aws-sdk-transfer 1.33.0 → 1.37.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-transfer.rb +1 -1
- data/lib/aws-sdk-transfer/client.rb +263 -240
- data/lib/aws-sdk-transfer/client_api.rb +7 -0
- data/lib/aws-sdk-transfer/types.rb +502 -369
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c3a1a9c48a2dc00a0fba9496de66fe23a05219e05566f55cf25d364323885ecd
|
4
|
+
data.tar.gz: 96fb99b40ad2d8139b73205ff6aaaadae77725e63bd1847a3923c976267085d3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e13418134a55a0e4f5cd32870f1ef072092d3e531b0303dd5d33dec413029867283b7f9d8373c330640f83e25b3103c71799c5d598bf226a20a11a24caca01d9
|
7
|
+
data.tar.gz: 66e3d496bb368ccfd8e5ae231bfb0892176e07237a3c4e3475e1f0d015b67041a6c0a61a050c19f31470c8303a049a84b4e359ed4be9a574b6877120be3cbde4
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,26 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.37.0 (2021-07-30)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
8
|
+
|
9
|
+
1.36.0 (2021-07-28)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
13
|
+
|
14
|
+
1.35.0 (2021-06-24)
|
15
|
+
------------------
|
16
|
+
|
17
|
+
* Feature - Customers can successfully use legacy clients with Transfer Family endpoints enabled for FTPS and FTP behind routers, firewalls, and load balancers by providing a Custom IP address used for data channel communication.
|
18
|
+
|
19
|
+
1.34.0 (2021-06-09)
|
20
|
+
------------------
|
21
|
+
|
22
|
+
* Feature - Documentation updates for the AWS Transfer Family service.
|
23
|
+
|
4
24
|
1.33.0 (2021-05-25)
