aws-sdk-transfer 1.23.0 → 1.28.0

data/lib/aws-sdk-transfer/client_api.rb

@@ -27,14 +27,18 @@ module Aws::Transfer
     DeleteServerRequest = Shapes::StructureShape.new(name: 'DeleteServerRequest')
     DeleteSshPublicKeyRequest = Shapes::StructureShape.new(name: 'DeleteSshPublicKeyRequest')
     DeleteUserRequest = Shapes::StructureShape.new(name: 'DeleteUserRequest')
+    DescribeSecurityPolicyRequest = Shapes::StructureShape.new(name: 'DescribeSecurityPolicyRequest')
+    DescribeSecurityPolicyResponse = Shapes::StructureShape.new(name: 'DescribeSecurityPolicyResponse')
     DescribeServerRequest = Shapes::StructureShape.new(name: 'DescribeServerRequest')
     DescribeServerResponse = Shapes::StructureShape.new(name: 'DescribeServerResponse')
     DescribeUserRequest = Shapes::StructureShape.new(name: 'DescribeUserRequest')
     DescribeUserResponse = Shapes::StructureShape.new(name: 'DescribeUserResponse')
+    DescribedSecurityPolicy = Shapes::StructureShape.new(name: 'DescribedSecurityPolicy')
     DescribedServer = Shapes::StructureShape.new(name: 'DescribedServer')
     DescribedUser = Shapes::StructureShape.new(name: 'DescribedUser')
     EndpointDetails = Shapes::StructureShape.new(name: 'EndpointDetails')
     EndpointType = Shapes::StringShape.new(name: 'EndpointType')
+    Fips = Shapes::BooleanShape.new(name: 'Fips')
     HomeDirectory = Shapes::StringShape.new(name: 'HomeDirectory')
     HomeDirectoryMapEntry = Shapes::StructureShape.new(name: 'HomeDirectoryMapEntry')
     HomeDirectoryMappings = Shapes::ListShape.new(name: 'HomeDirectoryMappings')
@@ -48,6 +52,8 @@ module Aws::Transfer
     InternalServiceError = Shapes::StructureShape.new(name: 'InternalServiceError')
     InvalidNextTokenException = Shapes::StructureShape.new(name: 'InvalidNextTokenException')
     InvalidRequestException = Shapes::StructureShape.new(name: 'InvalidRequestException')
+    ListSecurityPoliciesRequest = Shapes::StructureShape.new(name: 'ListSecurityPoliciesRequest')
+    ListSecurityPoliciesResponse = Shapes::StructureShape.new(name: 'ListSecurityPoliciesResponse')
     ListServersRequest = Shapes::StructureShape.new(name: 'ListServersRequest')
     ListServersResponse = Shapes::StructureShape.new(name: 'ListServersResponse')
     ListTagsForResourceRequest = Shapes::StructureShape.new(name: 'ListTagsForResourceRequest')
@@ -74,6 +80,12 @@ module Aws::Transfer
     Response = Shapes::StringShape.new(name: 'Response')
     RetryAfterSeconds = Shapes::StringShape.new(name: 'RetryAfterSeconds')
     Role = Shapes::StringShape.new(name: 'Role')
+    SecurityGroupId = Shapes::StringShape.new(name: 'SecurityGroupId')
+    SecurityGroupIds = Shapes::ListShape.new(name: 'SecurityGroupIds')
+    SecurityPolicyName = Shapes::StringShape.new(name: 'SecurityPolicyName')
+    SecurityPolicyNames = Shapes::ListShape.new(name: 'SecurityPolicyNames')
+    SecurityPolicyOption = Shapes::StringShape.new(name: 'SecurityPolicyOption')
+    SecurityPolicyOptions = Shapes::ListShape.new(name: 'SecurityPolicyOptions')
     ServerId = Shapes::StringShape.new(name: 'ServerId')
     ServiceErrorMessage = Shapes::StringShape.new(name: 'ServiceErrorMessage')
     ServiceUnavailableException = Shapes::StructureShape.new(name: 'ServiceUnavailableException')
@@ -126,6 +138,7 @@ module Aws::Transfer
     CreateServerRequest.add_member(:identity_provider_type, Shapes::ShapeRef.new(shape: IdentityProviderType, location_name: "IdentityProviderType"))
     CreateServerRequest.add_member(:logging_role, Shapes::ShapeRef.new(shape: Role, location_name: "LoggingRole"))
     CreateServerRequest.add_member(:protocols, Shapes::ShapeRef.new(shape: Protocols, location_name: "Protocols"))
+    CreateServerRequest.add_member(:security_policy_name, Shapes::ShapeRef.new(shape: SecurityPolicyName, location_name: "SecurityPolicyName"))
     CreateServerRequest.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "Tags"))
     CreateServerRequest.struct_class = Types::CreateServerRequest
 
@@ -159,6 +172,12 @@ module Aws::Transfer
     DeleteUserRequest.add_member(:user_name, Shapes::ShapeRef.new(shape: UserName, required: true, location_name: "UserName"))
     DeleteUserRequest.struct_class = Types::DeleteUserRequest
 
+    DescribeSecurityPolicyRequest.add_member(:security_policy_name, Shapes::ShapeRef.new(shape: SecurityPolicyName, required: true, location_name: "SecurityPolicyName"))
+    DescribeSecurityPolicyRequest.struct_class = Types::DescribeSecurityPolicyRequest
+
+    DescribeSecurityPolicyResponse.add_member(:security_policy, Shapes::ShapeRef.new(shape: DescribedSecurityPolicy, required: true, location_name: "SecurityPolicy"))
+    DescribeSecurityPolicyResponse.struct_class = Types::DescribeSecurityPolicyResponse
+
     DescribeServerRequest.add_member(:server_id, Shapes::ShapeRef.new(shape: ServerId, required: true, location_name: "ServerId"))
     DescribeServerRequest.struct_class = Types::DescribeServerRequest
 
@@ -173,6 +192,14 @@ module Aws::Transfer
     DescribeUserResponse.add_member(:user, Shapes::ShapeRef.new(shape: DescribedUser, required: true, location_name: "User"))
     DescribeUserResponse.struct_class = Types::DescribeUserResponse
 
