aws-sdk-transfer 1.20.0 → 1.21.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-transfer.rb +1 -1
- data/lib/aws-sdk-transfer/client.rb +162 -39
- data/lib/aws-sdk-transfer/client_api.rb +3 -1
- data/lib/aws-sdk-transfer/types.rb +271 -123
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 67a0c6b2bf618b9a8b340f195400c14b6e421127dd8685ee7378e717d3def22d
|
4
|
+
data.tar.gz: aa5b8280984fc5a26d203eee779be235dedbe519e10884a510fba4173bec12c6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: df790f8da05a6e03ad6820ef5820c3255766e0665796f621182aea1a544ff8f6fb43fb634331a3af4fb97048045db4aef8a36c4deae8b0a46c9cf36a830d4dd8
|
7
|
+
data.tar.gz: f85dde748a522956bfe04dc61debbc644e8e78d0e56549b901302e62ae60da1271e35a9b5687f27177838176167ca1e98471d770ecdd4b3eda6ffcf65cc10e45
|
data/lib/aws-sdk-transfer.rb
CHANGED
@@ -328,6 +328,41 @@ module Aws::Transfer
|
|
328
328
|
# The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM)
|
329
329
|
# certificate. Required when `Protocols` is set to `FTPS`.
|
330
330
|
#
|
331
|
+
# To request a new public certificate, see [Request a public
|
332
|
+
# certificate][1] in the <i> AWS Certificate Manager User Guide</i>.
|
333
|
+
#
|
334
|
+
# To import an existing certificate into ACM, see [Importing
|
335
|
+
# certificates into ACM][2] in the <i> AWS Certificate Manager User
|
336
|
+
# Guide</i>.
|
337
|
+
#
|
338
|
+
# To request a private certificate to use FTPS through private IP
|
339
|
+
# addresses, see [Request a private certificate][3] in the <i> AWS
|
340
|
+
# Certificate Manager User Guide</i>.
|
341
|
+
#
|
342
|
+
# Certificates with the following cryptographic algorithms and key sizes
|
343
|
+
# are supported:
|
344
|
+
#
|
345
|
+
# * 2048-bit RSA (RSA\_2048)
|
346
|
+
#
|
347
|
+
# * 4096-bit RSA (RSA\_4096)
|
348
|
+
#
|
349
|
+
# * Elliptic Prime Curve 256 bit (EC\_prime256v1)
|
350
|
+
#
|
351
|
+
# * Elliptic Prime Curve 384 bit (EC\_secp384r1)
|
352
|
+
#
|
353
|
+
# * Elliptic Prime Curve 521 bit (EC\_secp521r1)
|
354
|
+
#
|
355
|
+
# <note markdown="1"> The certificate must be a valid SSL/TLS X.509 version 3 certificate
|
356
|
+
# with FQDN or IP address specified and information about the issuer.
|
357
|
+
#
|
358
|
+
# </note>
|
359
|
+
#
|
360
|
+
#
|
361
|
+
#
|
362
|
+
# [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
|
363
|
+
# [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
|
364
|
+
# [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html
|
365
|
+
#
|
331
366
|
# @option params [Types::EndpointDetails] :endpoint_details
|
332
367
|
# The virtual private cloud (VPC) endpoint settings that are configured
|
333
368
|
# for your file transfer protocol-enabled server. When you host your
|
@@ -339,24 +374,32 @@ module Aws::Transfer
|
|
339
374
|
# @option params [String] :endpoint_type
|
340
375
|
# The type of VPC endpoint that you want your file transfer
|
341
376
|
# protocol-enabled server to connect to. You can choose to connect to
|
342
|
-
# the public internet or a
|
343
|
-
#
|
344
|
-
#
|
377
|
+
# the public internet or a VPC endpoint. With a VPC endpoint, you can
|
378
|
+
# restrict access to your server and resources only within your VPC.
|
379
|
+
#
|
380
|
+
# <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With this
|
381
|
+
# endpoint type, you have the option to directly associate up to three
|
382
|
+
# Elastic IPv4 addresses (BYO IP included) with your server's endpoint
|
383
|
+
# and use VPC security groups to restrict traffic by the client's
|
384
|
+
# public IP address. This is not possible with `EndpointType` set to
|
385
|
+
# `VPC_ENDPOINT`.
|
386
|
+
#
|
387
|
+
# </note>
|
345
388
|
#
|
346
389
|
# @option params [String] :host_key
|
347
|
-
# The RSA private key as generated by the `ssh-keygen -N "" -f
|
390
|
+
# The RSA private key as generated by the `ssh-keygen -N "" -m PEM -f
|
348
391
|
# my-new-server-key` command.
|
349
392
|
#
|
350
393
|
# If you aren't planning to migrate existing users from an existing
|
351
394
|
# SFTP-enabled server to a new server, don't update the host key.
|
352
395
|
# Accidentally changing a server's host key can be disruptive.
|
353
396
|
#
|
354
|
-
# For more information, see [
|
355
|
-
#
|
397
|
+
# For more information, see [Change the host key for your SFTP-enabled
|
398
|
+
# server][1] in the *AWS Transfer Family User Guide*.
|
356
399
|
#
|
357
400
|
#
|
358
401
|
#
|
359
|
-
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/
|
402
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key
|
360
403
|
#
|
361
404
|
# @option params [Types::IdentityProviderDetails] :identity_provider_details
|
362
405
|
# Required when `IdentityProviderType` is set to `API_GATEWAY`. Accepts
|
@@ -382,13 +425,29 @@ module Aws::Transfer
|
|
382
425
|
# transfer protocol client can connect to your server's endpoint. The
|
383
426
|
# available protocols are:
|
384
427
|
#
|
385
|
-
# * Secure Shell (SSH) File Transfer Protocol
|
386
|
-
# SSH
|
428
|
+
# * `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer
|
429
|
+
# over SSH
|
387
430
|
#
|
388
|
-
# * File Transfer Protocol Secure
|
431
|
+
# * `FTPS` (File Transfer Protocol Secure): File transfer with TLS
|
389
432
|
# encryption
|
390
433
|
#
|
391
|
-
# * File Transfer Protocol
|
434
|
+
# * `FTP` (File Transfer Protocol): Unencrypted file transfer
|
435
|
+
#
|
436
|
+
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in AWS
|
437
|
+
# Certificate Manager (ACM) which will be used to identify your server
|
438
|
+
# when clients connect to it over FTPS.
|
439
|
+
#
|
440
|
+
# If `Protocol` includes either `FTP` or `FTPS`, then the `EndpointType`
|
441
|
+
# must be `VPC` and the `IdentityProviderType` must be `API_GATEWAY`.
|
442
|
+
#
|
443
|
+
# If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
|
444
|
+
# associated.
|
445
|
+
#
|
446
|
+
# If `Protocol` is set only to `SFTP`, the `EndpointType` can be set to
|
447
|
+
# `PUBLIC` and the `IdentityProviderType` can be set to
|
448
|
+
# `SERVICE_MANAGED`.
|
449
|
+
#
|
450
|
+
# </note>
|
392
451
|
#
|
393
452
|
# @option params [Array<Types::Tag>] :tags
|
394
453
|
# Key-value pairs that can be used to group and search for file transfer
|
@@ -451,7 +510,8 @@ module Aws::Transfer
|
|
451
510
|
