aws-sdk-transfer 1.23.0 → 1.28.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1501e1563bf7f9af211fa870cd288173b03ea5fb6a76ff76d91b75fc0edbad09
-  data.tar.gz: aedfc9f789f4ce46dfde7f0c107aba5720ae654d9d248fcd8cfa46ff2ee7c0dc
+  metadata.gz: 89e89b06f869efa7fad2c3e43d87843735ef3e5d36c3b1cb6b0c4cac683ccb1f
+  data.tar.gz: da5ff735f853c4435db6215cf5165cb0f306e7a26c55005dd1b7d789b6523e02
 SHA512:
-  metadata.gz: 8eec295cbaaca3cfb99daff5a8c36de76127f32e4f0af4bf6b039c28fd222986704f575d1b10b1064d29d4fadbc75fa27bb386fb11500730431e4282d3d2f6d6
-  data.tar.gz: f9790503c56f0d7cd4f9231baffb09fc35428ff6460f3e3b6d786c10518726fe2a9146eb0048484e179ca820efa1170707cdfb2045a0956b29cae7536511530b
+  metadata.gz: b2f43ad16252874ed6da0efd9ea7f6ea9efd3e7108dbd5fcec306190c177136a2641a2f2b8e6c4d7a3b6bf3dcb08e54f3aa638430e31a8ab39275ee576b1081b
+  data.tar.gz: 266e9d63ba36997527e94367d35fb6dd35b8c4c372be4e4871e6be801d02e26034709cbdadb65633b42a21bccd1e8bed637b3b5ac881e81f6600dc2540a364ce

data/lib/aws-sdk-transfer.rb

@@ -7,6 +7,7 @@
 #
 # WARNING ABOUT GENERATED CODE
 
+
 require 'aws-sdk-core'
 require 'aws-sigv4'
 
@@ -44,9 +45,9 @@ require_relative 'aws-sdk-transfer/customizations'
 #
 # See {Errors} for more information.
 #
-# @service
+# @!group service
 module Aws::Transfer
 
-  GEM_VERSION = '1.23.0'
+  GEM_VERSION = '1.28.0'
 
 end

data/lib/aws-sdk-transfer/client.rb

@@ -85,13 +85,28 @@ module Aws::Transfer
     #     * `Aws::Credentials` - Used for configuring static, non-refreshing
     #       credentials.
     #
+    #     * `Aws::SharedCredentials` - Used for loading static credentials from a
+    #       shared file, such as `~/.aws/config`.
+    #
+    #     * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
+    #
+    #     * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
+    #       assume a role after providing credentials via the web.
+    #
+    #     * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
+    #       access token generated from `aws login`.
+    #
+    #     * `Aws::ProcessCredentials` - Used for loading credentials from a
+    #       process that outputs to stdout.
+    #
     #     * `Aws::InstanceProfileCredentials` - Used for loading credentials
     #       from an EC2 IMDS on an EC2 instance.
     #
-    #     * `Aws::SharedCredentials` - Used for loading credentials from a
-    #       shared file, such as `~/.aws/config`.
+    #     * `Aws::ECSCredentials` - Used for loading credentials from
+    #       instances running in ECS.
     #
-    #     * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
+    #     * `Aws::CognitoIdentityCredentials` - Used for loading credentials
+    #       from the Cognito Identity service.
     #
     #     When `:credentials` are not configured directly, the following
     #     locations will be searched for credentials:
@@ -101,10 +116,10 @@ module Aws::Transfer
     #     * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
     #     * `~/.aws/credentials`
     #     * `~/.aws/config`
-    #     * EC2 IMDS instance profile - When used by default, the timeouts are
-    #       very aggressive. Construct and pass an instance of
-    #       `Aws::InstanceProfileCredentails` to enable retries and extended
-    #       timeouts.
+    #     * EC2/ECS IMDS instance profile - When used by default, the timeouts
+    #       are very aggressive. Construct and pass an instance of
+    #       `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
+    #       enable retries and extended timeouts.
     #
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
@@ -369,17 +384,17 @@ module Aws::Transfer
     #
     # @option params [Types::EndpointDetails] :endpoint_details
     #   The virtual private cloud (VPC) endpoint settings that are configured
-    #   for your file transfer protocol-enabled server. When you host your
-    #   endpoint within your VPC, you can make it accessible only to resources
-    #   within your VPC, or you can attach Elastic IPs and make it accessible
-    #   to clients over the internet. Your VPC's default security groups are
-    #   automatically assigned to your endpoint.