+    DescribedSecurityPolicy.add_member(:fips, Shapes::ShapeRef.new(shape: Fips, location_name: "Fips"))
+    DescribedSecurityPolicy.add_member(:security_policy_name, Shapes::ShapeRef.new(shape: SecurityPolicyName, required: true, location_name: "SecurityPolicyName"))
+    DescribedSecurityPolicy.add_member(:ssh_ciphers, Shapes::ShapeRef.new(shape: SecurityPolicyOptions, location_name: "SshCiphers"))
+    DescribedSecurityPolicy.add_member(:ssh_kexs, Shapes::ShapeRef.new(shape: SecurityPolicyOptions, location_name: "SshKexs"))
+    DescribedSecurityPolicy.add_member(:ssh_macs, Shapes::ShapeRef.new(shape: SecurityPolicyOptions, location_name: "SshMacs"))
+    DescribedSecurityPolicy.add_member(:tls_ciphers, Shapes::ShapeRef.new(shape: SecurityPolicyOptions, location_name: "TlsCiphers"))
+    DescribedSecurityPolicy.struct_class = Types::DescribedSecurityPolicy
+
     DescribedServer.add_member(:arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "Arn"))
     DescribedServer.add_member(:certificate, Shapes::ShapeRef.new(shape: Certificate, location_name: "Certificate"))
     DescribedServer.add_member(:endpoint_details, Shapes::ShapeRef.new(shape: EndpointDetails, location_name: "EndpointDetails"))
@@ -182,6 +209,7 @@ module Aws::Transfer
     DescribedServer.add_member(:identity_provider_type, Shapes::ShapeRef.new(shape: IdentityProviderType, location_name: "IdentityProviderType"))
     DescribedServer.add_member(:logging_role, Shapes::ShapeRef.new(shape: Role, location_name: "LoggingRole"))
     DescribedServer.add_member(:protocols, Shapes::ShapeRef.new(shape: Protocols, location_name: "Protocols"))
+    DescribedServer.add_member(:security_policy_name, Shapes::ShapeRef.new(shape: SecurityPolicyName, location_name: "SecurityPolicyName"))
     DescribedServer.add_member(:server_id, Shapes::ShapeRef.new(shape: ServerId, location_name: "ServerId"))
     DescribedServer.add_member(:state, Shapes::ShapeRef.new(shape: State, location_name: "State"))
     DescribedServer.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "Tags"))
@@ -203,6 +231,7 @@ module Aws::Transfer
     EndpointDetails.add_member(:subnet_ids, Shapes::ShapeRef.new(shape: SubnetIds, location_name: "SubnetIds"))
     EndpointDetails.add_member(:vpc_endpoint_id, Shapes::ShapeRef.new(shape: VpcEndpointId, location_name: "VpcEndpointId"))
     EndpointDetails.add_member(:vpc_id, Shapes::ShapeRef.new(shape: VpcId, location_name: "VpcId"))
+    EndpointDetails.add_member(:security_group_ids, Shapes::ShapeRef.new(shape: SecurityGroupIds, location_name: "SecurityGroupIds"))
     EndpointDetails.struct_class = Types::EndpointDetails
 
     HomeDirectoryMapEntry.add_member(:entry, Shapes::ShapeRef.new(shape: MapEntry, required: true, location_name: "Entry"))
@@ -234,6 +263,14 @@ module Aws::Transfer
     InvalidRequestException.add_member(:message, Shapes::ShapeRef.new(shape: Message, required: true, location_name: "Message"))
     InvalidRequestException.struct_class = Types::InvalidRequestException
 
+    ListSecurityPoliciesRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location_name: "MaxResults"))
+    ListSecurityPoliciesRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
+    ListSecurityPoliciesRequest.struct_class = Types::ListSecurityPoliciesRequest
+
+    ListSecurityPoliciesResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
+    ListSecurityPoliciesResponse.add_member(:security_policy_names, Shapes::ShapeRef.new(shape: SecurityPolicyNames, required: true, location_name: "SecurityPolicyNames"))
+    ListSecurityPoliciesResponse.struct_class = Types::ListSecurityPoliciesResponse
+
     ListServersRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location_name: "MaxResults"))
     ListServersRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
     ListServersRequest.struct_class = Types::ListServersRequest
@@ -295,6 +332,12 @@ module Aws::Transfer
     ResourceNotFoundException.add_member(:resource_type, Shapes::ShapeRef.new(shape: ResourceType, required: true, location_name: "ResourceType"))
     ResourceNotFoundException.struct_class = Types::ResourceNotFoundException
 
+    SecurityGroupIds.member = Shapes::ShapeRef.new(shape: SecurityGroupId)
+
+    SecurityPolicyNames.member = Shapes::ShapeRef.new(shape: SecurityPolicyName)
+
+    SecurityPolicyOptions.member = Shapes::ShapeRef.new(shape: SecurityPolicyOption)
+
     ServiceUnavailableException.add_member(:message, Shapes::ShapeRef.new(shape: ServiceErrorMessage, location_name: "Message"))
     ServiceUnavailableException.struct_class = Types::ServiceUnavailableException
 
@@ -352,6 +395,7 @@ module Aws::Transfer
     UpdateServerRequest.add_member(:identity_provider_details, Shapes::ShapeRef.new(shape: IdentityProviderDetails, location_name: "IdentityProviderDetails"))
     UpdateServerRequest.add_member(:logging_role, Shapes::ShapeRef.new(shape: NullableRole, location_name: "LoggingRole"))
     UpdateServerRequest.add_member(:protocols, Shapes::ShapeRef.new(shape: Protocols, location_name: "Protocols"))
+    UpdateServerRequest.add_member(:security_policy_name, Shapes::ShapeRef.new(shape: SecurityPolicyName, location_name: "SecurityPolicyName"))
     UpdateServerRequest.add_member(:server_id, Shapes::ShapeRef.new(shape: ServerId, required: true, location_name: "ServerId"))
     UpdateServerRequest.struct_class = Types::UpdateServerRequest
 
@@ -456,6 +500,18 @@ module Aws::Transfer
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
       end)
 
+      api.add_operation(:describe_security_policy, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DescribeSecurityPolicy"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: DescribeSecurityPolicyRequest)
+        o.output = Shapes::ShapeRef.new(shape: DescribeSecurityPolicyResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceUnavailableException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+      end)
+
       api.add_operation(:describe_server, Seahorse::Model::Operation.new.tap do |o|
         o.name = "DescribeServer"
         o.http_method = "POST"
@@ -494,6 +550,24 @@ module Aws::Transfer
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
       end)
 