# The landing directory (folder) for a user when they log in to the file
|
452
511
|
# transfer protocol-enabled server using the client.
|
453
512
|
#
|
454
|
-
# An example is
|
513
|
+
# An example is <i>
|
514
|
+
# <code>your-Amazon-S3-bucket-name>/home/username</code> </i>.
|
455
515
|
#
|
456
516
|
# @option params [String] :home_directory_type
|
457
517
|
# The type of landing directory (folder) you want your users' home
|
@@ -468,8 +528,8 @@ module Aws::Transfer
|
|
468
528
|
# You will need to specify the "`Entry`" and "`Target`" pair, where
|
469
529
|
# `Entry` shows how the path is made visible and `Target` is the actual
|
470
530
|
# Amazon S3 path. If you only specify a target, it will be displayed as
|
471
|
-
# is. You will need to also make sure that your
|
472
|
-
#
|
531
|
+
# is. You will need to also make sure that your IAM role provides access
|
532
|
+
# to paths in `Target`. The following is an example.
|
473
533
|
#
|
474
534
|
# `'[ "/bucket2/documentation", \{ "Entry": "your-personal-report.pdf",
|
475
535
|
# "Target": "/bucket3/customized-reports/$\{transfer:UserName\}.pdf" \}
|
@@ -503,8 +563,8 @@ module Aws::Transfer
|
|
503
563
|
# You save the policy as a JSON blob and pass it in the `Policy`
|
504
564
|
# argument.
|
505
565
|
#
|
506
|
-
# For an example of a scope-down policy, see [Creating a
|
507
|
-
#
|
566
|
+
# For an example of a scope-down policy, see [Creating a scope-down
|
567
|
+
# policy][1].
|
508
568
|
#
|
509
569
|
# For more information, see [AssumeRole][2] in the *AWS Security Token
|
510
570
|
# Service API Reference*.
|
@@ -1110,12 +1170,6 @@ module Aws::Transfer
|
|
1110
1170
|
# protocol-enabled server. That server's user authentication method is
|
1111
1171
|
# tested with a user name and password.
|
1112
1172
|
#
|
1113
|
-
# @option params [required, String] :user_name
|
1114
|
-
# The name of the user account to be tested.
|
1115
|
-
#
|
1116
|
-
# @option params [String] :user_password
|
1117
|
-
# The password of the user account to be tested.
|
1118
|
-
#
|
1119
1173
|
# @option params [String] :server_protocol
|
1120
1174
|
# The type of file transfer protocol to be tested.
|
1121
1175
|
#
|
@@ -1127,6 +1181,15 @@ module Aws::Transfer
|
|
1127
1181
|
#
|
1128
1182
|
# * File Transfer Protocol (FTP)
|
1129
1183
|
#
|
1184
|
+
# @option params [String] :source_ip
|
1185
|
+
# The source IP address of the user account to be tested.
|
1186
|
+
#
|
1187
|
+
# @option params [required, String] :user_name
|
1188
|
+
# The name of the user account to be tested.
|
1189
|
+
#
|
1190
|
+
# @option params [String] :user_password
|
1191
|
+
# The password of the user account to be tested.
|
1192
|
+
#
|
1130
1193
|
# @return [Types::TestIdentityProviderResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1131
1194
|
#
|
1132
1195
|
# * {Types::TestIdentityProviderResponse#response #response} => String
|
@@ -1138,9 +1201,10 @@ module Aws::Transfer
|
|
1138
1201
|
#
|
1139
1202
|
# resp = client.test_identity_provider({
|
1140
1203
|
# server_id: "ServerId", # required
|
1204
|
+
# server_protocol: "SFTP", # accepts SFTP, FTP, FTPS
|
1205
|
+
# source_ip: "SourceIp",
|
1141
1206
|
# user_name: "UserName", # required
|
1142
1207
|
# user_password: "UserPassword",
|
1143
|
-
# server_protocol: "SFTP", # accepts SFTP, FTP, FTPS
|
1144
1208
|
# })
|
1145
1209
|
#
|
1146
1210
|
# @example Response structure
|
@@ -1203,6 +1267,41 @@ module Aws::Transfer
|
|
1203
1267
|
# The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM)
|
1204
1268
|
# certificate. Required when `Protocols` is set to `FTPS`.
|
1205
1269
|
#
|
1270
|
+
# To request a new public certificate, see [Request a public
|
1271
|
+
# certificate][1] in the <i> AWS Certificate Manager User Guide</i>.
|
1272
|
+
#
|
1273
|
+
# To import an existing certificate into ACM, see [Importing
|
1274
|
+
# certificates into ACM][2] in the <i> AWS Certificate Manager User
|
1275
|
+
# Guide</i>.
|
1276
|
+
#
|
1277
|
+
# To request a private certificate to use FTPS through private IP
|
1278
|
+
# addresses, see [Request a private certificate][3] in the <i> AWS
|
1279
|
+
# Certificate Manager User Guide</i>.
|
1280
|
+
#
|
1281
|
+
# Certificates with the following cryptographic algorithms and key sizes
|
1282
|
+
# are supported:
|
1283
|
+
#
|
1284
|
+
# * 2048-bit RSA (RSA\_2048)
|
1285
|
+
#
|
1286
|
+
# * 4096-bit RSA (RSA\_4096)
|
1287
|
+
#
|
1288
|
+
# * Elliptic Prime Curve 256 bit (EC\_prime256v1)
|
1289
|
+
#
|
1290
|
+
# * Elliptic Prime Curve 384 bit (EC\_secp384r1)
|
1291
|
+
#
|
1292
|
+
# * Elliptic Prime Curve 521 bit (EC\_secp521r1)
|
1293
|
+
#
|
1294
|
+
# <note markdown="1"> The certificate must be a valid SSL/TLS X.509 version 3 certificate
|
1295
|
+
# with FQDN or IP address specified and information about the issuer.
|
1296
|
+
#
|
1297
|
+
# </note>
|
1298
|
+
#
|
1299
|
+
#
|
1300
|
+
#
|
1301
|
+
# [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
|
1302
|
+
# [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
|
1303
|
+
# [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html
|
1304
|
+
#
|
1206
1305
|
# @option params [Types::EndpointDetails] :endpoint_details
|
1207
1306
|
# The virtual private cloud (VPC) endpoint settings that are configured
|
1208
1307
|
# for your file transfer protocol-enabled server. With a VPC endpoint,
|
@@ -1213,11 +1312,20 @@ module Aws::Transfer
|
|
1213
1312
|
# @option params [String] :endpoint_type
|
1214
1313
|
# The type of endpoint that you want your file transfer protocol-enabled
|
1215
1314
|
# server to connect to. You can choose to connect to the public internet
|
1216
|
-
# or a VPC endpoint. With a VPC endpoint,
|
1217
|
-
#
|
1315
|
+
# or a VPC endpoint. With a VPC endpoint, you can restrict access to
|
1316
|
+
# your server and resources only within your VPC.
|
1317
|
+
#
|
1318
|
+
# <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With this
|
1319
|
+
# endpoint type, you have the option to directly associate up to three
|
1320
|
+
# Elastic IPv4 addresses (BYO IP included) with your server's endpoint
|
1321
|
+
# and use VPC security groups to restrict traffic by the client's
|
1322
|
+
# public IP address. This is not possible with `EndpointType` set to
|
1323
|
+
# `VPC_ENDPOINT`.
|
1324
|