|
5
25
|
------------------
|
6
26
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.37.0
|
data/lib/aws-sdk-transfer.rb
CHANGED
@@ -339,36 +339,37 @@ module Aws::Transfer
|
|
339
339
|
|
340
340
|
# Used by administrators to choose which groups in the directory should
|
341
341
|
# have access to upload and download files over the enabled protocols
|
342
|
-
# using
|
343
|
-
# might contain 50,000 users, but only a small fraction
|
344
|
-
# ability to transfer files to the server. An
|
345
|
-
# `CreateAccess` to limit the access to the
|
346
|
-
# need this ability.
|
342
|
+
# using Amazon Web Services Transfer Family. For example, a Microsoft
|
343
|
+
# Active Directory might contain 50,000 users, but only a small fraction
|
344
|
+
# might need the ability to transfer files to the server. An
|
345
|
+
# administrator can use `CreateAccess` to limit the access to the
|
346
|
+
# correct set of users who need this ability.
|
347
347
|
#
|
348
348
|
# @option params [String] :home_directory
|
349
349
|
# The landing directory (folder) for a user when they log in to the
|
350
350
|
# server using the client.
|
351
351
|
#
|
352
|
-
# A `HomeDirectory` example is `/
|
352
|
+
# A `HomeDirectory` example is `/bucket_name/home/mydirectory`.
|
353
353
|
#
|
354
354
|
# @option params [String] :home_directory_type
|
355
|
-
# The type of landing directory (folder)
|
356
|
-
# directory to be when they log
|
357
|
-
# `PATH`, the user will see the absolute Amazon S3 bucket
|
358
|
-
# their file transfer protocol clients. If you set it
|
359
|
-
#
|
360
|
-
# to make Amazon S3
|
355
|
+
# The type of landing directory (folder) you want your users' home
|
356
|
+
# directory to be when they log into the server. If you set it to
|
357
|
+
# `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
|
358
|
+
# as is in their file transfer protocol clients. If you set it
|
359
|
+
# `LOGICAL`, you will need to provide mappings in the
|
360
|
+
# `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
|
361
|
+
# paths visible to your users.
|
361
362
|
#
|
362
363
|
# @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
|
363
364
|
# Logical directory mappings that specify what Amazon S3 or Amazon EFS
|
364
365
|
# paths and keys should be visible to your user and how you want to make
|
365
366
|
# them visible. You must specify the `Entry` and `Target` pair, where
|
366
367
|
# `Entry` shows how the path is made visible and `Target` is the actual
|
367
|
-
# Amazon S3 or Amazon EFS path. If you only specify a target, it
|
368
|
-
# displayed as is. You also must ensure that your
|
369
|
-
# Access Management (IAM) role provides access to paths in
|
370
|
-
# This value can only be set when `HomeDirectoryType` is set
|
371
|
-
# *LOGICAL*.
|
368
|
+
# Amazon S3 or Amazon EFS path. If you only specify a target, it is
|
369
|
+
# displayed as is. You also must ensure that your Amazon Web Services
|
370
|
+
# Identity and Access Management (IAM) role provides access to paths in
|
371
|
+
# `Target`. This value can only be set when `HomeDirectoryType` is set
|
372
|
+
# to *LOGICAL*.
|
372
373
|
#
|
373
374
|
# The following is an `Entry` and `Target` pair example.
|
374
375
|
#
|
@@ -382,24 +383,19 @@ module Aws::Transfer
|
|
382
383
|
#
|
383
384
|
# The following is an `Entry` and `Target` pair example for `chroot`.
|
384
385
|
#
|
385
|
-
# `[ \{ "Entry": "/", "Target": "/bucket_name/home/mydirectory" \} ]`
|
386
|
+
# `[ \{ "Entry:": "/", "Target": "/bucket_name/home/mydirectory" \} ]`
|
386
387
|
#
|
387
388
|
# <note markdown="1"> If the target of a logical directory entry does not exist in Amazon S3
|
388
|
-
# or
|
389
|
-
#
|
390
|
-
#
|
391
|
-
#
|
392
|
-
#
|
393
|
-
#
|
394
|
-
#
|
395
|
-
#
|
396
|
-
# The end of the key name must end in a `/` for it to be considered a
|
397
|
-
# folder.
|
389
|
+