+      api.add_operation(:list_security_policies, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "ListSecurityPolicies"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: ListSecurityPoliciesRequest)
+        o.output = Shapes::ShapeRef.new(shape: ListSecurityPoliciesResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceUnavailableException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidNextTokenException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
+        o[:pager] = Aws::Pager.new(
+          limit_key: "max_results",
+          tokens: {
+            "next_token" => "next_token"
+          }
+        )
+      end)
+
       api.add_operation(:list_servers, Seahorse::Model::Operation.new.tap do |o|
         o.name = "ListServers"
         o.http_method = "POST"

data/lib/aws-sdk-transfer/types.rb

@@ -48,6 +48,7 @@ module Aws::Transfer
     #           subnet_ids: ["SubnetId"],
     #           vpc_endpoint_id: "VpcEndpointId",
     #           vpc_id: "VpcId",
+    #           security_group_ids: ["SecurityGroupId"],
     #         },
     #         endpoint_type: "PUBLIC", # accepts PUBLIC, VPC, VPC_ENDPOINT
     #         host_key: "HostKey",
@@ -58,6 +59,7 @@ module Aws::Transfer
     #         identity_provider_type: "SERVICE_MANAGED", # accepts SERVICE_MANAGED, API_GATEWAY
     #         logging_role: "Role",
     #         protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
+    #         security_policy_name: "SecurityPolicyName",
     #         tags: [
     #           {
     #             key: "TagKey", # required
@@ -108,18 +110,18 @@ module Aws::Transfer
     #
     # @!attribute [rw] endpoint_details
     #   The virtual private cloud (VPC) endpoint settings that are
-    #   configured for your file transfer protocol-enabled server. When you
-    #   host your endpoint within your VPC, you can make it accessible only
-    #   to resources within your VPC, or you can attach Elastic IPs and make
-    #   it accessible to clients over the internet. Your VPC's default
-    #   security groups are automatically assigned to your endpoint.
+    #   configured for your server. When you host your endpoint within your
+    #   VPC, you can make it accessible only to resources within your VPC,
+    #   or you can attach Elastic IPs and make it accessible to clients over
+    #   the internet. Your VPC's default security groups are automatically
+    #   assigned to your endpoint.
     #   @return [Types::EndpointDetails]
     #
     # @!attribute [rw] endpoint_type
-    #   The type of VPC endpoint that you want your file transfer
-    #   protocol-enabled server to connect to. You can choose to connect to
-    #   the public internet or a VPC endpoint. With a VPC endpoint, you can
-    #   restrict access to your server and resources only within your VPC.
+    #   The type of VPC endpoint that you want your server to connect to.
+    #   You can choose to connect to the public internet or a VPC endpoint.
+    #   With a VPC endpoint, you can restrict access to your server and
+    #   resources only within your VPC.
     #
     #   <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With
     #   this endpoint type, you have the option to directly associate up to
@@ -156,13 +158,13 @@ module Aws::Transfer
     #   @return [Types::IdentityProviderDetails]
     #
     # @!attribute [rw] identity_provider_type
-    #   Specifies the mode of authentication for a file transfer
-    #   protocol-enabled server. The default value is `SERVICE_MANAGED`,
-    #   which allows you to store and access user credentials within the AWS
-    #   Transfer Family service. Use the `API_GATEWAY` value to integrate
-    #   with an identity provider of your choosing. The `API_GATEWAY`
-    #   setting requires you to provide an API Gateway endpoint URL to call
-    #   for authentication using the `IdentityProviderDetails` parameter.
+    #   Specifies the mode of authentication for a server. The default value
+    #   is `SERVICE_MANAGED`, which allows you to store and access user
+    #   credentials within the AWS Transfer Family service. Use the
+    #   `API_GATEWAY` value to integrate with an identity provider of your
+    #   choosing. The `API_GATEWAY` setting requires you to provide an API
+    #   Gateway endpoint URL to call for authentication using the
+    #   `IdentityProviderDetails` parameter.
     #   @return [String]
     #
     # @!attribute [rw] logging_role
@@ -201,9 +203,13 @@ module Aws::Transfer
     #    </note>
     #   @return [Array<String>]
     #
+    # @!attribute [rw] security_policy_name
+    #   Specifies the name of the security policy that is attached to the
+    #   server.
+    #   @return [String]
+    #
     # @!attribute [rw] tags
-    #   Key-value pairs that can be used to group and search for file
-    #   transfer protocol-enabled servers.
+    #   Key-value pairs that can be used to group and search for servers.
     #   @return [Array<Types::Tag>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateServerRequest AWS API Documentation
@@ -217,14 +223,14 @@ module Aws::Transfer
       :identity_provider_type,
       :logging_role,
       :protocols,
+      :security_policy_name,
       :tags)
       SENSITIVE = [:host_key]
       include Aws::Structure
     end
 
     # @!attribute [rw] server_id
-    #   The service-assigned ID of the file transfer protocol-enabled server
-    #   that is created.
+    #   The service-assigned ID of the server that is created.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateServerResponse AWS API Documentation
@@ -262,7 +268,7 @@ module Aws::Transfer
     #
     # @!attribute [rw] home_directory
     #   The landing directory (folder) for a user when they log in to the
-    #   file transfer protocol-enabled server using the client.
+    #   server using the client.
     #
     #   An example is <i>
     #   <code>your-Amazon-S3-bucket-name&gt;/home/username</code> </i>.
@@ -270,12 +276,11 @@ module Aws::Transfer
     #
     # @!attribute [rw] home_directory_type
     #   The type of landing directory (folder) you want your users' home
-    #   directory to be when they log into the file transfer
-    #   protocol-enabled server. If you set it to `PATH`, the user will see
-    #   the absolute Amazon S3 bucket paths as is in their file transfer
-    #   protocol clients. If you set it `LOGICAL`, you will need to provide
-    #   mappings in the `HomeDirectoryMappings` for how you want to make
-    #   Amazon S3 paths visible to your users.
+    #   directory to be when they log into the server. If you set it to
+    #   `PATH`, the user will see the absolute Amazon S3 bucket paths as is
+    #   in their file transfer protocol clients. If you set it `LOGICAL`,
+    #   you will need to provide mappings in the `HomeDirectoryMappings` for
+    #   how you want to make Amazon S3 paths visible to your users.
     #   @return [String]
     #
     # @!attribute [rw] home_directory_mappings
@@ -299,7 +304,7 @@ module Aws::Transfer
     #
     #   <note markdown="1"> If the target of a logical directory entry does not exist in Amazon
     #   S3, the entry will be ignored. As a workaround, you can use the
-    #   Amazon S3 api to create 0 byte objects as place holders for your
+    #   Amazon S3 API to create 0 byte objects as place holders for your
     #   directory. If using the CLI, use the `s3api` call instead of `s3` so
     #   you can use the put-object operation. For example, you use the
     #   following: `aws s3api put-object --bucket bucketname --key
@@ -340,20 +345,18 @@ module Aws::Transfer
     #   bucket. The policies attached to this role will determine the level
     #   of access you want to provide your users when transferring files
     #   into and out of your Amazon S3 bucket or buckets. The IAM role
-    #   should also contain a trust relationship that allows the file
-    #   transfer protocol-enabled server to access your resources when
-    #   servicing your users' transfer requests.
+    #   should also contain a trust relationship that allows the server to
+    #   access your resources when servicing your users' transfer requests.
     #   @return [String]
     #
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server instance. This is the specific server that
-    #   you added your user to.
+    #   A system-assigned unique identifier for a server instance. This is
+    #   the specific server that you added your user to.
     #   @return [String]
     #
     # @!attribute [rw] ssh_public_key_body
     #   The public portion of the Secure Shell (SSH) key used to
-    #   authenticate the user to the file transfer protocol-enabled server.
+    #   authenticate the user to the server.
     #   @return [String]
     #
     # @!attribute [rw] tags
@@ -362,11 +365,12 @@ module Aws::Transfer
     #   @return [Array<Types::Tag>]
     #
     # @!attribute [rw] user_name
-    #   A unique string that identifies a user and is associated with a file
-    #   transfer protocol-enabled server as specified by the `ServerId`.
-    #   This user name must be a minimum of 3 and a maximum of 32 characters
-    #   long. The following are valid characters: a-z, A-Z, 0-9, underscore,
-    #   and hyphen. The user name can't start with a hyphen.
+    #   A unique string that identifies a user and is associated with a as
+    #   specified by the `ServerId`. This user name must be a minimum of 3
+    #   and a maximum of 100 characters long. The following are valid
+    #   characters: a-z, A-Z, 0-9, underscore '\_', hyphen '-', period
+    #   '.', and at sign '@'. The user name can't start with a hyphen,
+    #   period, or at sign.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateUserRequest AWS API Documentation
@@ -386,13 +390,12 @@ module Aws::Transfer
     end
 