+
#
|
1325
|
+
# </note>
|
1218
1326
|
#
|
1219
1327
|
# @option params [String] :host_key
|
1220
|
-
# The RSA private key as generated by `ssh-keygen -N "" -f
|
1328
|
+
# The RSA private key as generated by `ssh-keygen -N "" -m PEM -f
|
1221
1329
|
# my-new-server-key`.
|
1222
1330
|
#
|
1223
1331
|
# If you aren't planning to migrate existing users from an existing
|
@@ -1225,12 +1333,12 @@ module Aws::Transfer
|
|
1225
1333
|
# the host key. Accidentally changing a server's host key can be
|
1226
1334
|
# disruptive.
|
1227
1335
|
#
|
1228
|
-
# For more information, see [
|
1229
|
-
#
|
1336
|
+
# For more information, see [Change the host key for your SFTP-enabled
|
1337
|
+
# server][1] in the *AWS Transfer Family User Guide*.
|
1230
1338
|
#
|
1231
1339
|
#
|
1232
1340
|
#
|
1233
|
-
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/
|
1341
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key
|
1234
1342
|
#
|
1235
1343
|
# @option params [Types::IdentityProviderDetails] :identity_provider_details
|
1236
1344
|
# An array containing all of the information required to call a
|
@@ -1254,6 +1362,22 @@ module Aws::Transfer
|
|
1254
1362
|
#
|
1255
1363
|
# * File Transfer Protocol (FTP): Unencrypted file transfer
|
1256
1364
|
#
|
1365
|
+
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in AWS
|
1366
|
+
# Certificate Manager (ACM) which will be used to identify your server
|
1367
|
+
# when clients connect to it over FTPS.
|
1368
|
+
#
|
1369
|
+
# If `Protocol` includes either `FTP` or `FTPS`, then the `EndpointType`
|
1370
|
+
# must be `VPC` and the `IdentityProviderType` must be `API_GATEWAY`.
|
1371
|
+
#
|
1372
|
+
# If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
|
1373
|
+
# associated.
|
1374
|
+
#
|
1375
|
+
# If `Protocol` is set only to `SFTP`, the `EndpointType` can be set to
|
1376
|
+
# `PUBLIC` and the `IdentityProviderType` can be set to
|
1377
|
+
# `SERVICE_MANAGED`.
|
1378
|
+
#
|
1379
|
+
# </note>
|
1380
|
+
#
|
1257
1381
|
# @option params [required, String] :server_id
|
1258
1382
|
# A system-assigned unique identifier for a file transfer
|
1259
1383
|
# protocol-enabled server instance that the user account is assigned to.
|
@@ -1325,8 +1449,8 @@ module Aws::Transfer
|
|
1325
1449
|
# You will need to specify the "`Entry`" and "`Target`" pair, where
|
1326
1450
|
# `Entry` shows how the path is made visible and `Target` is the actual
|
1327
1451
|
# Amazon S3 path. If you only specify a target, it will be displayed as
|
1328
|
-
# is. You will need to also make sure that your
|
1329
|
-
#
|
1452
|
+
# is. You will need to also make sure that your IAM role provides access
|
1453
|
+
# to paths in `Target`. The following is an example.
|
1330
1454
|
#
|
1331
1455
|
# `'[ "/bucket2/documentation", \{ "Entry": "your-personal-report.pdf",
|
1332
1456
|
# "Target": "/bucket3/customized-reports/$\{transfer:UserName\}.pdf" \}
|
@@ -1350,19 +1474,18 @@ module Aws::Transfer
|
|
1350
1474
|
#
|
1351
1475
|
# @option params [String] :policy
|
1352
1476
|
# Allows you to supply a scope-down policy for your user so you can use
|
1353
|
-
# the same
|
1354
|
-
#
|
1355
|
-
#
|
1356
|
-
# `$\{Transfer:
|
1357
|
-
# `$\{Transfer:HomeBucket\}`.
|
1477
|
+
# the same IAM role across multiple users. The policy scopes down user
|
1478
|
+
# access to portions of your Amazon S3 bucket. Variables you can use
|
1479
|
+
# inside this policy include `$\{Transfer:UserName\}`,
|
1480
|
+
# `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
|
1358
1481
|
#
|
1359
1482
|
# <note markdown="1"> For scope-down policies, AWS Transfer Family stores the policy as a
|
1360
1483
|
# JSON blob, instead of the Amazon Resource Name (ARN) of the policy.
|
1361
1484
|
# You save the policy as a JSON blob and pass it in the `Policy`
|
1362
1485
|
# argument.
|
1363
1486
|
#
|
1364
|
-
# For an example of a scope-down policy, see [Creating a
|
1365
|
-
#
|
1487
|
+
# For an example of a scope-down policy, see [Creating a scope-down
|
1488
|
+
# policy][1].
|
1366
1489
|
#
|
1367
1490
|
# For more information, see [AssumeRole][2] in the *AWS Security Token
|
1368
1491
|
# Service API Reference*.
|
@@ -1444,7 +1567,7 @@ module Aws::Transfer
|
|
1444
1567
|
params: params,
|
1445
1568
|
config: config)
|
1446
1569
|
context[:gem_name] = 'aws-sdk-transfer'
|
1447
|
-
context[:gem_version] = '1.
|
1570
|
+
context[:gem_version] = '1.21.0'
|
1448
1571
|
Seahorse::Client::Request.new(handlers, context)
|
1449
1572
|
end
|
1450
1573
|
|
@@ -75,6 +75,7 @@ module Aws::Transfer
|
|
75
75
|
ServerId = Shapes::StringShape.new(name: 'ServerId')
|
76
76
|
ServiceErrorMessage = Shapes::StringShape.new(name: 'ServiceErrorMessage')
|
77
77
|
ServiceUnavailableException = Shapes::StructureShape.new(name: 'ServiceUnavailableException')
|
78
|
+
SourceIp = Shapes::StringShape.new(name: 'SourceIp')
|
78
79
|
SshPublicKey = Shapes::StructureShape.new(name: 'SshPublicKey')
|
79
80
|
SshPublicKeyBody = Shapes::StringShape.new(name: 'SshPublicKeyBody')
|
80
81
|
SshPublicKeyCount = Shapes::IntegerShape.new(name: 'SshPublicKeyCount')
|
@@ -323,9 +324,10 @@ module Aws::Transfer
|
|
323
324
|
Tags.member = Shapes::ShapeRef.new(shape: Tag)
|
324
325
|
|
325
326
|
TestIdentityProviderRequest.add_member(:server_id, Shapes::ShapeRef.new(shape: ServerId, required: true, location_name: "ServerId"))
|
327
|
+
TestIdentityProviderRequest.add_member(:server_protocol, Shapes::ShapeRef.new(shape: Protocol, location_name: "ServerProtocol"))
|
328
|
+
TestIdentityProviderRequest.add_member(:source_ip, Shapes::ShapeRef.new(shape: SourceIp, location_name: "SourceIp"))
|
326
329
|
TestIdentityProviderRequest.add_member(:user_name, Shapes::ShapeRef.new(shape: UserName, required: true, location_name: "UserName"))
|
327
330
|
TestIdentityProviderRequest.add_member(:user_password, Shapes::ShapeRef.new(shape: UserPassword, location_name: "UserPassword"))
|
328
|
-
TestIdentityProviderRequest.add_member(:server_protocol, Shapes::ShapeRef.new(shape: Protocol, location_name: "ServerProtocol"))
|
329
331
|
TestIdentityProviderRequest.struct_class = Types::TestIdentityProviderRequest
|
330
332
|
|
331
333
|
TestIdentityProviderResponse.add_member(:response, Shapes::ShapeRef.new(shape: Response, location_name: "Response"))