# or EFS, the entry is ignored. As a workaround, you can use the Amazon
|
390
|
+
# S3 API or EFS API to create 0 byte objects as place holders for your
|
391
|
+
# directory. If using the CLI, use the `s3api` or `efsapi` call instead
|
392
|
+
# of `s3` or `efs` so you can use the put-object operation. For example,
|
393
|
+
# you use the following: `aws s3api put-object --bucket bucketname --key
|
394
|
+
# path/to/folder/`. Make sure that the end of the key name ends in a `/`
|
395
|
+
# for it to be considered a folder.
|
398
396
|
#
|
399
397
|
# </note>
|
400
398
|
#
|
401
|
-
# Required: No
|
402
|
-
#
|
403
399
|
# @option params [String] :policy
|
404
400
|
# A scope-down policy for your user so that you can use the same IAM
|
405
401
|
# role across multiple users. This policy scopes down user access to
|
@@ -408,18 +404,18 @@ module Aws::Transfer
|
|
408
404
|
# `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
|
409
405
|
#
|
410
406
|
# <note markdown="1"> This only applies when domain of `ServerId` is S3. Amazon EFS does not
|
411
|
-
# use scope
|
407
|
+
# use scope-down policies.
|
412
408
|
#
|
413
|
-
# For scope-down policies,
|
414
|
-
# JSON blob, instead of the Amazon Resource Name (ARN)
|
415
|
-
# You save the policy as a JSON blob and pass it in the
|
416
|
-
# argument.
|
409
|
+
# For scope-down policies, Amazon Web Services Transfer Family stores
|
410
|
+
# the policy as a JSON blob, instead of the Amazon Resource Name (ARN)
|
411
|
+
# of the policy. You save the policy as a JSON blob and pass it in the
|
412
|
+
# `Policy` argument.
|
417
413
|
#
|
418
414
|
# For an example of a scope-down policy, see [Example scope-down
|
419
415
|
# policy][1].
|
420
416
|
#
|
421
|
-
# For more information, see [AssumeRole][2] in the *
|
422
|
-
# Service API Reference*.
|
417
|
+
# For more information, see [AssumeRole][2] in the *Amazon Web Services
|
418
|
+
# Security Token Service API Reference*.
|
423
419
|
#
|
424
420
|
# </note>
|
425
421
|
#
|
@@ -437,13 +433,13 @@ module Aws::Transfer
|
|
437
433
|
# out of your Amazon EFS file systems.
|
438
434
|
#
|
439
435
|
# @option params [required, String] :role
|
440
|
-
# Specifies the
|
441
|
-
# Amazon S3 bucket or EFS file system. The
|
442
|
-
# role determine the level of access that you
|
443
|
-
# when transferring files into and out of
|
444
|
-
# file system. The IAM role should also
|
445
|
-
# that allows the server to access your
|
446
|
-
# users' transfer requests.
|
436
|
+
# Specifies the Amazon Resource Name (ARN) of the IAM role that controls
|
437
|
+
# your users' access to your Amazon S3 bucket or EFS file system. The
|
438
|
+
# policies attached to this role determine the level of access that you
|
439
|
+
# want to provide your users when transferring files into and out of
|
440
|
+
# your Amazon S3 bucket or EFS file system. The IAM role should also
|
441
|
+
# contain a trust relationship that allows the server to access your
|
442
|
+
# resources when servicing your users' transfer requests.
|
447
443
|
#
|
448
444
|
# @option params [required, String] :server_id
|
449
445
|
# A system-assigned unique identifier for a server instance. This is the
|
@@ -453,12 +449,12 @@ module Aws::Transfer
|
|
453
449
|
# A unique identifier that is required to identify specific groups
|
454
450
|
# within your directory. The users of the group that you associate have
|
455
451
|
# access to your Amazon S3 or Amazon EFS resources over the enabled
|
456
|
-
# protocols using
|
457
|
-
# can view the SID values by running the following
|
458
|
-
# PowerShell.
|
452
|
+
# protocols using Amazon Web Services Transfer Family. If you know the
|
453
|
+
# group name, you can view the SID values by running the following
|
454
|
+
# command using Windows PowerShell.
|
459
455
|
#
|
460
456
|
# `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\}
|