+    #   for your server. When you host your endpoint within your VPC, you can
+    #   make it accessible only to resources within your VPC, or you can
+    #   attach Elastic IPs and make it accessible to clients over the
+    #   internet. Your VPC's default security groups are automatically
+    #   assigned to your endpoint.
     #
     # @option params [String] :endpoint_type
-    #   The type of VPC endpoint that you want your file transfer
-    #   protocol-enabled server to connect to. You can choose to connect to
-    #   the public internet or a VPC endpoint. With a VPC endpoint, you can
-    #   restrict access to your server and resources only within your VPC.
+    #   The type of VPC endpoint that you want your server to connect to. You
+    #   can choose to connect to the public internet or a VPC endpoint. With a
+    #   VPC endpoint, you can restrict access to your server and resources
+    #   only within your VPC.
     #
     #   <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With this
     #   endpoint type, you have the option to directly associate up to three
@@ -412,13 +427,13 @@ module Aws::Transfer
     #   Not required when `IdentityProviderType` is set to `SERVICE_MANAGED`.
     #
     # @option params [String] :identity_provider_type
-    #   Specifies the mode of authentication for a file transfer
-    #   protocol-enabled server. The default value is `SERVICE_MANAGED`, which
-    #   allows you to store and access user credentials within the AWS
-    #   Transfer Family service. Use the `API_GATEWAY` value to integrate with
-    #   an identity provider of your choosing. The `API_GATEWAY` setting
-    #   requires you to provide an API Gateway endpoint URL to call for
-    #   authentication using the `IdentityProviderDetails` parameter.
+    #   Specifies the mode of authentication for a server. The default value
+    #   is `SERVICE_MANAGED`, which allows you to store and access user
+    #   credentials within the AWS Transfer Family service. Use the
+    #   `API_GATEWAY` value to integrate with an identity provider of your
+    #   choosing. The `API_GATEWAY` setting requires you to provide an API
+    #   Gateway endpoint URL to call for authentication using the
+    #   `IdentityProviderDetails` parameter.
     #
     # @option params [String] :logging_role
     #   Allows the service to write your users' activity to your Amazon
@@ -453,9 +468,12 @@ module Aws::Transfer
     #
     #    </note>
     #
+    # @option params [String] :security_policy_name
+    #   Specifies the name of the security policy that is attached to the
+    #   server.
+    #
     # @option params [Array<Types::Tag>] :tags
-    #   Key-value pairs that can be used to group and search for file transfer
-    #   protocol-enabled servers.
+    #   Key-value pairs that can be used to group and search for servers.
     #
     # @return [Types::CreateServerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -470,6 +488,7 @@ module Aws::Transfer
     #       subnet_ids: ["SubnetId"],
     #       vpc_endpoint_id: "VpcEndpointId",
     #       vpc_id: "VpcId",
+    #       security_group_ids: ["SecurityGroupId"],
     #     },
     #     endpoint_type: "PUBLIC", # accepts PUBLIC, VPC, VPC_ENDPOINT
     #     host_key: "HostKey",
@@ -480,6 +499,7 @@ module Aws::Transfer
     #     identity_provider_type: "SERVICE_MANAGED", # accepts SERVICE_MANAGED, API_GATEWAY
     #     logging_role: "Role",
     #     protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
+    #     security_policy_name: "SecurityPolicyName",
     #     tags: [
     #       {
     #         key: "TagKey", # required
@@ -511,20 +531,19 @@ module Aws::Transfer
     # can be used to group and search for users.
     #
     # @option params [String] :home_directory
-    #   The landing directory (folder) for a user when they log in to the file
-    #   transfer protocol-enabled server using the client.
+    #   The landing directory (folder) for a user when they log in to the
+    #   server using the client.
     #
     #   An example is <i>
     #   <code>your-Amazon-S3-bucket-name&gt;/home/username</code> </i>.
     #
     # @option params [String] :home_directory_type
     #   The type of landing directory (folder) you want your users' home
-    #   directory to be when they log into the file transfer protocol-enabled
-    #   server. If you set it to `PATH`, the user will see the absolute Amazon
-    #   S3 bucket paths as is in their file transfer protocol clients. If you
-    #   set it `LOGICAL`, you will need to provide mappings in the
-    #   `HomeDirectoryMappings` for how you want to make Amazon S3 paths
-    #   visible to your users.