|
@@ -65,6 +65,41 @@ module Aws::Transfer
|
|
65
65
|
# @!attribute [rw] certificate
|
66
66
|
# The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM)
|
67
67
|
# certificate. Required when `Protocols` is set to `FTPS`.
|
68
|
+
#
|
69
|
+
# To request a new public certificate, see [Request a public
|
70
|
+
# certificate][1] in the <i> AWS Certificate Manager User Guide</i>.
|
71
|
+
#
|
72
|
+
# To import an existing certificate into ACM, see [Importing
|
73
|
+
# certificates into ACM][2] in the <i> AWS Certificate Manager User
|
74
|
+
# Guide</i>.
|
75
|
+
#
|
76
|
+
# To request a private certificate to use FTPS through private IP
|
77
|
+
# addresses, see [Request a private certificate][3] in the <i> AWS
|
78
|
+
# Certificate Manager User Guide</i>.
|
79
|
+
#
|
80
|
+
# Certificates with the following cryptographic algorithms and key
|
81
|
+
# sizes are supported:
|
82
|
+
#
|
83
|
+
# * 2048-bit RSA (RSA\_2048)
|
84
|
+
#
|
85
|
+
# * 4096-bit RSA (RSA\_4096)
|
86
|
+
#
|
87
|
+
# * Elliptic Prime Curve 256 bit (EC\_prime256v1)
|
88
|
+
#
|
89
|
+
# * Elliptic Prime Curve 384 bit (EC\_secp384r1)
|
90
|
+
#
|
91
|
+
# * Elliptic Prime Curve 521 bit (EC\_secp521r1)
|
92
|
+
#
|
93
|
+
# <note markdown="1"> The certificate must be a valid SSL/TLS X.509 version 3 certificate
|
94
|
+
# with FQDN or IP address specified and information about the issuer.
|
95
|
+
#
|
96
|
+
# </note>
|
97
|
+
#
|
98
|
+
#
|
99
|
+
#
|
100
|
+
# [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
|
101
|
+
# [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
|
102
|
+
# [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html
|
68
103
|
# @return [String]
|
69
104
|
#
|
70
105
|
# @!attribute [rw] endpoint_details
|
@@ -79,25 +114,33 @@ module Aws::Transfer
|
|
79
114
|
# @!attribute [rw] endpoint_type
|
80
115
|
# The type of VPC endpoint that you want your file transfer
|
81
116
|
# protocol-enabled server to connect to. You can choose to connect to
|
82
|
-
# the public internet or a
|
83
|
-
#
|
84
|
-
#
|
117
|
+
# the public internet or a VPC endpoint. With a VPC endpoint, you can
|
118
|
+
# restrict access to your server and resources only within your VPC.
|
119
|
+
#
|
120
|
+
# <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With
|
121
|
+
# this endpoint type, you have the option to directly associate up to
|
122
|
+
# three Elastic IPv4 addresses (BYO IP included) with your server's
|
123
|
+
# endpoint and use VPC security groups to restrict traffic by the
|
124
|
+
# client's public IP address. This is not possible with
|
125
|
+
# `EndpointType` set to `VPC_ENDPOINT`.
|
126
|
+
#
|
127
|
+
# </note>
|
85
128
|
# @return [String]
|
86
129
|
#
|
87
130
|
# @!attribute [rw] host_key
|
88
|
-
# The RSA private key as generated by the `ssh-keygen -N "" -f
|
131
|
+
# The RSA private key as generated by the `ssh-keygen -N "" -m PEM -f
|
89
132
|
# my-new-server-key` command.
|
90
133
|
#
|
91
134
|
# If you aren't planning to migrate existing users from an existing
|
92
135
|
# SFTP-enabled server to a new server, don't update the host key.
|
93
136
|
# Accidentally changing a server's host key can be disruptive.
|
94
137
|
#
|
95
|
-
# For more information, see [
|
96
|
-
#
|
138
|
+
# For more information, see [Change the host key for your SFTP-enabled
|
139
|
+
# server][1] in the *AWS Transfer Family User Guide*.
|
97
140
|
#
|
98
141
|
#
|
99
142
|
#
|
100
|
-
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/
|
143
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key
|
101
144
|
# @return [String]
|
102
145
|
#
|
103
146
|
# @!attribute [rw] identity_provider_details
|
@@ -128,13 +171,30 @@ module Aws::Transfer
|
|
128
171
|
# file transfer protocol client can connect to your server's
|
129
172
|
# endpoint. The available protocols are:
|
130
173
|
#
|
131
|
-
# * Secure Shell (SSH) File Transfer Protocol
|
174
|
+
# * `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer
|
132
175
|
# over SSH
|
133
176
|
#
|
134
|
-
# * File Transfer Protocol Secure
|
177
|
+
# * `FTPS` (File Transfer Protocol Secure): File transfer with TLS
|
135
178
|
# encryption
|
136
179
|
#
|
137
|
-
# * File Transfer Protocol
|
180
|
+
# * `FTP` (File Transfer Protocol): Unencrypted file transfer
|
181
|
+
#
|
182
|
+
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in AWS
|
183
|
+
# Certificate Manager (ACM) which will be used to identify your server
|
184
|
+
# when clients connect to it over FTPS.
|
185
|
+
#
|
186
|
+
# If `Protocol` includes either `FTP` or `FTPS`, then the
|
187
|
+
# `EndpointType` must be `VPC` and the `IdentityProviderType` must be
|
188
|
+
# `API_GATEWAY`.
|
189
|
+
#
|
190
|
+
# If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
|
191
|
+
# associated.
|
192
|
+
#
|
193
|
+
# If `Protocol` is set only to `SFTP`, the `EndpointType` can be set
|
194
|
+
# to `PUBLIC` and the `IdentityProviderType` can be set to
|
195
|
+
# `SERVICE_MANAGED`.
|
196
|
+
#
|
197
|
+
# </note>
|
138
198
|
# @return [Array<String>]
|
139
199
|
#
|
140
200
|
# @!attribute [rw] tags
|
@@ -198,7 +258,8 @@ module Aws::Transfer
|
|
198
258
|
# The landing directory (folder) for a user when they log in to the
|
199
259
|
# file transfer protocol-enabled server using the client.
|
200
260
|
#
|
201
|
-
# An example is
|
261
|
+
# An example is <i>
|
262
|
+
# <code>your-Amazon-S3-bucket-name>/home/username</code> </i>.
|
202
263
|
# @return [String]
|
203
264
|
#
|
204
265
|
# @!attribute [rw] home_directory_type
|
@@ -217,8 +278,8 @@ module Aws::Transfer
|
|
217
278
|
# visible. You will need to specify the "`Entry`" and "`Target`"
|
218
279
|
# pair, where `Entry` shows how the path is made visible and `Target`
|
219
280
|
# is the actual Amazon S3 path. If you only specify a target, it will
|
220
|
-
# be displayed as is. You will need to also make sure that your
|
221
|
-
#
|
281
|
+
# be displayed as is. You will need to also make sure that your IAM
|
282
|
+
# role provides access to paths in `Target`. The following is an
|
222
283
|
# example.
|
223
284
|
#
|
224
285
|
# `'[ "/bucket2/documentation", \{ "Entry":
|
@@ -254,8 +315,8 @@ module Aws::Transfer
|
|
254
315
|
# You save the policy as a JSON blob and pass it in the `Policy`
|
255
316
|
# argument.
|
256
317
|
#
|
257
|
-
# For an example of a scope-down policy, see [Creating a
|
258
|
-
#
|
318
|
+
# For an example of a scope-down policy, see [Creating a scope-down
|
319
|
+
# policy][1].
|
259
320
|
#
|
260
321
|
# For more information, see [AssumeRole][2] in the *AWS Security Token
|
261
322
|
# Service API Reference*.
|