     # @!attribute [rw] server_id
-    #   The ID of the file transfer protocol-enabled server that the user is
-    #   attached to.
+    #   The ID of the server that the user is attached to.
     #   @return [String]
     #
     # @!attribute [rw] user_name
     #   A unique string that identifies a user account associated with a
-    #   file transfer protocol-enabled server.
+    #   server.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateUserResponse AWS API Documentation
@@ -412,8 +415,7 @@ module Aws::Transfer
     #       }
     #
     # @!attribute [rw] server_id
-    #   A unique system-assigned identifier for a file transfer
-    #   protocol-enabled server instance.
+    #   A unique system-assigned identifier for a server instance.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteServerRequest AWS API Documentation
@@ -466,13 +468,13 @@ module Aws::Transfer
     #       }
     #
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server instance that has the user assigned to it.
+    #   A system-assigned unique identifier for a server instance that has
+    #   the user assigned to it.
     #   @return [String]
     #
     # @!attribute [rw] user_name
     #   A unique string that identifies a user that is being deleted from a
-    #   file transfer protocol-enabled server.
+    #   server.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteUserRequest AWS API Documentation
@@ -484,6 +486,38 @@ module Aws::Transfer
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass DescribeSecurityPolicyRequest
+    #   data as a hash:
+    #
+    #       {
+    #         security_policy_name: "SecurityPolicyName", # required
+    #       }
+    #
+    # @!attribute [rw] security_policy_name
+    #   Specifies the name of the security policy that is attached to the
+    #   server.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeSecurityPolicyRequest AWS API Documentation
+    #
+    class DescribeSecurityPolicyRequest < Struct.new(
+      :security_policy_name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] security_policy
+    #   An array containing the properties of the security policy.
+    #   @return [Types::DescribedSecurityPolicy]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeSecurityPolicyResponse AWS API Documentation
+    #
+    class DescribeSecurityPolicyResponse < Struct.new(
+      :security_policy)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass DescribeServerRequest
     #   data as a hash:
     #
@@ -492,8 +526,7 @@ module Aws::Transfer
     #       }
     #
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server.
+    #   A system-assigned unique identifier for a server.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeServerRequest AWS API Documentation
@@ -505,8 +538,8 @@ module Aws::Transfer
     end
 
     # @!attribute [rw] server
-    #   An array containing the properties of a file transfer
-    #   protocol-enabled server with the `ServerID` you specified.
+    #   An array containing the properties of a server with the `ServerID`
+    #   you specified.
     #   @return [Types::DescribedServer]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeServerResponse AWS API Documentation
@@ -526,15 +559,14 @@ module Aws::Transfer
     #       }
     #
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server that has this user assigned.
+    #   A system-assigned unique identifier for a server that has this user
+    #   assigned.
     #   @return [String]
     #
     # @!attribute [rw] user_name
-    #   The name of the user assigned to one or more file transfer
-    #   protocol-enabled servers. User names are part of the sign-in
-    #   credentials to use the AWS Transfer Family service and perform file
-    #   transfer tasks.
+    #   The name of the user assigned to one or more servers. User names are
+    #   part of the sign-in credentials to use the AWS Transfer Family
+    #   service and perform file transfer tasks.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeUserRequest AWS API Documentation
@@ -547,8 +579,8 @@ module Aws::Transfer
     end
 
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server that has this user assigned.
+    #   A system-assigned unique identifier for a server that has this user
+    #   assigned.
     #   @return [String]
     #
     # @!attribute [rw] user
@@ -565,17 +597,64 @@ module Aws::Transfer
       include Aws::Structure
     end
 
