|
class StartServerRequest < Struct.new(
|
1280
1399
|
:server_id)
|
1400
|
+
SENSITIVE = []
|
1281
1401
|
include Aws::Structure
|
1282
1402
|
end
|
1283
1403
|
|
@@ -1297,6 +1417,7 @@ module Aws::Transfer
|
|
1297
1417
|
#
|
1298
1418
|
class StopServerRequest < Struct.new(
|
1299
1419
|
:server_id)
|
1420
|
+
SENSITIVE = []
|
1300
1421
|
include Aws::Structure
|
1301
1422
|
end
|
1302
1423
|
|
@@ -1329,6 +1450,7 @@ module Aws::Transfer
|
|
1329
1450
|
class Tag < Struct.new(
|
1330
1451
|
:key,
|
1331
1452
|
:value)
|
1453
|
+
SENSITIVE = []
|
1332
1454
|
include Aws::Structure
|
1333
1455
|
end
|
1334
1456
|
|
@@ -1361,6 +1483,7 @@ module Aws::Transfer
|
|
1361
1483
|
class TagResourceRequest < Struct.new(
|
1362
1484
|
:arn,
|
1363
1485
|
:tags)
|
1486
|
+
SENSITIVE = []
|
1364
1487
|
include Aws::Structure
|
1365
1488
|
end
|
1366
1489
|
|
@@ -1369,9 +1492,10 @@ module Aws::Transfer
|
|
1369
1492
|
#
|
1370
1493
|
# {
|
1371
1494
|
# server_id: "ServerId", # required
|
1495
|
+
# server_protocol: "SFTP", # accepts SFTP, FTP, FTPS
|
1496
|
+
# source_ip: "SourceIp",
|
1372
1497
|
# user_name: "UserName", # required
|
1373
1498
|
# user_password: "UserPassword",
|
1374
|
-
# server_protocol: "SFTP", # accepts SFTP, FTP, FTPS
|
1375
1499
|
# }
|
1376
1500
|
#
|
1377
1501
|
# @!attribute [rw] server_id
|
@@ -1380,14 +1504,6 @@ module Aws::Transfer
|
|
1380
1504
|
# is tested with a user name and password.
|
1381
1505
|
# @return [String]
|
1382
1506
|
#
|
1383
|
-
# @!attribute [rw] user_name
|
1384
|
-
# The name of the user account to be tested.
|
1385
|
-
# @return [String]
|
1386
|
-
#
|
1387
|
-
# @!attribute [rw] user_password
|
1388
|
-
# The password of the user account to be tested.
|
1389
|
-
# @return [String]
|
1390
|
-
#
|
1391
1507
|
# @!attribute [rw] server_protocol
|
1392
1508
|
# The type of file transfer protocol to be tested.
|
1393
1509
|
#
|
@@ -1400,13 +1516,27 @@ module Aws::Transfer
|
|
1400
1516
|
# * File Transfer Protocol (FTP)
|
1401
1517
|
# @return [String]
|
1402
1518
|
#
|
1519
|
+
# @!attribute [rw] source_ip
|
1520
|
+
# The source IP address of the user account to be tested.
|
1521
|
+
# @return [String]
|
1522
|
+
#
|
1523
|
+
# @!attribute [rw] user_name
|
1524
|
+
# The name of the user account to be tested.
|
1525
|
+
# @return [String]
|
1526
|
+
#
|
1527
|
+
# @!attribute [rw] user_password
|
1528
|
+
# The password of the user account to be tested.
|
1529
|
+
# @return [String]
|
1530
|
+
#
|
1403
1531
|
# @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/TestIdentityProviderRequest AWS API Documentation
|
1404
1532
|
#
|
1405
1533
|
class TestIdentityProviderRequest < Struct.new(
|
1406
1534
|
:server_id,
|
1535
|
+
:server_protocol,
|
1536
|
+
:source_ip,
|
1407
1537
|
:user_name,
|
1408
|
-
:user_password
|
1409
|
-
:
|
1538
|
+
:user_password)
|
1539
|
+
SENSITIVE = [:user_password]
|
1410
1540
|
include Aws::Structure
|
1411
1541
|
end
|
1412
1542
|
|
@@ -1433,6 +1563,7 @@ module Aws::Transfer
|
|
1433
1563
|
:status_code,
|
1434
1564
|
:message,
|
1435
1565
|
:url)
|
1566
|
+
SENSITIVE = []
|
1436
1567
|
include Aws::Structure
|
1437
1568
|
end
|
1438
1569
|
|
@@ -1447,6 +1578,7 @@ module Aws::Transfer
|
|
1447
1578
|
#
|
1448
1579
|
class ThrottlingException < Struct.new(
|
1449
1580
|
:retry_after_seconds)
|
1581
|
+
SENSITIVE = []
|
1450
1582
|
include Aws::Structure
|
1451
1583
|
end
|
1452
1584
|
|
@@ -1475,6 +1607,7 @@ module Aws::Transfer
|
|
1475
1607
|
class UntagResourceRequest < Struct.new(
|
1476
1608
|
:arn,
|
1477
1609
|
:tag_keys)
|
1610
|
+
SENSITIVE = []