@@ -491,9 +552,11 @@ module Aws::Transfer
|
|
491
552
|
|
492
553
|
# Describes the properties of a file transfer protocol-enabled server
|
493
554
|
# that was specified. Information returned includes the following: the
|
494
|
-
# server Amazon Resource Name (ARN), the
|
495
|
-
#
|
496
|
-
#
|
555
|
+
# server Amazon Resource Name (ARN), the certificate ARN (if the FTPS
|
556
|
+
# protocol was selected), the endpoint type and details, the
|
557
|
+
# authentication configuration and type, the logging role, the file
|
558
|
+
# transfer protocol or protocols, the server ID and state, and assigned
|
559
|
+
# tags or metadata.
|
497
560
|
#
|
498
561
|
# @!attribute [rw] arn
|
499
562
|
# Specifies the unique Amazon Resource Name (ARN) for a file transfer
|
@@ -501,25 +564,26 @@ module Aws::Transfer
|
|
501
564
|
# @return [String]
|
502
565
|
#
|
503
566
|
# @!attribute [rw] certificate
|
504
|
-
#
|
505
|
-
#
|
567
|
+
# Specifies the ARN of the AWS Certificate Manager (ACM) certificate.
|
568
|
+
# Required when `Protocols` is set to `FTPS`.
|
506
569
|
# @return [String]
|
507
570
|
#
|
508
571
|
# @!attribute [rw] endpoint_details
|
509
|
-
#
|
572
|
+
# Specifies the virtual private cloud (VPC) endpoint settings that you
|
510
573
|
# configured for your file transfer protocol-enabled server.
|
511
574
|
# @return [Types::EndpointDetails]
|
512
575
|
#
|
513
576
|
# @!attribute [rw] endpoint_type
|
514
|
-
#
|
515
|
-
# is connected to. If your server is connected
|
516
|
-
# server isn't accessible over the public
|
577
|
+
# Defines the type of endpoint that your file transfer
|
578
|
+
# protocol-enabled server is connected to. If your server is connected
|
579
|
+
# to a VPC endpoint, your server isn't accessible over the public
|
580
|
+
# internet.
|
517
581
|
# @return [String]
|
518
582
|
#
|
519
583
|
# @!attribute [rw] host_key_fingerprint
|
520
|
-
#
|
521
|
-
#
|
522
|
-
#
|
584
|
+
# Specifies the Base64-encoded SHA256 fingerprint of the server's
|
585
|
+
# host key. This value is equivalent to the output of the `ssh-keygen
|
586
|
+
# -l -f my-new-server-key` command.
|
523
587
|
# @return [String]
|
524
588
|
#
|
525
589
|
# @!attribute [rw] identity_provider_details
|
@@ -529,19 +593,19 @@ module Aws::Transfer
|
|
529
593
|
# @return [Types::IdentityProviderDetails]
|
530
594
|
#
|
531
595
|
# @!attribute [rw] identity_provider_type
|
532
|
-
#
|
533
|
-
# A value of `SERVICE_MANAGED` means that you are using this
|
534
|
-
# transfer protocol-enabled server to store and access user
|
596
|
+
# Specifies the mode of authentication method enabled for this
|
597
|
+
# service. A value of `SERVICE_MANAGED` means that you are using this
|
598
|
+
# file transfer protocol-enabled server to store and access user
|
535
599
|
# credentials within the service. A value of `API_GATEWAY` indicates
|
536
600
|
# that you have integrated an API Gateway endpoint that will be
|
537
601
|
# invoked for authenticating your user into the service.
|
538
602
|
# @return [String]
|
539
603
|
#
|
540
604
|
# @!attribute [rw] logging_role
|
541
|
-
#
|
542
|
-
# file transfer protocol-enabled server to turn on Amazon
|
543
|
-
# logging for Amazon S3 events. When set, user activity can
|
544
|
-
# in your CloudWatch logs.
|
605
|
+
# Specifies the AWS Identity and Access Management (IAM) role that
|
606
|
+
# allows a file transfer protocol-enabled server to turn on Amazon
|
607
|
+
# CloudWatch logging for Amazon S3 events. When set, user activity can
|
608
|
+
# be viewed in your CloudWatch logs.
|
545
609
|
# @return [String]
|
546
610
|
#
|
547
611
|
# @!attribute [rw] protocols
|
@@ -549,25 +613,25 @@ module Aws::Transfer
|
|
549
613
|
# file transfer protocol client can connect to your server's
|
550
614
|
# endpoint. The available protocols are:
|
551
615
|
#
|
552
|
-
# * Secure Shell (SSH) File Transfer Protocol
|
616
|
+
# * `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer
|
553
617
|
# over SSH
|
554
618
|
#
|
555
|
-
# * File Transfer Protocol Secure
|
619
|
+
# * `FTPS` (File Transfer Protocol Secure): File transfer with TLS
|
556
620
|
# encryption
|
557
621
|
#
|
558
|
-
# * File Transfer Protocol
|
622
|
+
# * `FTP` (File Transfer Protocol): Unencrypted file transfer
|
559
623
|
# @return [Array<String>]
|
560
624
|
#
|
561
625
|
# @!attribute [rw] server_id
|
562
|
-
#
|
626
|
+
# Specifies the unique system-assigned identifier for a file transfer
|
563
627
|
# protocol-enabled server that you instantiate.
|
564
628
|
# @return [String]
|
565
629
|
#
|
566
630
|
# @!attribute [rw] state
|
567
|
-
#
|
568
|
-
# server that was described. A value of `ONLINE` indicates
|
569
|
-
# server can accept jobs and transfer files. A `State` value
|
570
|
-
# `OFFLINE` means that the server cannot perform file transfer
|
631
|
+
# Specifies the condition of a file transfer protocol-enabled server
|
632
|
+
# for the server that was described. A value of `ONLINE` indicates
|
633
|
+
# that the server can accept jobs and transfer files. A `State` value
|
634
|
+
# of `OFFLINE` means that the server cannot perform file transfer
|
571
635
|
# operations.
|
572
636
|
#
|
573
637
|
# The states of `STARTING` and `STOPPING` indicate that the server is
|
@@ -577,13 +641,13 @@ module Aws::Transfer
|
|
577
641
|
# @return [String]
|
578
642
|
#
|
579
643
|
# @!attribute [rw] tags
|
580
|
-
#
|
644
|
+
# Specifies the key-value pairs that you can use to search for and
|
581
645
|
# group file transfer protocol-enabled servers that were assigned to
|
582
646
|
# the server that was described.
|
583
647
|
# @return [Array<Types::Tag>]
|
584
648
|
#
|
585
649
|
# @!attribute [rw] user_count
|
586
|
-
#
|
650
|
+
# Specifies the number of users that are assigned to a file transfer
|
587
651
|
# protocol-enabled server you specified with the `ServerId`.
|
588
652
|
# @return [Integer]
|
589
653
|
#
|
@@ -609,25 +673,26 @@ module Aws::Transfer
|
|
609
673
|
# Returns properties of the user that you want to describe.
|
610
674
|
#
|
611
675
|
# @!attribute [rw] arn
|
612
|
-
#
|
613
|
-
# requested to be described.
|
676
|
+
# Specifies the unique Amazon Resource Name (ARN) for the user that
|
677
|
+
# was requested to be described.
|
614
678
|
# @return [String]
|
615
679
|
#
|
616
680
|
# @!attribute [rw] home_directory
|
617
681
|
# Specifies the landing directory (or folder), which is the location
|
618
|
-
# that files are written to or read from in an Amazon S3 bucket for
|
619
|
-
# the described user. An example is
|
620
|
-
# name
|
682
|
+
# that files are written to or read from in an Amazon S3 bucket, for
|
683
|
+