+    #   directory to be when they log into the server. If you set it to
+    #   `PATH`, the user will see the absolute Amazon S3 bucket paths as is in
+    #   their file transfer protocol clients. If you set it `LOGICAL`, you
+    #   will need to provide mappings in the `HomeDirectoryMappings` for how
+    #   you want to make Amazon S3 paths visible to your users.
     #
     # @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
     #   Logical directory mappings that specify what Amazon S3 paths and keys
@@ -546,7 +565,7 @@ module Aws::Transfer
     #
     #   <note markdown="1"> If the target of a logical directory entry does not exist in Amazon
     #   S3, the entry will be ignored. As a workaround, you can use the Amazon
-    #   S3 api to create 0 byte objects as place holders for your directory.
+    #   S3 API to create 0 byte objects as place holders for your directory.
     #   If using the CLI, use the `s3api` call instead of `s3` so you can use
     #   the put-object operation. For example, you use the following: `aws
     #   s3api put-object --bucket bucketname --key path/to/folder/`. Make sure
@@ -585,29 +604,28 @@ module Aws::Transfer
     #   bucket. The policies attached to this role will determine the level of
     #   access you want to provide your users when transferring files into and
     #   out of your Amazon S3 bucket or buckets. The IAM role should also
-    #   contain a trust relationship that allows the file transfer
-    #   protocol-enabled server to access your resources when servicing your
-    #   users' transfer requests.
+    #   contain a trust relationship that allows the server to access your
+    #   resources when servicing your users' transfer requests.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server instance. This is the specific server that you
-    #   added your user to.
+    #   A system-assigned unique identifier for a server instance. This is the
+    #   specific server that you added your user to.
     #
     # @option params [String] :ssh_public_key_body
     #   The public portion of the Secure Shell (SSH) key used to authenticate
-    #   the user to the file transfer protocol-enabled server.
+    #   the user to the server.
     #
     # @option params [Array<Types::Tag>] :tags
     #   Key-value pairs that can be used to group and search for users. Tags
     #   are metadata attached to users for any purpose.
     #
     # @option params [required, String] :user_name
-    #   A unique string that identifies a user and is associated with a file
-    #   transfer protocol-enabled server as specified by the `ServerId`. This
-    #   user name must be a minimum of 3 and a maximum of 32 characters long.
-    #   The following are valid characters: a-z, A-Z, 0-9, underscore, and
-    #   hyphen. The user name can't start with a hyphen.
+    #   A unique string that identifies a user and is associated with a as
+    #   specified by the `ServerId`. This user name must be a minimum of 3 and
+    #   a maximum of 100 characters long. The following are valid characters:
+    #   a-z, A-Z, 0-9, underscore '\_', hyphen '-', period '.', and at
+    #   sign '@'. The user name can't start with a hyphen, period, or at
+    #   sign.
     #
     # @return [Types::CreateUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -657,8 +675,7 @@ module Aws::Transfer
     # No response returns from this operation.
     #
     # @option params [required, String] :server_id
-    #   A unique system-assigned identifier for a file transfer
-    #   protocol-enabled server instance.
+    #   A unique system-assigned identifier for a server instance.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -721,12 +738,12 @@ module Aws::Transfer
     #  </note>
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server instance that has the user assigned to it.
+    #   A system-assigned unique identifier for a server instance that has the
+    #   user assigned to it.
     #
     # @option params [required, String] :user_name
     #   A unique string that identifies a user that is being deleted from a
-    #   file transfer protocol-enabled server.
+    #   server.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -746,6 +763,51 @@ module Aws::Transfer
       req.send_request(options)
     end
 
+    # Describes the security policy that is attached to your file transfer
+    # protocol-enabled server. The response contains a description of the
+    # security policy's properties. For more information about security
+    # policies, see [Working with security policies][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html
+    #
+    # @option params [required, String] :security_policy_name
+    #   Specifies the name of the security policy that is attached to the
+    #   server.
+    #
+    # @return [Types::DescribeSecurityPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::DescribeSecurityPolicyResponse#security_policy #security_policy} => Types::DescribedSecurityPolicy
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.describe_security_policy({
+    #     security_policy_name: "SecurityPolicyName", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.security_policy.fips #=> Boolean
+    #   resp.security_policy.security_policy_name #=> String
+    #   resp.security_policy.ssh_ciphers #=> Array
+    #   resp.security_policy.ssh_ciphers[0] #=> String
+    #   resp.security_policy.ssh_kexs #=> Array
+    #   resp.security_policy.ssh_kexs[0] #=> String
+    #   resp.security_policy.ssh_macs #=> Array
+    #   resp.security_policy.ssh_macs[0] #=> String
+    #   resp.security_policy.tls_ciphers #=> Array
+    #   resp.security_policy.tls_ciphers[0] #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeSecurityPolicy AWS API Documentation
+    #
+    # @overload describe_security_policy(params = {})
+    # @param [Hash] params ({})
+    def describe_security_policy(params = {}, options = {})
+      req = build_request(:describe_security_policy, params)
+      req.send_request(options)