|
1478
1611
|
include Aws::Structure
|
1479
1612
|
end
|
1480
1613
|
|
@@ -1503,6 +1636,41 @@ module Aws::Transfer
|
|
1503
1636
|
# @!attribute [rw] certificate
|
1504
1637
|
# The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM)
|
1505
1638
|
# certificate. Required when `Protocols` is set to `FTPS`.
|
1639
|
+
#
|
1640
|
+
# To request a new public certificate, see [Request a public
|
1641
|
+
# certificate][1] in the <i> AWS Certificate Manager User Guide</i>.
|
1642
|
+
#
|
1643
|
+
# To import an existing certificate into ACM, see [Importing
|
1644
|
+
# certificates into ACM][2] in the <i> AWS Certificate Manager User
|
1645
|
+
# Guide</i>.
|
1646
|
+
#
|
1647
|
+
# To request a private certificate to use FTPS through private IP
|
1648
|
+
# addresses, see [Request a private certificate][3] in the <i> AWS
|
1649
|
+
# Certificate Manager User Guide</i>.
|
1650
|
+
#
|
1651
|
+
# Certificates with the following cryptographic algorithms and key
|
1652
|
+
# sizes are supported:
|
1653
|
+
#
|
1654
|
+
# * 2048-bit RSA (RSA\_2048)
|
1655
|
+
#
|
1656
|
+
# * 4096-bit RSA (RSA\_4096)
|
1657
|
+
#
|
1658
|
+
# * Elliptic Prime Curve 256 bit (EC\_prime256v1)
|
1659
|
+
#
|
1660
|
+
# * Elliptic Prime Curve 384 bit (EC\_secp384r1)
|
1661
|
+
#
|
1662
|
+
# * Elliptic Prime Curve 521 bit (EC\_secp521r1)
|
1663
|
+
#
|
1664
|
+
# <note markdown="1"> The certificate must be a valid SSL/TLS X.509 version 3 certificate
|
1665
|
+
# with FQDN or IP address specified and information about the issuer.
|
1666
|
+
#
|
1667
|
+
# </note>
|
1668
|
+
#
|
1669
|
+
#
|
1670
|
+
#
|
1671
|
+
# [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
|
1672
|
+
# [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
|
1673
|
+
# [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html
|
1506
1674
|
# @return [String]
|
1507
1675
|
#
|
1508
1676
|
# @!attribute [rw] endpoint_details
|
@@ -1517,12 +1685,21 @@ module Aws::Transfer
|
|
1517
1685
|
# @!attribute [rw] endpoint_type
|
1518
1686
|
# The type of endpoint that you want your file transfer
|
1519
1687
|
# protocol-enabled server to connect to. You can choose to connect to
|
1520
|
-
# the public internet or a VPC endpoint. With a VPC endpoint,
|
1521
|
-
# server
|
1688
|
+
# the public internet or a VPC endpoint. With a VPC endpoint, you can
|
1689
|
+
# restrict access to your server and resources only within your VPC.
|
1690
|
+
#
|
1691
|
+
# <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With
|
1692
|
+
# this endpoint type, you have the option to directly associate up to
|
1693
|
+
# three Elastic IPv4 addresses (BYO IP included) with your server's
|
1694
|
+
# endpoint and use VPC security groups to restrict traffic by the
|
1695
|
+
# client's public IP address. This is not possible with
|
1696
|
+
# `EndpointType` set to `VPC_ENDPOINT`.
|
1697
|
+
#
|
1698
|
+
# </note>
|
1522
1699
|
# @return [String]
|
1523
1700
|
#
|
1524
1701
|
# @!attribute [rw] host_key
|
1525
|
-
# The RSA private key as generated by `ssh-keygen -N "" -f
|
1702
|
+
# The RSA private key as generated by `ssh-keygen -N "" -m PEM -f
|
1526
1703
|
# my-new-server-key`.
|
1527
1704
|
#
|
1528
1705
|
# If you aren't planning to migrate existing users from an existing
|
@@ -1530,12 +1707,12 @@ module Aws::Transfer
|
|
1530
1707
|
# the host key. Accidentally changing a server's host key can be
|
1531
1708
|
# disruptive.
|
1532
1709
|
#
|
1533
|
-
# For more information, see [
|
1534
|
-
#
|
1710
|
+
# For more information, see [Change the host key for your SFTP-enabled
|
1711
|
+
# server][1] in the *AWS Transfer Family User Guide*.
|
1535
1712
|
#
|
1536
1713
|
#
|
1537
1714
|
#
|
1538
|
-
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/
|
1715
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key
|
1539
1716
|
# @return [String]
|
1540
1717
|
#
|
1541
1718