461
|
-
# -Properties * | Select
|
457
|
+
# -Properties * | Select SamAccountName,ObjectSid`
|
462
458
|
#
|
463
459
|
# In that command, replace *YourGroupName* with the name of your Active
|
464
460
|
# Directory group.
|
@@ -510,25 +506,26 @@ module Aws::Transfer
|
|
510
506
|
end
|
511
507
|
|
512
508
|
# Instantiates an auto-scaling virtual server based on the selected file
|
513
|
-
# transfer protocol in
|
514
|
-
# protocol-enabled server or when you work with
|
515
|
-
# service-generated `ServerId` property that is assigned
|
516
|
-
# created server.
|
509
|
+
# transfer protocol in Amazon Web Services. When you make updates to
|
510
|
+
# your file transfer protocol-enabled server or when you work with
|
511
|
+
# users, use the service-generated `ServerId` property that is assigned
|
512
|
+
# to the newly created server.
|
517
513
|
#
|
518
514
|
# @option params [String] :certificate
|
519
|
-
# The Amazon Resource Name (ARN) of the
|
520
|
-
# certificate. Required when `Protocols` is set to `FTPS`.
|
515
|
+
# The Amazon Resource Name (ARN) of the Amazon Web Services Certificate
|
516
|
+
# Manager (ACM) certificate. Required when `Protocols` is set to `FTPS`.
|
521
517
|
#
|
522
518
|
# To request a new public certificate, see [Request a public
|
523
|
-
# certificate][1] in the <i>
|
519
|
+
# certificate][1] in the <i> Amazon Web Services Certificate Manager
|
520
|
+
# User Guide</i>.
|
524
521
|
#
|
525
522
|
# To import an existing certificate into ACM, see [Importing
|
526
|
-
# certificates into ACM][2] in the <i>
|
527
|
-
# Guide</i>.
|
523
|
+
# certificates into ACM][2] in the <i> Amazon Web Services Certificate
|
524
|
+
# Manager User Guide</i>.
|
528
525
|
#
|
529
526
|
# To request a private certificate to use FTPS through private IP
|
530
|
-
# addresses, see [Request a private certificate][3] in the <i>
|
531
|
-
# Certificate Manager User Guide</i>.
|
527
|
+
# addresses, see [Request a private certificate][3] in the <i> Amazon
|
528
|
+
# Web Services Certificate Manager User Guide</i>.
|
532
529
|
#
|
533
530
|
# Certificates with the following cryptographic algorithms and key sizes
|
534
531
|
# are supported:
|
@@ -580,12 +577,12 @@ module Aws::Transfer
|
|
580
577
|
# choose to make it internet facing by attaching Elastic IP addresses
|
581
578
|
# directly to it.
|
582
579
|
#
|
583
|
-
# <note markdown="1"> After
|
584
|
-
# `EndpointType=VPC_ENDPOINT` in your
|
585
|
-
# hasn't already done so before
|
586
|
-
# created servers with `EndpointType=VPC_ENDPOINT` in your
|
587
|
-
# on or before
|
588
|
-
# date, use `EndpointType`=`VPC`.
|
580
|
+
# <note markdown="1"> After May 19, 2021, you won't be able to create a server using
|
581
|
+
# `EndpointType=VPC_ENDPOINT` in your Amazon Web Services account if
|
582
|
+
# your account hasn't already done so before May 19, 2021. If you have
|
583
|
+
# already created servers with `EndpointType=VPC_ENDPOINT` in your
|
584
|
+
# Amazon Web Services account on or before May 19, 2021, you will not be
|
585
|
+
# affected. After this date, use `EndpointType`=`VPC`.
|
589
586
|
#
|
590
587
|
# For more information, see
|
591
588
|
# https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.
|
@@ -608,7 +605,7 @@ module Aws::Transfer
|
|
608
605
|
# Accidentally changing a server's host key can be disruptive.
|
609
606
|
#
|
610
607
|
# For more information, see [Change the host key for your SFTP-enabled
|
611
|
-
# server][1] in the *
|
608
|
+
# server][1] in the *Amazon Web Services Transfer Family User Guide*.
|
612
609
|
#
|
613
610
|
#
|
614
611
|
#
|
@@ -624,20 +621,24 @@ module Aws::Transfer
|
|
624
621
|
# @option params [String] :identity_provider_type
|
625
622
|
# Specifies the mode of authentication for a server. The default value
|
626
623
|
# is `SERVICE_MANAGED`, which allows you to store and access user
|