+    end
+
     # Describes a file transfer protocol-enabled server that you specify by
     # passing the `ServerId` parameter.
     #
@@ -754,8 +816,7 @@ module Aws::Transfer
     # `EndpointDetails`.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server.
+    #   A system-assigned unique identifier for a server.
     #
     # @return [Types::DescribeServerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -777,6 +838,8 @@ module Aws::Transfer
     #   resp.server.endpoint_details.subnet_ids[0] #=> String
     #   resp.server.endpoint_details.vpc_endpoint_id #=> String
     #   resp.server.endpoint_details.vpc_id #=> String
+    #   resp.server.endpoint_details.security_group_ids #=> Array
+    #   resp.server.endpoint_details.security_group_ids[0] #=> String
     #   resp.server.endpoint_type #=> String, one of "PUBLIC", "VPC", "VPC_ENDPOINT"
     #   resp.server.host_key_fingerprint #=> String
     #   resp.server.identity_provider_details.url #=> String
@@ -785,6 +848,7 @@ module Aws::Transfer
     #   resp.server.logging_role #=> String
     #   resp.server.protocols #=> Array
     #   resp.server.protocols[0] #=> String, one of "SFTP", "FTP", "FTPS"
+    #   resp.server.security_policy_name #=> String
     #   resp.server.server_id #=> String
     #   resp.server.state #=> String, one of "OFFLINE", "ONLINE", "STARTING", "STOPPING", "START_FAILED", "STOP_FAILED"
     #   resp.server.tags #=> Array
@@ -808,14 +872,13 @@ module Aws::Transfer
     # associated with the `ServerId` value that was specified.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server that has this user assigned.
+    #   A system-assigned unique identifier for a server that has this user
+    #   assigned.
     #
     # @option params [required, String] :user_name
-    #   The name of the user assigned to one or more file transfer
-    #   protocol-enabled servers. User names are part of the sign-in
-    #   credentials to use the AWS Transfer Family service and perform file
-    #   transfer tasks.
+    #   The name of the user assigned to one or more servers. User names are
+    #   part of the sign-in credentials to use the AWS Transfer Family service
+    #   and perform file transfer tasks.
     #
     # @return [Types::DescribeUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -866,15 +929,13 @@ module Aws::Transfer
     # the name of the `SshPublicKeyId`.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server.
+    #   A system-assigned unique identifier for a server.
     #
     # @option params [required, String] :ssh_public_key_body
     #   The public key portion of an SSH key pair.
     #
     # @option params [required, String] :user_name
-    #   The name of the user account that is assigned to one or more file
-    #   transfer protocol-enabled servers.
+    #   The name of the user account that is assigned to one or more servers.
     #
     # @return [Types::ImportSshPublicKeyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -905,18 +966,60 @@ module Aws::Transfer
       req.send_request(options)
     end
 
+    # Lists the security policies that are attached to your file transfer
+    # protocol-enabled servers.
+    #
+    # @option params [Integer] :max_results
+    #   Specifies the number of security policies to return as a response to
+    #   the `ListSecurityPolicies` query.
+    #
+    # @option params [String] :next_token
+    #   When additional results are obtained from the `ListSecurityPolicies`
+    #   command, a `NextToken` parameter is returned in the output. You can
+    #   then pass the `NextToken` parameter in a subsequent command to
+    #   continue listing additional security policies.
+    #
+    # @return [Types::ListSecurityPoliciesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListSecurityPoliciesResponse#next_token #next_token} => String
+    #   * {Types::ListSecurityPoliciesResponse#security_policy_names #security_policy_names} => Array&lt;String&gt;
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_security_policies({
+    #     max_results: 1,
+    #     next_token: "NextToken",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.next_token #=> String
+    #   resp.security_policy_names #=> Array
+    #   resp.security_policy_names[0] #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListSecurityPolicies AWS API Documentation
+    #
+    # @overload list_security_policies(params = {})
+    # @param [Hash] params ({})
+    def list_security_policies(params = {}, options = {})
+      req = build_request(:list_security_policies, params)
+      req.send_request(options)
+    end
+
     # Lists the file transfer protocol-enabled servers that are associated
     # with your AWS account.
     #
     # @option params [Integer] :max_results
-    #   Specifies the number of file transfer protocol-enabled servers to
-    #   return as a response to the `ListServers` query.