+    # Describes the properties of a security policy that was specified. For
+    # more information about security policies, see [Working with security
+    # policies][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html
+    #
+    # @!attribute [rw] fips
+    #   Specifies whether this policy enables Federal Information Processing
+    #   Standards (FIPS).
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] security_policy_name
+    #   Specifies the name of the security policy that is attached to the
+    #   server.
+    #   @return [String]
+    #
+    # @!attribute [rw] ssh_ciphers
+    #   Specifies the enabled Secure Shell (SSH) cipher encryption
+    #   algorithms in the security policy that is attached to the server.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] ssh_kexs
+    #   Specifies the enabled SSH key exchange (KEX) encryption algorithms
+    #   in the security policy that is attached to the server.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] ssh_macs
+    #   Specifies the enabled SSH message authentication code (MAC)
+    #   encryption algorithms in the security policy that is attached to the
+    #   server.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] tls_ciphers
+    #   Specifies the enabled Transport Layer Security (TLS) cipher
+    #   encryption algorithms in the security policy that is attached to the
+    #   server.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedSecurityPolicy AWS API Documentation
+    #
+    class DescribedSecurityPolicy < Struct.new(
+      :fips,
+      :security_policy_name,
+      :ssh_ciphers,
+      :ssh_kexs,
+      :ssh_macs,
+      :tls_ciphers)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Describes the properties of a file transfer protocol-enabled server
-    # that was specified. Information returned includes the following: the
-    # server Amazon Resource Name (ARN), the certificate ARN (if the FTPS
-    # protocol was selected), the endpoint type and details, the
-    # authentication configuration and type, the logging role, the file
-    # transfer protocol or protocols, the server ID and state, and assigned
-    # tags or metadata.
+    # that was specified.
     #
     # @!attribute [rw] arn
-    #   Specifies the unique Amazon Resource Name (ARN) for a file transfer
-    #   protocol-enabled server to be described.
+    #   Specifies the unique Amazon Resource Name (ARN) of the server.
     #   @return [String]
     #
     # @!attribute [rw] certificate
@@ -585,14 +664,13 @@ module Aws::Transfer
     #
     # @!attribute [rw] endpoint_details
     #   Specifies the virtual private cloud (VPC) endpoint settings that you
-    #   configured for your file transfer protocol-enabled server.
+    #   configured for your server.
     #   @return [Types::EndpointDetails]
     #
     # @!attribute [rw] endpoint_type
-    #   Defines the type of endpoint that your file transfer
-    #   protocol-enabled server is connected to. If your server is connected
-    #   to a VPC endpoint, your server isn't accessible over the public
-    #   internet.
+    #   Defines the type of endpoint that your server is connected to. If
+    #   your server is connected to a VPC endpoint, your server isn't
+    #   accessible over the public internet.
     #   @return [String]
     #
     # @!attribute [rw] host_key_fingerprint
@@ -604,23 +682,23 @@ module Aws::Transfer
     # @!attribute [rw] identity_provider_details
     #   Specifies information to call a customer-supplied authentication
     #   API. This field is not populated when the `IdentityProviderType` of
-    #   a file transfer protocol-enabled server is `SERVICE_MANAGED`.
+    #   a server is `SERVICE_MANAGED`.
     #   @return [Types::IdentityProviderDetails]
     #
     # @!attribute [rw] identity_provider_type
     #   Specifies the mode of authentication method enabled for this
     #   service. A value of `SERVICE_MANAGED` means that you are using this
-    #   file transfer protocol-enabled server to store and access user
-    #   credentials within the service. A value of `API_GATEWAY` indicates
-    #   that you have integrated an API Gateway endpoint that will be
-    #   invoked for authenticating your user into the service.
+    #   server to store and access user credentials within the service. A
+    #   value of `API_GATEWAY` indicates that you have integrated an API
+    #   Gateway endpoint that will be invoked for authenticating your user
+    #   into the service.
     #   @return [String]
     #
     # @!attribute [rw] logging_role
     #   Specifies the AWS Identity and Access Management (IAM) role that
-    #   allows a file transfer protocol-enabled server to turn on Amazon
-    #   CloudWatch logging for Amazon S3 events. When set, user activity can
-    #   be viewed in your CloudWatch logs.
+    #   allows a server to turn on Amazon CloudWatch logging for Amazon S3
+    #   events. When set, user activity can be viewed in your CloudWatch
+    #   logs.
     #   @return [String]
     #
     # @!attribute [rw] protocols
@@ -637,17 +715,21 @@ module Aws::Transfer
     #   * `FTP` (File Transfer Protocol): Unencrypted file transfer
     #   @return [Array<String>]
     #
+    # @!attribute [rw] security_policy_name
+    #   Specifies the name of the security policy that is attached to the
+    #   server.
+    #   @return [String]
+    #
     # @!attribute [rw] server_id
-    #   Specifies the unique system-assigned identifier for a file transfer
-    #   protocol-enabled server that you instantiate.
+    #   Specifies the unique system-assigned identifier for a server that
+    #   you instantiate.
     #   @return [String]
     #
     # @!attribute [rw] state
-    #   Specifies the condition of a file transfer protocol-enabled server
-    #   for the server that was described. A value of `ONLINE` indicates
-    #   that the server can accept jobs and transfer files. A `State` value
-    #   of `OFFLINE` means that the server cannot perform file transfer
-    #   operations.
+    #   Specifies the condition of a server for the server that was
+    #   described. A value of `ONLINE` indicates that the server can accept
+    #   jobs and transfer files. A `State` value of `OFFLINE` means that the
+    #   server cannot perform file transfer operations.
     #
     #   The states of `STARTING` and `STOPPING` indicate that the server is
     #   in an intermediate state, either not fully able to respond, or not
@@ -657,13 +739,12 @@ module Aws::Transfer
     #
     # @!attribute [rw] tags
     #   Specifies the key-value pairs that you can use to search for and
-    #   group file transfer protocol-enabled servers that were assigned to
-    #   the server that was described.
+    #   group servers that were assigned to the server that was described.
     #   @return [Array<Types::Tag>]
     #
     # @!attribute [rw] user_count
-    #   Specifies the number of users that are assigned to a file transfer
-    #   protocol-enabled server you specified with the `ServerId`.
+    #   Specifies the number of users that are assigned to a server you
+    #   specified with the `ServerId`.
     #   @return [Integer]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedServer AWS API Documentation
@@ -678,6 +759,7 @@ module Aws::Transfer
       :identity_provider_type,
       :logging_role,
       :protocols,
+      :security_policy_name,
       :server_id,
       :state,
       :tags,
@@ -686,7 +768,7 @@ module Aws::Transfer
       include Aws::Structure
     end
 