627
|
-
# credentials within the
|
628
|
-
#
|
629
|
-
#
|
630
|
-
#
|
631
|
-
#
|
632
|
-
#
|
633
|
-
#
|
634
|
-
#
|
635
|
-
#
|
636
|
-
#
|
624
|
+
# credentials within the Amazon Web Services Transfer Family service.
|
625
|
+
#
|
626
|
+
# Use `AWS_DIRECTORY_SERVICE` to provide access to Active Directory
|
627
|
+
# groups in Amazon Web Services Managed Active Directory or Microsoft
|
628
|
+
# Active Directory in your on-premises environment or in Amazon Web
|
629
|
+
# Services using AD Connectors. This option also requires you to provide
|
630
|
+
# a Directory ID using the `IdentityProviderDetails` parameter.
|
631
|
+
#
|
632
|
+
# Use the `API_GATEWAY` value to integrate with an identity provider of
|
633
|
+
# your choosing. The `API_GATEWAY` setting requires you to provide an
|
634
|
+
# API Gateway endpoint URL to call for authentication using the
|
635
|
+
# `IdentityProviderDetails` parameter.
|
637
636
|
#
|
638
637
|
# @option params [String] :logging_role
|
639
|
-
#
|
640
|
-
#
|
638
|
+
# Specifies the Amazon Resource Name (ARN) of the Amazon Web Services
|
639
|
+
# Identity and Access Management (IAM) role that allows a server to turn
|
640
|
+
# on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When
|
641
|
+
# set, user activity can be viewed in your CloudWatch logs.
|
641
642
|
#
|
642
643
|
# @option params [Array<String>] :protocols
|
643
644
|
# Specifies the file transfer protocol or protocols over which your file
|
@@ -652,9 +653,9 @@ module Aws::Transfer
|
|
652
653
|
#
|
653
654
|
# * `FTP` (File Transfer Protocol): Unencrypted file transfer
|
654
655
|
#
|
655
|
-
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in
|
656
|
-
# Certificate Manager (ACM) which
|
657
|
-
# when clients connect to it over FTPS.
|
656
|
+
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in Amazon
|
657
|
+
# Web Services Certificate Manager (ACM) which is used to identify your
|
658
|
+
# server when clients connect to it over FTPS.
|
658
659
|
#
|
659
660
|
# If `Protocol` includes either `FTP` or `FTPS`, then the `EndpointType`
|
660
661
|
# must be `VPC` and the `IdentityProviderType` must be
|
@@ -729,9 +730,9 @@ module Aws::Transfer
|
|
729
730
|
# servers that have the `IdentityProviderType` set to `SERVICE_MANAGED`.
|
730
731
|
# Using parameters for `CreateUser`, you can specify the user name, set
|
731
732
|
# the home directory, store the user's public key, and assign the
|
732
|
-
# user's
|
733
|
-
# optionally add a scope-down policy, and assign metadata
|
734
|
-
# can be used to group and search for users.
|
733
|
+
# user's Amazon Web Services Identity and Access Management (IAM) role.
|
734
|
+
# You can also optionally add a scope-down policy, and assign metadata
|
735
|
+
# with tags that can be used to group and search for users.
|
735
736
|
#
|
736
737
|
# @option params [String] :home_directory
|
737
738
|
# The landing directory (folder) for a user when they log in to the
|
@@ -742,20 +743,22 @@ module Aws::Transfer
|
|
742
743
|
# @option params [String] :home_directory_type
|
743
744
|
# The type of landing directory (folder) you want your users' home
|
744
745
|
# directory to be when they log into the server. If you set it to
|
745
|
-
# `PATH`, the user will see the absolute Amazon S3 bucket
|
746
|
-
# their file transfer protocol clients. If you set it
|
747
|
-
# will need to provide mappings in the
|
748
|
-
# you want to make Amazon S3
|
746
|
+
# `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
|
747
|
+
# as is in their file transfer protocol clients. If you set it
|
748
|
+
# `LOGICAL`, you will need to provide mappings in the
|
749
|
+
# `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
|
750
|
+
# paths visible to your users.
|
749
751
|
#
|
750
752
|
# @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
|
751
|
-