+    #   Specifies the number of servers to return as a response to the
+    #   `ListServers` query.
     #
     # @option params [String] :next_token
-    #   When additional results are obtained from the`ListServers` command, a
+    #   When additional results are obtained from the `ListServers` command, a
     #   `NextToken` parameter is returned in the output. You can then pass the
     #   `NextToken` parameter in a subsequent command to continue listing
-    #   additional file transfer protocol-enabled servers.
+    #   additional servers.
     #
     # @return [Types::ListServersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1018,8 +1121,8 @@ module Aws::Transfer
     #   additional users.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server that has users assigned to it.
+    #   A system-assigned unique identifier for a server that has users
+    #   assigned to it.
     #
     # @return [Types::ListUsersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1070,8 +1173,7 @@ module Aws::Transfer
     # No response is returned from this call.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server that you start.
+    #   A system-assigned unique identifier for a server that you start.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -1094,8 +1196,12 @@ module Aws::Transfer
     # `ONLINE` to `OFFLINE`. An `OFFLINE` server cannot accept and process
     # file transfer jobs. Information tied to your server, such as server
     # and user properties, are not affected by stopping your server.
-    # Stopping the server will not reduce or impact your file transfer
-    # protocol endpoint billing.
+    #
+    # <note markdown="1"> Stopping the server will not reduce or impact your file transfer
+    # protocol endpoint billing; you must delete the server to stop being
+    # billed.
+    #
+    #  </note>
     #
     # The state of `STOPPING` indicates that the server is in an
     # intermediate state, either not fully able to respond, or not fully
@@ -1104,8 +1210,7 @@ module Aws::Transfer
     # No response is returned from this call.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server that you stopped.
+    #   A system-assigned unique identifier for a server that you stopped.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -1170,9 +1275,8 @@ module Aws::Transfer
     # ensure that your users can successfully use the service.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned identifier for a specific file transfer
-    #   protocol-enabled server. That server's user authentication method is
-    #   tested with a user name and password.
+    #   A system-assigned identifier for a specific server. That server's
+    #   user authentication method is tested with a user name and password.
     #
     # @option params [String] :server_protocol
     #   The type of file transfer protocol to be tested.
@@ -1308,16 +1412,16 @@ module Aws::Transfer
     #
     # @option params [Types::EndpointDetails] :endpoint_details
     #   The virtual private cloud (VPC) endpoint settings that are configured
-    #   for your file transfer protocol-enabled server. With a VPC endpoint,
-    #   you can restrict access to your server to resources only within your
-    #   VPC. To control incoming internet traffic, you will need to associate
-    #   one or more Elastic IP addresses with your server's endpoint.
+    #   for your server. With a VPC endpoint, you can restrict access to your
+    #   server to resources only within your VPC. To control incoming internet
+    #   traffic, you will need to associate one or more Elastic IP addresses
+    #   with your server's endpoint.
     #
     # @option params [String] :endpoint_type
-    #   The type of endpoint that you want your file transfer protocol-enabled
-    #   server to connect to. You can choose to connect to the public internet
-    #   or a VPC endpoint. With a VPC endpoint, you can restrict access to
-    #   your server and resources only within your VPC.
+    #   The type of endpoint that you want your server to connect to. You can
+    #   choose to connect to the public internet or a VPC endpoint. With a VPC
+    #   endpoint, you can restrict access to your server and resources only
+    #   within your VPC.
     #
     #   <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With this
     #   endpoint type, you have the option to directly associate up to three
@@ -1333,9 +1437,8 @@ module Aws::Transfer
     #   my-new-server-key`.
     #
     #   If you aren't planning to migrate existing users from an existing
-    #   file transfer protocol-enabled server to a new server, don't update
-    #   the host key. Accidentally changing a server's host key can be
-    #   disruptive.
+    #   server to a new server, don't update the host key. Accidentally
+    #   changing a server's host key can be disruptive.
     #
     #   For more information, see [Change the host key for your SFTP-enabled
     #   server][1] in the *AWS Transfer Family User Guide*.
@@ -1382,9 +1485,13 @@ module Aws::Transfer
     #
     #    </note>
     #
+    # @option params [String] :security_policy_name
+    #   Specifies the name of the security policy that is attached to the
+    #   server.