-    # Returns properties of the user that you want to describe.
+    # Describes the properties of a user that was specified.
     #
     # @!attribute [rw] arn
     #   Specifies the unique Amazon Resource Name (ARN) for the user that
@@ -735,9 +817,8 @@ module Aws::Transfer
     #   Amazon S3 bucket. The policies attached to this role will determine
     #   the level of access you want to provide your users when transferring
     #   files into and out of your Amazon S3 bucket or buckets. The IAM role
-    #   should also contain a trust relationship that allows a file transfer
-    #   protocol-enabled server to access your resources when servicing your
-    #   users' transfer requests.
+    #   should also contain a trust relationship that allows a server to
+    #   access your resources when servicing your users' transfer requests.
     #   @return [String]
     #
     # @!attribute [rw] ssh_public_keys
@@ -753,8 +834,7 @@ module Aws::Transfer
     # @!attribute [rw] user_name
     #   Specifies the name of the user that was requested to be described.
     #   User names are used for authentication purposes. This is the string
-    #   that will be used by your user when they log in to your file
-    #   transfer protocol-enabled server.
+    #   that will be used by your user when they log in to your server.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedUser AWS API Documentation
@@ -787,23 +867,24 @@ module Aws::Transfer
     #         subnet_ids: ["SubnetId"],
     #         vpc_endpoint_id: "VpcEndpointId",
     #         vpc_id: "VpcId",
+    #         security_group_ids: ["SecurityGroupId"],
     #       }
     #
     # @!attribute [rw] address_allocation_ids
     #   A list of address allocation IDs that are required to attach an
-    #   Elastic IP address to your file transfer protocol-enabled server's
-    #   endpoint. This is only valid in the `UpdateServer` API.
+    #   Elastic IP address to your server's endpoint.
     #
-    #   <note markdown="1"> This property can only be use when `EndpointType` is set to `VPC`.
+    #   <note markdown="1"> This property can only be set when `EndpointType` is set to `VPC`
+    #   and it is only valid in the `UpdateServer` API.
     #
     #    </note>
     #   @return [Array<String>]
     #
     # @!attribute [rw] subnet_ids
-    #   A list of subnet IDs that are required to host your file transfer
-    #   protocol-enabled server endpoint in your VPC.
+    #   A list of subnet IDs that are required to host your server endpoint
+    #   in your VPC.
     #
-    #   <note markdown="1"> This property can only be used when `EndpointType` is set to `VPC`.
+    #   <note markdown="1"> This property can only be set when `EndpointType` is set to `VPC`.
     #
     #    </note>
     #   @return [Array<String>]
@@ -811,33 +892,46 @@ module Aws::Transfer
     # @!attribute [rw] vpc_endpoint_id
     #   The ID of the VPC endpoint.
     #
-    #   <note markdown="1"> This property can only be used when `EndpointType` is set to
+    #   <note markdown="1"> This property can only be set when `EndpointType` is set to
     #   `VPC_ENDPOINT`.
     #
     #    </note>
     #   @return [String]
     #
     # @!attribute [rw] vpc_id
-    #   The VPC ID of the VPC in which a file transfer protocol-enabled
-    #   server's endpoint will be hosted.
+    #   The VPC ID of the VPC in which a server's endpoint will be hosted.
     #
-    #   <note markdown="1"> This property can only be used when `EndpointType` is set to `VPC`.
+    #   <note markdown="1"> This property can only be set when `EndpointType` is set to `VPC`.
     #
     #    </note>
     #   @return [String]
     #
+    # @!attribute [rw] security_group_ids
+    #   A list of security groups IDs that are available to attach to your
+    #   server's endpoint.
+    #
+    #   <note markdown="1"> This property can only be set when `EndpointType` is set to `VPC`.
+    #
+    #    You can only edit the `SecurityGroupIds` property in the
+    #   `UpdateServer` API and only if you are changing the `EndpointType`
+    #   from `PUBLIC` or `VPC_ENDPOINT` to `VPC`.
+    #
+    #    </note>
+    #   @return [Array<String>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/EndpointDetails AWS API Documentation
     #
     class EndpointDetails < Struct.new(
       :address_allocation_ids,
       :subnet_ids,
       :vpc_endpoint_id,
-      :vpc_id)
+      :vpc_id,
+      :security_group_ids)
       SENSITIVE = []
       include Aws::Structure
     end
 
-    # Represents an object that contains entries and a targets for
+    # Represents an object that contains entries and targets for
     # `HomeDirectoryMappings`.
     #
     # @note When making an API call, you may pass HomeDirectoryMapEntry
@@ -906,8 +1000,7 @@ module Aws::Transfer
     #       }
     #
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server.
+    #   A system-assigned unique identifier for a server.
     #   @return [String]
     #
     # @!attribute [rw] ssh_public_key_body
@@ -915,8 +1008,8 @@ module Aws::Transfer
     #   @return [String]
     #
     # @!attribute [rw] user_name
-    #   The name of the user account that is assigned to one or more file
-    #   transfer protocol-enabled servers.
+    #   The name of the user account that is assigned to one or more
+    #   servers.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ImportSshPublicKeyRequest AWS API Documentation
@@ -929,14 +1022,12 @@ module Aws::Transfer
       include Aws::Structure
     end
 