# Logical directory mappings that specify what Amazon S3 or EFS
|
752
|
-
# and keys should be visible to your user and how you want to make
|
753
|
-
# visible. You
|
753
|
+
# Logical directory mappings that specify what Amazon S3 or Amazon EFS
|
754
|
+
# paths and keys should be visible to your user and how you want to make
|
755
|
+
# them visible. You must specify the `Entry` and `Target` pair, where
|
754
756
|
# `Entry` shows how the path is made visible and `Target` is the actual
|
755
|
-
# Amazon S3 or EFS path. If you only specify a target, it
|
756
|
-
# displayed as is. You
|
757
|
-
#
|
758
|
-
# `HomeDirectoryType` is set
|
757
|
+
# Amazon S3 or Amazon EFS path. If you only specify a target, it is
|
758
|
+
# displayed as is. You also must ensure that your Amazon Web Services
|
759
|
+
# Identity and Access Management (IAM) role provides access to paths in
|
760
|
+
# `Target`. This value can only be set when `HomeDirectoryType` is set
|
761
|
+
# to *LOGICAL*.
|
759
762
|
#
|
760
763
|
# The following is an `Entry` and `Target` pair example.
|
761
764
|
#
|
@@ -769,39 +772,39 @@ module Aws::Transfer
|
|
769
772
|
#
|
770
773
|
# The following is an `Entry` and `Target` pair example for `chroot`.
|
771
774
|
#
|
772
|
-
# `[ \{ "Entry": "/", "Target": "/bucket_name/home/mydirectory" \} ]`
|
775
|
+
# `[ \{ "Entry:": "/", "Target": "/bucket_name/home/mydirectory" \} ]`
|
773
776
|
#
|
774
777
|
# <note markdown="1"> If the target of a logical directory entry does not exist in Amazon S3
|
775
|
-
# or EFS, the entry
|
776
|
-
#
|
777
|
-
#
|
778
|
-
#
|
779
|
-
#
|
780
|
-
#
|
781
|
-
#
|
778
|
+
# or EFS, the entry is ignored. As a workaround, you can use the Amazon
|
779
|
+
# S3 API or EFS API to create 0 byte objects as place holders for your
|
780
|
+
# directory. If using the CLI, use the `s3api` or `efsapi` call instead
|
781
|
+
# of `s3` or `efs` so you can use the put-object operation. For example,
|
782
|
+
# you use the following: `aws s3api put-object --bucket bucketname --key
|
783
|
+
# path/to/folder/`. Make sure that the end of the key name ends in a `/`
|
784
|
+
# for it to be considered a folder.
|
782
785
|
#
|
783
786
|
# </note>
|
784
787
|
#
|
785
788
|
# @option params [String] :policy
|
786
|
-
# A scope-down policy for your user so you can use the same IAM
|
787
|
-
# across multiple users. This policy scopes down user access to
|
788
|
-
# of their Amazon S3 bucket. Variables that you can use inside
|
789
|
-
# policy include `$\{Transfer:UserName\}`,
|
789
|
+
# A scope-down policy for your user so that you can use the same IAM
|
790
|
+
# role across multiple users. This policy scopes down user access to
|
791
|
+
# portions of their Amazon S3 bucket. Variables that you can use inside
|
792
|
+
# this policy include `$\{Transfer:UserName\}`,
|
790
793
|
# `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
|
791
794
|
#
|
792
795
|
# <note markdown="1"> This only applies when domain of ServerId is S3. EFS does not use
|
793
796
|
# scope down policy.
|
794
797
|
#
|
795
|
-
# For scope-down policies,
|
796
|
-
# JSON blob, instead of the Amazon Resource Name (ARN)
|
797
|
-
# You save the policy as a JSON blob and pass it in the
|
798
|
-
# argument.
|
798
|
+
# For scope-down policies, Amazon Web Services Transfer Family stores
|
799
|
+
# the policy as a JSON blob, instead of the Amazon Resource Name (ARN)
|
800
|
+
# of the policy. You save the policy as a JSON blob and pass it in the
|
801
|
+
# `Policy` argument.
|
799
802
|
#
|
800
803
|
# For an example of a scope-down policy, see [Example scope-down
|
801
804
|
# policy][1].
|
802
805
|
#
|
803
|
-
# For more information, see [AssumeRole][2] in the *
|
804
|
-
# Service API Reference*.
|
806
|
+
# For more information, see [AssumeRole][2] in the *Amazon Web Services
|
807
|
+
# Security Token Service API Reference*.
|
805
808
|
#
|
806