|
# @!attribute [rw] identity_provider_details
|
@@ -1561,6 +1738,23 @@ module Aws::Transfer
|
|
1561
1738
|
# encryption
|
1562
1739
|
#
|
1563
1740
|
# * File Transfer Protocol (FTP): Unencrypted file transfer
|
1741
|
+
#
|
1742
|
+
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in AWS
|
1743
|
+
# Certificate Manager (ACM) which will be used to identify your server
|
1744
|
+
# when clients connect to it over FTPS.
|
1745
|
+
#
|
1746
|
+
# If `Protocol` includes either `FTP` or `FTPS`, then the
|
1747
|
+
# `EndpointType` must be `VPC` and the `IdentityProviderType` must be
|
1748
|
+
# `API_GATEWAY`.
|
1749
|
+
#
|
1750
|
+
# If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
|
1751
|
+
# associated.
|
1752
|
+
#
|
1753
|
+
# If `Protocol` is set only to `SFTP`, the `EndpointType` can be set
|
1754
|
+
# to `PUBLIC` and the `IdentityProviderType` can be set to
|
1755
|
+
# `SERVICE_MANAGED`.
|
1756
|
+
#
|
1757
|
+
# </note>
|
1564
1758
|
# @return [Array<String>]
|
1565
1759
|
#
|
1566
1760
|
# @!attribute [rw] server_id
|
@@ -1580,6 +1774,7 @@ module Aws::Transfer
|
|
1580
1774
|
:logging_role,
|
1581
1775
|
:protocols,
|
1582
1776
|
:server_id)
|
1777
|
+
SENSITIVE = [:host_key]
|
1583
1778
|
include Aws::Structure
|
1584
1779
|
end
|
1585
1780
|
|
@@ -1592,6 +1787,7 @@ module Aws::Transfer
|
|
1592
1787
|
#
|
1593
1788
|
class UpdateServerResponse < Struct.new(
|
1594
1789
|
:server_id)
|
1790
|
+
SENSITIVE = []
|
1595
1791
|
include Aws::Structure
|
1596
1792
|
end
|
1597
1793
|
|
@@ -1637,8 +1833,8 @@ module Aws::Transfer
|
|
1637
1833
|
# visible. You will need to specify the "`Entry`" and "`Target`"
|
1638
1834
|
# pair, where `Entry` shows how the path is made visible and `Target`
|
1639
1835
|
# is the actual Amazon S3 path. If you only specify a target, it will
|
1640
|
-
# be displayed as is. You will need to also make sure that your
|
1641
|
-
#
|
1836
|
+
# be displayed as is. You will need to also make sure that your IAM
|
1837
|
+
# role provides access to paths in `Target`. The following is an
|
1642
1838
|
# example.
|
1643
1839
|
#
|
1644
1840
|
# `'[ "/bucket2/documentation", \{ "Entry":
|
@@ -1664,19 +1860,18 @@ module Aws::Transfer
|
|
1664
1860
|
#
|
1665
1861
|
# @!attribute [rw] policy
|
1666
1862
|
# Allows you to supply a scope-down policy for your user so you can
|
1667
|
-
# use the same
|
1668
|
-
#
|
1669
|
-
#
|
1670
|
-
#
|
1671
|
-
# `$\{Transfer:HomeBucket\}`.
|
1863
|
+
# use the same IAM role across multiple users. The policy scopes down
|
1864
|
+
# user access to portions of your Amazon S3 bucket. Variables you can
|
1865
|
+
# use inside this policy include `$\{Transfer:UserName\}`,
|
1866
|
+
# `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
|
1672
1867
|
#
|
1673
1868
|
# <note markdown="1"> For scope-down policies, AWS Transfer Family stores the policy as a
|
1674
1869
|
# JSON blob, instead of the Amazon Resource Name (ARN) of the policy.
|
1675
1870
|
# You save the policy as a JSON blob and pass it in the `Policy`
|
1676
1871
|
# argument.
|
1677
1872
|
#
|
1678
|
-
# For an example of a scope-down policy, see [Creating a
|
1679
|
-
#
|
1873
|
+
# For an example of a scope-down policy, see [Creating a scope-down
|
1874
|
+
# policy][1].
|
1680
1875
|
#
|
1681
1876
|
# For more information, see [AssumeRole][2] in the *AWS Security Token
|
1682
1877
|
# Service API Reference*.
|
@@ -1724,6 +1919,7 @@ module Aws::Transfer
|
|
1724
1919
|
:role,
|
1725
1920
|
:server_id,
|
1726
1921
|
:user_name)
|
1922
|
+
SENSITIVE = []
|
1727
1923
|
include Aws::Structure
|
1728
1924
|
end
|
1729
1925
|
|
@@ -1747,6 +1943,7 @@ module Aws::Transfer
|
|
1747
1943
|
class UpdateUserResponse < Struct.new(
|
1748
1944
|
:server_id,
|
1749
1945
|
:user_name)
|
1946
|
+
SENSITIVE = []
|
1750
1947
|
include Aws::Structure
|
1751
1948
|
end
|
1752
1949
|
|