# the described user. An example is <i>
|
684
|
+
# <code>your-Amazon-S3-bucket-name>/home/username</code> </i>.
|
621
685
|
# @return [String]
|
622
686
|
#
|
623
687
|
# @!attribute [rw] home_directory_mappings
|
624
|
-
#
|
688
|
+
# Specifies the logical directory mappings that specify what Amazon S3
|
625
689
|
# paths and keys should be visible to your user and how you want to
|
626
690
|
# make them visible. You will need to specify the "`Entry`" and
|
627
691
|
# "`Target`" pair, where `Entry` shows how the path is made visible
|
628
692
|
# and `Target` is the actual Amazon S3 path. If you only specify a
|
629
693
|
# target, it will be displayed as is. You will need to also make sure
|
630
|
-
# that your AWS
|
694
|
+
# that your AWS Identity and Access Management (IAM) role provides
|
695
|
+
# access to paths in `Target`.
|
631
696
|
#
|
632
697
|
# In most cases, you can use this value instead of the scope-down
|
633
698
|
# policy to lock your user down to the designated home directory
|
@@ -636,13 +701,13 @@ module Aws::Transfer
|
|
636
701
|
# @return [Array<Types::HomeDirectoryMapEntry>]
|
637
702
|
#
|
638
703
|
# @!attribute [rw] home_directory_type
|
639
|
-
#
|
640
|
-
# see when they log into the file transfer protocol-enabled
|
641
|
-
# you set it to `PATH`, the user will see the absolute
|
642
|
-
# bucket paths as is in their file transfer protocol
|
643
|
-
# set it `LOGICAL`, you will need to provide mappings
|
644
|
-
# `HomeDirectoryMappings` for how you want to make Amazon S3
|
645
|
-
# visible to your users.
|
704
|
+
# Specifies the type of landing directory (folder) you mapped for your
|
705
|
+
# users to see when they log into the file transfer protocol-enabled
|
706
|
+
# server. If you set it to `PATH`, the user will see the absolute
|
707
|
+
# Amazon S3 bucket paths as is in their file transfer protocol
|
708
|
+
# clients. If you set it `LOGICAL`, you will need to provide mappings
|
709
|
+
# in the `HomeDirectoryMappings` for how you want to make Amazon S3
|
710
|
+
# paths visible to your users.
|
646
711
|
# @return [String]
|
647
712
|
#
|
648
713
|
# @!attribute [rw] policy
|
@@ -660,20 +725,20 @@ module Aws::Transfer
|
|
660
725
|
# @return [String]
|
661
726
|
#
|
662
727
|
# @!attribute [rw] ssh_public_keys
|
663
|
-
#
|
728
|
+
# Specifies the public key portion of the Secure Shell (SSH) keys
|
664
729
|
# stored for the described user.
|
665
730
|
# @return [Array<Types::SshPublicKey>]
|
666
731
|
#
|
667
732
|
# @!attribute [rw] tags
|
668
|
-
#
|
669
|
-
# to search for and group users for a variety of purposes.
|
733
|
+
# Specifies the key-value pairs for the user requested. Tag can be
|
734
|
+
# used to search for and group users for a variety of purposes.
|
670
735
|
# @return [Array<Types::Tag>]
|
671
736
|
#
|
672
737
|
# @!attribute [rw] user_name
|
673
|
-
#
|
674
|
-
# are used for authentication purposes. This is the string
|
675
|
-
# be used by your user when they log in to your file
|
676
|
-
# protocol-enabled server.
|
738
|
+
# Specifies the name of the user that was requested to be described.
|
739
|
+
# User names are used for authentication purposes. This is the string
|
740
|
+
# that will be used by your user when they log in to your file
|
741
|
+
# transfer protocol-enabled server.
|
677
742
|
# @return [String]
|
678
743
|
#
|
679
744
|
# @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedUser AWS API Documentation
|
@@ -720,15 +785,28 @@ module Aws::Transfer
|
|
720
785
|
# @!attribute [rw] subnet_ids
|
721
786
|
# A list of subnet IDs that are required to host your file transfer
|
722
787
|
# protocol-enabled server endpoint in your VPC.
|
788
|
+
#
|
789
|
+
# <note markdown="1"> This property can only be used when `EndpointType` is set to `VPC`.
|
790
|
+
#
|
791
|
+
# </note>
|
723
792
|
# @return [Array<String>]
|
724
793
|
#
|
725
794
|
# @!attribute [rw] vpc_endpoint_id
|
726
795
|
# The ID of the VPC endpoint.
|
796
|
+
#
|
797
|
+
# <note markdown="1"> This property can only be used when `EndpointType` is set to
|
798
|
+
# `VPC_ENDPOINT`.
|
799
|
+
#
|
800
|
+
# </note>
|
727
801
|
# @return [String]
|
728
802
|
#
|
729
803
|
# @!attribute [rw] vpc_id
|
730
804
|
# The VPC ID of the VPC in which a file transfer protocol-enabled
|
731
805
|
# server's endpoint will be hosted.
|
806
|
+
#
|
807
|
+
# <note markdown="1"> This property can only be used when `EndpointType` is set to `VPC`.
|
808
|
+
#
|
809
|
+
# </note>
|
732
810
|
# @return [String]
|
733
811
|
#
|
734
812
|
# @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/EndpointDetails AWS API Documentation
|
@@ -781,7 +859,7 @@ module Aws::Transfer
|
|
781
859
|
# }
|
782
860
|
#
|
783
861
|
# @!attribute [rw] url
|
784
|
-
#
|
862
|
+
# Provides the location of the service endpoint used to authenticate
|
785
863
|
# users.
|
786
864
|
# @return [String]
|
787
865
|
#
|
@@ -1068,37 +1146,38 @@ module Aws::Transfer
|
|
1068
1146
|
# specified.
|
1069
1147
|
#
|
1070
1148
|
# @!attribute [rw] arn
|
1071
|
-
#
|
1149
|
+
# Specifies the unique Amazon Resource Name (ARN) for a file transfer
|
1072
1150
|
# protocol-enabled server to be listed.
|
1073
1151
|
# @return [String]
|
1074
1152
|
#
|
1075
1153
|
# @!attribute [rw] identity_provider_type
|
1076
|
-
#
|
1077
|
-
# transfer protocol-enabled server that was specified. This can
|
1154
|
+
# Specifies the authentication method used to validate a user for a
|
1155
|
+
# file transfer protocol-enabled server that was specified. This can
|
1078
1156
|
# include Secure Shell (SSH), user name and password combinations, or
|
1079
1157
|
# your own custom authentication method. Valid values include
|
1080
1158
|
# `SERVICE_MANAGED` or `API_GATEWAY`.
|
1081
1159
|
# @return [String]
|
1082
1160
|
#
|
1083
1161
|
# @!attribute [rw] endpoint_type
|
1084
|
-
#
|
1085
|
-
# server is connected to. If your server is connected
|
1086
|
-
# endpoint, your server isn't accessible over the public
|
1162
|
+
# Specifies the type of VPC endpoint that your file transfer
|
1163
|
+
# protocol-enabled server is connected to. If your server is connected
|
1164
|
+
# to a VPC endpoint, your server isn't accessible over the public
|
1165
|
+
# internet.
|
1087
1166
|
# @return [String]
|
1088
1167
|
#
|
1089
1168
|
# @!attribute [rw] logging_role
|
1090
|
-
#
|
1091
|
-
# file transfer protocol-enabled server to turn on Amazon
|
1092
|
-
# logging.
|
1169
|
+
# Specifies the AWS Identity and Access Management (IAM) role that
|
1170
|
+
# allows a file transfer protocol-enabled server to turn on Amazon
|
1171
|
+
# CloudWatch logging.
|
1093
1172
|