809
|
# </note>
|
807
810
|
#
|
@@ -819,13 +822,13 @@ module Aws::Transfer
|
|
819
822
|
# into and out of your Amazon EFS file systems.
|
820
823
|
#
|
821
824
|
# @option params [required, String] :role
|
822
|
-
# Specifies the
|
823
|
-
# Amazon S3 bucket or EFS file system. The
|
824
|
-
# role
|
825
|
-
# when transferring files into and out of
|
826
|
-
# file system. The IAM role should also
|
827
|
-
# that allows the server to access your
|
828
|
-
# users' transfer requests.
|
825
|
+
# Specifies the Amazon Resource Name (ARN) of the IAM role that controls
|
826
|
+
# your users' access to your Amazon S3 bucket or EFS file system. The
|
827
|
+
# policies attached to this role determine the level of access that you
|
828
|
+
# want to provide your users when transferring files into and out of
|
829
|
+
# your Amazon S3 bucket or EFS file system. The IAM role should also
|
830
|
+
# contain a trust relationship that allows the server to access your
|
831
|
+
# resources when servicing your users' transfer requests.
|
829
832
|
#
|
830
833
|
# @option params [required, String] :server_id
|
831
834
|
# A system-assigned unique identifier for a server instance. This is the
|
@@ -906,12 +909,12 @@ module Aws::Transfer
|
|
906
909
|
# A unique identifier that is required to identify specific groups
|
907
910
|
# within your directory. The users of the group that you associate have
|
908
911
|
# access to your Amazon S3 or Amazon EFS resources over the enabled
|
909
|
-
# protocols using
|
910
|
-
# can view the SID values by running the following
|
911
|
-
# PowerShell.
|
912
|
+
# protocols using Amazon Web Services Transfer Family. If you know the
|
913
|
+
# group name, you can view the SID values by running the following
|
914
|
+
# command using Windows PowerShell.
|
912
915
|
#
|
913
916
|
# `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\}
|
914
|
-
# -Properties * | Select
|
917
|
+
# -Properties * | Select SamAccountName,ObjectSid`
|
915
918
|
#
|
916
919
|
# In that command, replace *YourGroupName* with the name of your Active
|
917
920
|
# Directory group.
|
@@ -1045,14 +1048,14 @@ module Aws::Transfer
|
|
1045
1048
|
#
|
1046
1049
|
# @option params [required, String] :external_id
|
1047
1050
|
# A unique identifier that is required to identify specific groups
|
1048
|
-
# within your directory. The users of the group you associate have
|
1051
|
+
# within your directory. The users of the group that you associate have
|
1049
1052
|
# access to your Amazon S3 or Amazon EFS resources over the enabled
|
1050
|
-
# protocols using
|
1051
|
-
# can view the SID values by running the following
|
1052
|
-
# PowerShell.
|
1053
|
+
# protocols using Amazon Web Services Transfer Family. If you know the
|
1054
|
+
# group name, you can view the SID values by running the following
|
1055
|
+
# command using Windows PowerShell.
|
1053
1056
|
#
|
1054
1057
|
# `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\}
|
1055
|
-
# -Properties * | Select
|
1058
|
+
# -Properties * | Select SamAccountName,ObjectSid`
|
1056
1059
|
#
|
1057
1060
|
# In that command, replace *YourGroupName* with the name of your Active
|
1058
1061
|
# Directory group.
|
@@ -1168,6 +1171,7 @@ module Aws::Transfer
|
|
1168
1171
|
#
|
1169
1172
|
# resp.server.arn #=> String
|
1170
1173
|
# resp.server.certificate #=> String
|
1174
|
+
# resp.server.protocol_details.passive_ip #=> String
|
1171
1175
|
# resp.server.domain #=> String, one of "S3", "EFS"
|
1172
1176
|
# resp.server.endpoint_details.address_allocation_ids #=> Array
|
1173
1177
|
# resp.server.endpoint_details.address_allocation_ids[0] #=> String
|
@@ -1215,8 +1219,8 @@ module Aws::Transfer
|
|
1215
1219
|
#
|
1216
1220
|
# @option params [required, String] :user_name
|
1217
1221
|
# The name of the user assigned to one or more servers. User names are
|
1218
|
-