-    # Identifies the user, the file transfer protocol-enabled server they
-    # belong to, and the identifier of the SSH public key associated with
-    # that user. A user can have more than one key on each server that they
-    # are associated with.
+    # Identifies the user, the server they belong to, and the identifier of
+    # the SSH public key associated with that user. A user can have more
+    # than one key on each server that they are associated with.
     #
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server.
+    #   A system-assigned unique identifier for a server.
     #   @return [String]
     #
     # @!attribute [rw] ssh_public_key_id
@@ -997,6 +1088,55 @@ module Aws::Transfer
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass ListSecurityPoliciesRequest
+    #   data as a hash:
+    #
+    #       {
+    #         max_results: 1,
+    #         next_token: "NextToken",
+    #       }
+    #
+    # @!attribute [rw] max_results
+    #   Specifies the number of security policies to return as a response to
+    #   the `ListSecurityPolicies` query.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   When additional results are obtained from the `ListSecurityPolicies`
+    #   command, a `NextToken` parameter is returned in the output. You can
+    #   then pass the `NextToken` parameter in a subsequent command to
+    #   continue listing additional security policies.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListSecurityPoliciesRequest AWS API Documentation
+    #
+    class ListSecurityPoliciesRequest < Struct.new(
+      :max_results,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] next_token
+    #   When you can get additional results from the `ListSecurityPolicies`
+    #   operation, a `NextToken` parameter is returned in the output. In a
+    #   following command, you can pass in the `NextToken` parameter to
+    #   continue listing security policies.
+    #   @return [String]
+    #
+    # @!attribute [rw] security_policy_names
+    #   An array of security policies that were listed.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListSecurityPoliciesResponse AWS API Documentation
+    #
+    class ListSecurityPoliciesResponse < Struct.new(
+      :next_token,
+      :security_policy_names)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass ListServersRequest
     #   data as a hash:
     #
@@ -1006,15 +1146,15 @@ module Aws::Transfer
     #       }
     #
     # @!attribute [rw] max_results
-    #   Specifies the number of file transfer protocol-enabled servers to
-    #   return as a response to the `ListServers` query.
+    #   Specifies the number of servers to return as a response to the
+    #   `ListServers` query.
     #   @return [Integer]
     #
     # @!attribute [rw] next_token
-    #   When additional results are obtained from the`ListServers` command,
+    #   When additional results are obtained from the `ListServers` command,
     #   a `NextToken` parameter is returned in the output. You can then pass
     #   the `NextToken` parameter in a subsequent command to continue
-    #   listing additional file transfer protocol-enabled servers.
+    #   listing additional servers.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListServersRequest AWS API Documentation
@@ -1030,11 +1170,11 @@ module Aws::Transfer
     #   When you can get additional results from the `ListServers`
     #   operation, a `NextToken` parameter is returned in the output. In a
     #   following command, you can pass in the `NextToken` parameter to
-    #   continue listing additional file transfer protocol-enabled servers.
+    #   continue listing additional servers.
     #   @return [String]
     #
     # @!attribute [rw] servers
-    #   An array of file transfer protocol-enabled servers that were listed.
+    #   An array of servers that were listed.
     #   @return [Array<Types::ListedServer>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListServersResponse AWS API Documentation
@@ -1132,8 +1272,8 @@ module Aws::Transfer
     #   @return [String]
     #
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server that has users assigned to it.
+    #   A system-assigned unique identifier for a server that has users
+    #   assigned to it.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListUsersRequest AWS API Documentation
@@ -1154,8 +1294,8 @@ module Aws::Transfer
     #   @return [String]
     #
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server that the users are assigned to.
+    #   A system-assigned unique identifier for a server that the users are
+    #   assigned to.
     #   @return [String]
     #
     # @!attribute [rw] users
@@ -1177,42 +1317,38 @@ module Aws::Transfer
     # specified.
     #
     # @!attribute [rw] arn
-    #   Specifies the unique Amazon Resource Name (ARN) for a file transfer
-    #   protocol-enabled server to be listed.
+    #   Specifies the unique Amazon Resource Name (ARN) for a server to be
+    #   listed.
     #   @return [String]
     #
     # @!attribute [rw] identity_provider_type
     #   Specifies the authentication method used to validate a user for a
-    #   file transfer protocol-enabled server that was specified. This can
-    #   include Secure Shell (SSH), user name and password combinations, or
-    #   your own custom authentication method. Valid values include
-    #   `SERVICE_MANAGED` or `API_GATEWAY`.
+    #   server that was specified. This can include Secure Shell (SSH), user
+    #   name and password combinations, or your own custom authentication
+    #   method. Valid values include `SERVICE_MANAGED` or `API_GATEWAY`.
     #   @return [String]
     #
     # @!attribute [rw] endpoint_type
-    #   Specifies the type of VPC endpoint that your file transfer
-    #   protocol-enabled server is connected to. If your server is connected
-    #   to a VPC endpoint, your server isn't accessible over the public
-    #   internet.
+    #   Specifies the type of VPC endpoint that your server is connected to.
+    #   If your server is connected to a VPC endpoint, your server isn't
+    #   accessible over the public internet.
     #   @return [String]
     #
     # @!attribute [rw] logging_role
     #   Specifies the AWS Identity and Access Management (IAM) role that
-    #   allows a file transfer protocol-enabled server to turn on Amazon
-    #   CloudWatch logging.
+    #   allows a server to turn on Amazon CloudWatch logging.
     #   @return [String]
     #
     # @!attribute [rw] server_id
-    #   Specifies the unique system assigned identifier for a file transfer
-    #   protocol-enabled servers that were listed.
+    #   Specifies the unique system assigned identifier for the servers that
+    #   were listed.
     #   @return [String]
     #
     # @!attribute [rw] state
-    #   Specifies the condition of a file transfer protocol-enabled server
-    #   for the server that was described. A value of `ONLINE` indicates
-    #   that the server can accept jobs and transfer files. A `State` value
-    #   of `OFFLINE` means that the server cannot perform file transfer
-    #   operations.
+    #   Specifies the condition of a server for the server that was
+    #   described. A value of `ONLINE` indicates that the server can accept
+    #   jobs and transfer files. A `State` value of `OFFLINE` means that the
+    #   server cannot perform file transfer operations.
     #
     #   The states of `STARTING` and `STOPPING` indicate that the server is
     #   in an intermediate state, either not fully able to respond, or not
@@ -1221,8 +1357,8 @@ module Aws::Transfer
     #   @return [String]
     #
     # @!attribute [rw] user_count
-    #   Specifies the number of users that are assigned to a file transfer
-    #   protocol-enabled server you specified with the `ServerId`.
+    #   Specifies the number of users that are assigned to a server you
+    #   specified with the `ServerId`.
     #   @return [Integer]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListedServer AWS API Documentation
@@ -1389,8 +1525,7 @@ module Aws::Transfer
     #       }
     #
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server that you start.
+    #   A system-assigned unique identifier for a server that you start.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/StartServerRequest AWS API Documentation
@@ -1409,8 +1544,7 @@ module Aws::Transfer
     #       }
     #
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server that you stopped.
+    #   A system-assigned unique identifier for a server that you stopped.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/StopServerRequest AWS API Documentation
@@ -1499,9 +1633,8 @@ module Aws::Transfer
     #       }
     #
     # @!attribute [rw] server_id
-    #   A system-assigned identifier for a specific file transfer
-    #   protocol-enabled server. That server's user authentication method
-    #   is tested with a user name and password.
+    #   A system-assigned identifier for a specific server. That server's
+    #   user authentication method is tested with a user name and password.
     #   @return [String]
     #
     # @!attribute [rw] server_protocol
@@ -1621,6 +1754,7 @@ module Aws::Transfer
     #           subnet_ids: ["SubnetId"],
     #           vpc_endpoint_id: "VpcEndpointId",
     #           vpc_id: "VpcId",
+    #           security_group_ids: ["SecurityGroupId"],
     #         },
     #         endpoint_type: "PUBLIC", # accepts PUBLIC, VPC, VPC_ENDPOINT
     #         host_key: "HostKey",
@@ -1630,6 +1764,7 @@ module Aws::Transfer
     #         },
     #         logging_role: "NullableRole",
     #         protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
+    #         security_policy_name: "SecurityPolicyName",
     #         server_id: "ServerId", # required
     #       }
     #
@@ -1675,18 +1810,17 @@ module Aws::Transfer
     #
     # @!attribute [rw] endpoint_details
     #   The virtual private cloud (VPC) endpoint settings that are
-    #   configured for your file transfer protocol-enabled server. With a
-    #   VPC endpoint, you can restrict access to your server to resources
-    #   only within your VPC. To control incoming internet traffic, you will
-    #   need to associate one or more Elastic IP addresses with your
-    #   server's endpoint.
+    #   configured for your server. With a VPC endpoint, you can restrict
+    #   access to your server to resources only within your VPC. To control
+    #   incoming internet traffic, you will need to associate one or more
+    #   Elastic IP addresses with your server's endpoint.
     #   @return [Types::EndpointDetails]
     #
     # @!attribute [rw] endpoint_type
-    #   The type of endpoint that you want your file transfer
-    #   protocol-enabled server to connect to. You can choose to connect to
-    #   the public internet or a VPC endpoint. With a VPC endpoint, you can
-    #   restrict access to your server and resources only within your VPC.
+    #   The type of endpoint that you want your server to connect to. You
+    #   can choose to connect to the public internet or a VPC endpoint. With
+    #   a VPC endpoint, you can restrict access to your server and resources
+    #   only within your VPC.
     #
     #   <note markdown="1"> It is recommended that you use `VPC` as the `EndpointType`. With
     #   this endpoint type, you have the option to directly associate up to
@@ -1703,9 +1837,8 @@ module Aws::Transfer
     #   my-new-server-key`.
     #
     #   If you aren't planning to migrate existing users from an existing
-    #   file transfer protocol-enabled server to a new server, don't update
-    #   the host key. Accidentally changing a server's host key can be
-    #   disruptive.
+    #   server to a new server, don't update the host key. Accidentally
+    #   changing a server's host key can be disruptive.
     #
     #   For more information, see [Change the host key for your SFTP-enabled
     #   server][1] in the *AWS Transfer Family User Guide*.
@@ -1757,10 +1890,14 @@ module Aws::Transfer
     #    </note>
     #   @return [Array<String>]
     #
+    # @!attribute [rw] security_policy_name
+    #   Specifies the name of the security policy that is attached to the
+    #   server.
+    #   @return [String]
+    #
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server instance that the user account is assigned
-    #   to.
+    #   A system-assigned unique identifier for a server instance that the
+    #   user account is assigned to.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateServerRequest AWS API Documentation
@@ -1773,14 +1910,15 @@ module Aws::Transfer
       :identity_provider_details,
       :logging_role,
       :protocols,
+      :security_policy_name,
       :server_id)
       SENSITIVE = [:host_key]
       include Aws::Structure
     end
 