# @return [String]
|
1094
1173
|
#
|
1095
1174
|
# @!attribute [rw] server_id
|
1096
|
-
#
|
1175
|
+
# Specifies the unique system assigned identifier for a file transfer
|
1097
1176
|
# protocol-enabled servers that were listed.
|
1098
1177
|
# @return [String]
|
1099
1178
|
#
|
1100
1179
|
# @!attribute [rw] state
|
1101
|
-
#
|
1180
|
+
# Specifies the condition of a file transfer protocol-enabled server
|
1102
1181
|
# for the server that was described. A value of `ONLINE` indicates
|
1103
1182
|
# that the server can accept jobs and transfer files. A `State` value
|
1104
1183
|
# of `OFFLINE` means that the server cannot perform file transfer
|
@@ -1111,9 +1190,8 @@ module Aws::Transfer
|
|
1111
1190
|
# @return [String]
|
1112
1191
|
#
|
1113
1192
|
# @!attribute [rw] user_count
|
1114
|
-
#
|
1115
|
-
#
|
1116
|
-
# `ServerId`.
|
1193
|
+
# Specifies the number of users that are assigned to a file transfer
|
1194
|
+
# protocol-enabled server you specified with the `ServerId`.
|
1117
1195
|
# @return [Integer]
|
1118
1196
|
#
|
1119
1197
|
# @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListedServer AWS API Documentation
|
@@ -1132,8 +1210,8 @@ module Aws::Transfer
|
|
1132
1210
|
# Returns properties of the user that you specify.
|
1133
1211
|
#
|
1134
1212
|
# @!attribute [rw] arn
|
1135
|
-
#
|
1136
|
-
# learn about.
|
1213
|
+
# Provides the unique Amazon Resource Name (ARN) for the user that you
|
1214
|
+
# want to learn about.
|
1137
1215
|
# @return [String]
|
1138
1216
|
#
|
1139
1217
|
# @!attribute [rw] home_directory
|
@@ -1142,29 +1220,31 @@ module Aws::Transfer
|
|
1142
1220
|
# @return [String]
|
1143
1221
|
#
|
1144
1222
|
# @!attribute [rw] home_directory_type
|
1145
|
-
#
|
1146
|
-
# home directory. If you set it to `PATH`, the user will see
|
1147
|
-
# absolute Amazon S3 bucket paths as is in their file transfer
|
1223
|
+
# Specifies the type of landing directory (folder) you mapped for your
|
1224
|
+
# users' home directory. If you set it to `PATH`, the user will see
|
1225
|
+
# the absolute Amazon S3 bucket paths as is in their file transfer
|
1148
1226
|
# protocol clients. If you set it `LOGICAL`, you will need to provide
|
1149
1227
|
# mappings in the `HomeDirectoryMappings` for how you want to make
|
1150
1228
|
# Amazon S3 paths visible to your users.
|
1151
1229
|
# @return [String]
|
1152
1230
|
#
|
1153
1231
|
# @!attribute [rw] role
|
1154
|
-
#
|
1155
|
-
# Management (IAM) entity that, in this case,
|
1156
|
-
# protocol-enabled server to act on a user's
|
1157
|
-
# server to inherit the trust relationship that
|
1158
|
-
# perform file operations to their Amazon S3
|
1232
|
+
# Specifies the role that is in use by this user. A *role* is an AWS
|
1233
|
+
# Identity and Access Management (IAM) entity that, in this case,
|
1234
|
+
# allows a file transfer protocol-enabled server to act on a user's
|
1235
|
+
# behalf. It allows the server to inherit the trust relationship that
|
1236
|
+
# enables that user to perform file operations to their Amazon S3
|
1237
|
+
# bucket.
|
1159
1238
|
# @return [String]
|
1160
1239
|
#
|
1161
1240
|
# @!attribute [rw] ssh_public_key_count
|
1162
|
-
#
|
1241
|
+
# Specifies the number of SSH public keys stored for the user you
|
1242
|
+
# specified.
|
1163
1243
|
# @return [Integer]
|
1164
1244
|
#
|
1165
1245
|
# @!attribute [rw] user_name
|
1166
|
-
#
|
1167
|
-
# for authentication purposes.
|
1246
|
+
# Specifies the name of the user whose ARN was specified. User names
|
1247
|
+
# are used for authentication purposes.
|
1168
1248
|
# @return [String]
|
1169
1249
|
#
|
1170
1250
|
# @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListedUser AWS API Documentation
|
@@ -1241,16 +1321,18 @@ module Aws::Transfer
|
|
1241
1321
|
# public key associated with their user name on a specific server.
|
1242
1322
|
#
|
1243
1323
|
# @!attribute [rw] date_imported
|
1244
|
-
#
|
1324
|
+
# Specifies the date that the public key was added to the user
|
1325
|
+
# account.
|
1245
1326
|
# @return [Time]
|
1246
1327
|
#
|
1247
1328
|
# @!attribute [rw] ssh_public_key_body
|
1248
|
-
#
|
1329
|
+
# Specifies the content of the SSH public key as specified by the
|
1330
|
+
# `PublicKeyId`.
|
1249
1331
|
# @return [String]
|
1250
1332
|
#
|
1251
1333
|
# @!attribute [rw] ssh_public_key_id
|
1252
|
-
#
|
1253
|
-
# key.
|
1334
|
+
# Specifies the `SshPublicKeyId` parameter contains the identifier of
|
1335
|
+
# the public key.
|
1254
1336
|
# @return [String]
|
1255
1337
|
#
|
1256
1338
|
# @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/SshPublicKey AWS API Documentation
|
@@ -1369,9 +1451,10 @@ module Aws::Transfer
|
|
1369
1451
|
#
|
1370
1452
|
# {
|
1371
1453
|
# server_id: "ServerId", # required
|
1454
|
+
# server_protocol: "SFTP", # accepts SFTP, FTP, FTPS
|
1455
|
+
# source_ip: "SourceIp",
|
1372
1456
|
# user_name: "UserName", # required
|
1373
1457
|
# user_password: "UserPassword",
|
1374
|
-
# server_protocol: "SFTP", # accepts SFTP, FTP, FTPS
|
1375
1458
|
# }
|
1376
1459
|
#
|
1377
1460
|
# @!attribute [rw] server_id
|
@@ -1380,14 +1463,6 @@ module Aws::Transfer
|
|
1380
1463
|
# is tested with a user name and password.
|
1381
1464
|
# @return [String]
|
1382
1465
|
#
|
1383
|
-
# @!attribute [rw] user_name
|
1384
|
-
# The name of the user account to be tested.
|
1385
|
-
# @return [String]
|
1386
|
-
#
|
1387
|
-
# @!attribute [rw] user_password
|
1388
|
-
# The password of the user account to be tested.
|
1389
|
-
# @return [String]
|
1390
|
-
#
|
1391
1466
|
# @!attribute [rw] server_protocol
|
1392
1467
|
# The type of file transfer protocol to be tested.
|
1393
1468
|
#
|
@@ -1400,13 +1475,26 @@ module Aws::Transfer
|
|
1400
1475
|
# * File Transfer Protocol (FTP)
|
1401
1476
|
# @return [String]
|
1402
1477
|
#
|
1478
|
+
# @!attribute [rw] source_ip
|
1479
|
+
# The source IP address of the user account to be tested.
|
1480
|
+
# @return [String]
|
1481
|
+
#
|
1482
|
+
# @!attribute [rw] user_name
|
1483
|
+
# The name of the user account to be tested.
|
1484
|
+
# @return [String]
|
1485
|
+
#
|
1486
|
+
# @!attribute [rw] user_password
|
1487
|
+
# The password of the user account to be tested.
|
1488
|
+
# @return [String]
|
1489
|
+
#
|
1403
1490
|
# @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/TestIdentityProviderRequest AWS API Documentation
|
1404
1491
|
#
|
1405
1492
|
class TestIdentityProviderRequest < Struct.new(
|
1406
1493
|
:server_id,
|
1494
|
+
:server_protocol,
|
1495
|
+
:source_ip,
|
1407
1496
|
:user_name,
|
1408
|
-
:user_password
|
1409
|
-
:server_protocol)
|
1497
|
+
:user_password)