+    #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server instance that the user account is assigned to.
+    #   A system-assigned unique identifier for a server instance that the
+    #   user account is assigned to.
     #
     # @return [Types::UpdateServerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1399,6 +1506,7 @@ module Aws::Transfer
     #       subnet_ids: ["SubnetId"],
     #       vpc_endpoint_id: "VpcEndpointId",
     #       vpc_id: "VpcId",
+    #       security_group_ids: ["SecurityGroupId"],
     #     },
     #     endpoint_type: "PUBLIC", # accepts PUBLIC, VPC, VPC_ENDPOINT
     #     host_key: "HostKey",
@@ -1408,6 +1516,7 @@ module Aws::Transfer
     #     },
     #     logging_role: "NullableRole",
     #     protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
+    #     security_policy_name: "SecurityPolicyName",
     #     server_id: "ServerId", # required
     #   })
     #
@@ -1433,19 +1542,17 @@ module Aws::Transfer
     #
     # @option params [String] :home_directory
     #   Specifies the landing directory (folder) for a user when they log in
-    #   to the file transfer protocol-enabled server using their file transfer
-    #   protocol client.
+    #   to the server using their file transfer protocol client.
     #
     #   An example is `your-Amazon-S3-bucket-name>/home/username`.
     #
     # @option params [String] :home_directory_type
     #   The type of landing directory (folder) you want your users' home
-    #   directory to be when they log into the file transfer protocol-enabled
-    #   server. If you set it to `PATH`, the user will see the absolute Amazon
-    #   S3 bucket paths as is in their file transfer protocol clients. If you
-    #   set it `LOGICAL`, you will need to provide mappings in the
-    #   `HomeDirectoryMappings` for how you want to make Amazon S3 paths
-    #   visible to your users.
+    #   directory to be when they log into the server. If you set it to
+    #   `PATH`, the user will see the absolute Amazon S3 bucket paths as is in
+    #   their file transfer protocol clients. If you set it `LOGICAL`, you
+    #   will need to provide mappings in the `HomeDirectoryMappings` for how
+    #   you want to make Amazon S3 paths visible to your users.
     #
     # @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
     #   Logical directory mappings that specify what Amazon S3 paths and keys
@@ -1467,7 +1574,7 @@ module Aws::Transfer
     #
     #   <note markdown="1"> If the target of a logical directory entry does not exist in Amazon
     #   S3, the entry will be ignored. As a workaround, you can use the Amazon
-    #   S3 api to create 0 byte objects as place holders for your directory.
+    #   S3 API to create 0 byte objects as place holders for your directory.
     #   If using the CLI, use the `s3api` call instead of `s3` so you can use
     #   the put-object operation. For example, you use the following: `aws
     #   s3api put-object --bucket bucketname --key path/to/folder/`. Make sure
@@ -1506,21 +1613,20 @@ module Aws::Transfer
     #   bucket. The policies attached to this role will determine the level of
     #   access you want to provide your users when transferring files into and
     #   out of your Amazon S3 bucket or buckets. The IAM role should also
-    #   contain a trust relationship that allows the file transfer
-    #   protocol-enabled server to access your resources when servicing your
-    #   users' transfer requests.
+    #   contain a trust relationship that allows the server to access your
+    #   resources when servicing your users' transfer requests.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server instance that the user account is assigned to.
+    #   A system-assigned unique identifier for a server instance that the
+    #   user account is assigned to.
     #
     # @option params [required, String] :user_name
-    #   A unique string that identifies a user and is associated with a file
-    #   transfer protocol-enabled server as specified by the `ServerId`. This
-    #   is the string that will be used by your user when they log in to your
-    #   server. This user name is a minimum of 3 and a maximum of 32
-    #   characters long. The following are valid characters: a-z, A-Z, 0-9,
-    #   underscore, and hyphen. The user name can't start with a hyphen.
+    #   A unique string that identifies a user and is associated with a server
+    #   as specified by the `ServerId`. This user name must be a minimum of 3
+    #   and a maximum of 100 characters long. The following are valid
+    #   characters: a-z, A-Z, 0-9, underscore '\_', hyphen '-', period
+    #   '.', and at sign '@'. The user name can't start with a hyphen,
+    #   period, or at sign.
     #
     # @return [Types::UpdateUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1571,7 +1677,7 @@ module Aws::Transfer
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-transfer'
-      context[:gem_version] = '1.23.0'
+      context[:gem_version] = '1.28.0'
       Seahorse::Client::Request.new(handlers, context)
     end