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server that the user account is assigned to.
+    #   A system-assigned unique identifier for a server that the user
+    #   account is assigned to.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateServerResponse AWS API Documentation
@@ -1811,20 +1949,18 @@ module Aws::Transfer
     #
     # @!attribute [rw] home_directory
     #   Specifies the landing directory (folder) for a user when they log in
-    #   to the file transfer protocol-enabled server using their file
-    #   transfer protocol client.
+    #   to the server using their file transfer protocol client.
     #
     #   An example is `your-Amazon-S3-bucket-name>/home/username`.
     #   @return [String]
     #
     # @!attribute [rw] home_directory_type
     #   The type of landing directory (folder) you want your users' home
-    #   directory to be when they log into the file transfer
-    #   protocol-enabled server. If you set it to `PATH`, the user will see
-    #   the absolute Amazon S3 bucket paths as is in their file transfer
-    #   protocol clients. If you set it `LOGICAL`, you will need to provide
-    #   mappings in the `HomeDirectoryMappings` for how you want to make
-    #   Amazon S3 paths visible to your users.
+    #   directory to be when they log into the server. If you set it to
+    #   `PATH`, the user will see the absolute Amazon S3 bucket paths as is
+    #   in their file transfer protocol clients. If you set it `LOGICAL`,
+    #   you will need to provide mappings in the `HomeDirectoryMappings` for
+    #   how you want to make Amazon S3 paths visible to your users.
     #   @return [String]
     #
     # @!attribute [rw] home_directory_mappings
@@ -1848,7 +1984,7 @@ module Aws::Transfer
     #
     #   <note markdown="1"> If the target of a logical directory entry does not exist in Amazon
     #   S3, the entry will be ignored. As a workaround, you can use the
-    #   Amazon S3 api to create 0 byte objects as place holders for your
+    #   Amazon S3 API to create 0 byte objects as place holders for your
     #   directory. If using the CLI, use the `s3api` call instead of `s3` so
     #   you can use the put-object operation. For example, you use the
     #   following: `aws s3api put-object --bucket bucketname --key
@@ -1889,24 +2025,22 @@ module Aws::Transfer
     #   bucket. The policies attached to this role will determine the level
     #   of access you want to provide your users when transferring files
     #   into and out of your Amazon S3 bucket or buckets. The IAM role
-    #   should also contain a trust relationship that allows the file
-    #   transfer protocol-enabled server to access your resources when
-    #   servicing your users' transfer requests.
+    #   should also contain a trust relationship that allows the server to
+    #   access your resources when servicing your users' transfer requests.
     #   @return [String]
     #
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server instance that the user account is assigned
-    #   to.
+    #   A system-assigned unique identifier for a server instance that the
+    #   user account is assigned to.
     #   @return [String]
     #
     # @!attribute [rw] user_name
-    #   A unique string that identifies a user and is associated with a file
-    #   transfer protocol-enabled server as specified by the `ServerId`.
-    #   This is the string that will be used by your user when they log in
-    #   to your server. This user name is a minimum of 3 and a maximum of 32
-    #   characters long. The following are valid characters: a-z, A-Z, 0-9,
-    #   underscore, and hyphen. The user name can't start with a hyphen.
+    #   A unique string that identifies a user and is associated with a
+    #   server as specified by the `ServerId`. This user name must be a
+    #   minimum of 3 and a maximum of 100 characters long. The following are
+    #   valid characters: a-z, A-Z, 0-9, underscore '\_', hyphen '-',
+    #   period '.', and at sign '@'. The user name can't start with a
+    #   hyphen, period, or at sign.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateUserRequest AWS API Documentation
@@ -1923,19 +2057,17 @@ module Aws::Transfer
       include Aws::Structure
     end
 
-    # `UpdateUserResponse` returns the user name and file transfer
-    # protocol-enabled server identifier for the request to update a user's
-    # properties.
+    # `UpdateUserResponse` returns the user name and identifier for the
+    # request to update a user's properties.
     #
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a file transfer
-    #   protocol-enabled server instance that the user account is assigned
-    #   to.
+    #   A system-assigned unique identifier for a server instance that the
+    #   user account is assigned to.
     #   @return [String]
     #
     # @!attribute [rw] user_name
-    #   The unique identifier for a user that is assigned to a file transfer
-    #   protocol-enabled server instance that was specified in the request.
+    #   The unique identifier for a user that is assigned to a server
+    #   instance that was specified in the request.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateUserResponse AWS API Documentation