|
1410
1498
|
include Aws::Structure
|
1411
1499
|
end
|
1412
1500
|
|
@@ -1503,6 +1591,41 @@ module Aws::Transfer
|
|
1503
1591
|
# @!attribute [rw] certificate
|
1504
1592
|
# The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM)
|
1505
1593
|
# certificate. Required when `Protocols` is set to `FTPS`.
|
1594
|
+
#
|
1595
|
+
# To request a new public certificate, see [Request a public
|
1596
|
+
# certificate][1] in the <i> AWS Certificate Manager User Guide</i>.
|
1597
|
+
#
|
1598
|
+
# To import an existing certificate into ACM, see [Importing
|
1599
|
+
# certificates into ACM][2] in the <i> AWS Certificate Manager User
|
1600
|
+
# Guide</i>.
|
1601
|
+
#
|
1602
|
+
# To request a private certificate to use FTPS through private IP
|
1603
|
+
# addresses, see [Request a private certificate][3] in the <i> AWS
|
1604
|
+
# Certificate Manager User Guide</i>.
|
1605
|
+
#
|
1606
|
+
# Certificates with the following cryptographic algorithms and key
|
1607
|
+
# sizes are supported:
|
1608
|
+
#
|
1609
|
+
# * 2048-bit RSA (RSA\_2048)
|
1610
|
+
#
|
1611
|
+
# * 4096-bit RSA (RSA\_4096)
|
1612
|
+
#
|
1613
|
+
# * Elliptic Prime Curve 256 bit (EC\_prime256v1)
|
1614
|
+
#
|
1615
|
+
# * Elliptic Prime Curve 384 bit (EC\_secp384r1)
|
1616
|
+
#
|
1617
|
+
# * Elliptic Prime Curve 521 bit (EC\_secp521r1)
|
1618
|
+
#
|
1619
|
+
# <note markdown="1"> The certificate must be a valid SSL/TLS X.509 version 3 certificate
|
1620
|
+
# with FQDN or IP address specified and information about the issuer.
|
1621
|
+
#
|
1622
|
+
# </note>
|
1623
|
+
#
|
1624
|
+
#
|
1625
|
+
#
|
1626
|
+
# [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
|
1627
|
+
# [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
|
1628
|
+
# [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html
|
1506
1629
|
# @return [String]
|
1507
1630
|
#
|
1508
1631
|
# @!attribute [rw] endpoint_details
|
@@ -1517,12 +1640,21 @@ module Aws::Transfer
|
|
1517
1640
|
# @!attribute [rw] endpoint_type
|
1518
1641
|
# The type of endpoint that you want your file transfer
|
1519
1642
|
# protocol-enabled server to connect to. You can choose to connect to
|
1520
|
-
# the public internet or a VPC endpoint. With a VPC endpoint,
|
1521
|
-
# server
|
1643
|
+
# the public internet or a VPC endpoint. With a VPC endpoint, you can
|
1644
|
+
# restrict access to your server and resources only within your VPC.
|
1645
|
+
#
|
1646
|
+
# <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With
|
1647
|
+
# this endpoint type, you have the option to directly associate up to
|
1648
|
+
# three Elastic IPv4 addresses (BYO IP included) with your server's
|
1649
|
+
# endpoint and use VPC security groups to restrict traffic by the
|
1650
|
+
# client's public IP address. This is not possible with
|
1651
|
+
# `EndpointType` set to `VPC_ENDPOINT`.
|
1652
|
+
#
|
1653
|
+
# </note>
|
1522
1654
|
# @return [String]
|
1523
1655
|
#
|
1524
1656
|
# @!attribute [rw] host_key
|
1525
|
-
# The RSA private key as generated by `ssh-keygen -N "" -f
|
1657
|
+
# The RSA private key as generated by `ssh-keygen -N "" -m PEM -f
|
1526
1658
|
# my-new-server-key`.
|
1527
1659
|
#
|
1528
1660
|
# If you aren't planning to migrate existing users from an existing
|
@@ -1530,12 +1662,12 @@ module Aws::Transfer
|
|
1530
1662
|
# the host key. Accidentally changing a server's host key can be
|
1531
1663
|
# disruptive.
|
1532
1664
|
#
|
1533
|
-
# For more information, see [
|
1534
|
-
#
|
1665
|
+
# For more information, see [Change the host key for your SFTP-enabled
|
1666
|
+
# server][1] in the *AWS Transfer Family User Guide*.
|
1535
1667
|
#
|
1536
1668
|
#
|
1537
1669
|
#
|
1538
|
-
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/
|
1670
|
+
# [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key
|
1539
1671
|
# @return [String]
|
1540
1672
|
#
|
1541
1673
|
# @!attribute [rw] identity_provider_details
|
@@ -1561,6 +1693,23 @@ module Aws::Transfer
|
|
1561
1693
|
# encryption
|
1562
1694
|
#
|
1563
1695
|
# * File Transfer Protocol (FTP): Unencrypted file transfer
|
1696
|
+
#
|
1697
|
+
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in AWS
|
1698
|
+
# Certificate Manager (ACM) which will be used to identify your server
|
1699
|
+
# when clients connect to it over FTPS.
|
1700
|
+
#
|
1701
|
+
# If `Protocol` includes either `FTP` or `FTPS`, then the
|
1702
|
+
# `EndpointType` must be `VPC` and the `IdentityProviderType` must be
|
1703
|
+
# `API_GATEWAY`.
|
1704
|
+
#
|
1705
|
+
# If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
|
1706
|
+
# associated.
|
1707
|
+
#
|
1708
|
+
# If `Protocol` is set only to `SFTP`, the `EndpointType` can be set
|
1709
|
+
# to `PUBLIC` and the `IdentityProviderType` can be set to
|
1710
|
+
# `SERVICE_MANAGED`.
|
1711
|
+
#
|
1712
|
+
# </note>
|
1564
1713
|
# @return [Array<String>]
|
1565
1714
|
#
|
1566
1715
|
# @!attribute [rw] server_id
|
@@ -1637,8 +1786,8 @@ module Aws::Transfer
|
|
1637
1786
|
# visible. You will need to specify the "`Entry`" and "`Target`"
|
1638
1787
|
# pair, where `Entry` shows how the path is made visible and `Target`
|
1639
1788
|
# is the actual Amazon S3 path. If you only specify a target, it will
|
1640
|
-
# be displayed as is. You will need to also make sure that your
|
1641
|
-
#
|
1789
|
+
# be displayed as is. You will need to also make sure that your IAM
|
1790
|
+
# role provides access to paths in `Target`. The following is an
|
1642
1791
|
# example.
|
1643
1792
|
#
|
1644
1793
|
# `'[ "/bucket2/documentation", \{ "Entry":
|
@@ -1664,19 +1813,18 @@ module Aws::Transfer
|
|
1664
1813
|
#
|
1665
1814
|
# @!attribute [rw] policy
|
1666
1815
|
# Allows you to supply a scope-down policy for your user so you can
|
1667
|
-
# use the same
|
1668
|
-
#
|
1669
|
-
#
|
1670
|
-
#
|
1671
|
-
# `$\{Transfer:HomeBucket\}`.
|
1816
|
+
# use the same IAM role across multiple users. The policy scopes down
|
1817
|
+
# user access to portions of your Amazon S3 bucket. Variables you can
|
1818
|
+
# use inside this policy include `$\{Transfer:UserName\}`,
|
1819
|
+
# `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
|
1672
1820
|
#
|
1673
1821
|
# <note markdown="1"> For scope-down policies, AWS Transfer Family stores the policy as a
|
1674
1822
|
# JSON blob, instead of the Amazon Resource Name (ARN) of the policy.
|
1675
1823
|
# You save the policy as a JSON blob and pass it in the `Policy`
|
1676
1824
|
# argument.
|
1677
1825
|
#
|
1678
|
-
# For an example of a scope-down policy, see [Creating a
|
1679
|
-
#
|
1826
|
+
# For an example of a scope-down policy, see [Creating a scope-down
|
1827
|
+
# policy][1].
|
1680
1828
|
#
|
1681
1829
|
# For more information, see [AssumeRole][2] in the *AWS Security Token
|
1682
1830
|
# Service API Reference*.
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-transfer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.21.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-06-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|