# part of the sign-in credentials to use the
|
1219
|
-
# and perform file transfer tasks.
|
1222
|
+
# part of the sign-in credentials to use the Amazon Web Services
|
1223
|
+
# Transfer Family service and perform file transfer tasks.
|
1220
1224
|
#
|
1221
1225
|
# @return [Types::DescribeUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1222
1226
|
#
|
@@ -1401,7 +1405,7 @@ module Aws::Transfer
|
|
1401
1405
|
end
|
1402
1406
|
|
1403
1407
|
# Lists the file transfer protocol-enabled servers that are associated
|
1404
|
-
# with your
|
1408
|
+
# with your Amazon Web Services account.
|
1405
1409
|
#
|
1406
1410
|
# @option params [Integer] :max_results
|
1407
1411
|
# Specifies the number of servers to return as a response to the
|
@@ -1454,8 +1458,8 @@ module Aws::Transfer
|
|
1454
1458
|
#
|
1455
1459
|
# @option params [required, String] :arn
|
1456
1460
|
# Requests the tags associated with a particular Amazon Resource Name
|
1457
|
-
# (ARN). An ARN is an identifier for a specific
|
1458
|
-
# server, user, or role.
|
1461
|
+
# (ARN). An ARN is an identifier for a specific Amazon Web Services
|
1462
|
+
# resource, such as a server, user, or role.
|
1459
1463
|
#
|
1460
1464
|
# @option params [Integer] :max_results
|
1461
1465
|
# Specifies the number of tags to return as a response to the
|
@@ -1629,8 +1633,8 @@ module Aws::Transfer
|
|
1629
1633
|
# There is no response returned from this call.
|
1630
1634
|
#
|
1631
1635
|
# @option params [required, String] :arn
|
1632
|
-
# An Amazon Resource Name (ARN) for a specific
|
1633
|
-
# server, user, or role.
|
1636
|
+
# An Amazon Resource Name (ARN) for a specific Amazon Web Services
|
1637
|
+
# resource, such as a server, user, or role.
|
1634
1638
|
#
|
1635
1639
|
# @option params [required, Array<Types::Tag>] :tags
|
1636
1640
|
# Key-value pairs assigned to ARNs that you can use to group and search
|
@@ -1733,8 +1737,8 @@ module Aws::Transfer
|
|
1733
1737
|
#
|
1734
1738
|
# @option params [required, String] :arn
|
1735
1739
|
# The value of the resource that will have the tag removed. An Amazon
|
1736
|
-
# Resource Name (ARN) is an identifier for a specific
|
1737
|
-
# as a server, user, or role.
|
1740
|
+
# Resource Name (ARN) is an identifier for a specific Amazon Web
|
1741
|
+
# Services resource, such as a server, user, or role.
|
1738
1742
|
#
|
1739
1743
|
# @option params [required, Array<String>] :tag_keys
|
1740
1744
|
# TagKeys are key-value pairs assigned to ARNs that can be used to group
|
@@ -1766,26 +1770,27 @@ module Aws::Transfer
|
|
1766
1770
|
# The landing directory (folder) for a user when they log in to the
|
1767
1771
|
# server using the client.
|
1768
1772
|
#
|
1769
|
-
# A `HomeDirectory` example is `/
|
1773
|
+
# A `HomeDirectory` example is `/bucket_name/home/mydirectory`.
|
1770
1774
|
#
|
1771
1775
|
# @option params [String] :home_directory_type
|
1772
|
-
# The type of landing directory (folder)
|
1773
|
-
# directory to be when they log
|
1774
|
-
# `PATH`, the user will see the absolute Amazon S3 bucket
|
1775
|
-
# their file transfer protocol clients. If you set it
|
1776
|
-
#
|
1777
|
-
# to make Amazon S3
|
1776
|
+
# The type of landing directory (folder) you want your users' home
|
1777
|
+
# directory to be when they log into the server. If you set it to
|
1778
|
+
# `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
|
1779
|
+
# as is in their file transfer protocol clients. If you set it
|
1780
|
+
# `LOGICAL`, you will need to provide mappings in the
|
1781
|
+
# `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
|
1782
|
+
# paths visible to your users.
|
1778
1783
|
#
|
1779
1784
|
# @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
|
1780
1785
|
# Logical directory mappings that specify what Amazon S3 or Amazon EFS
|
1781
1786
|
# paths and keys should be visible to your user and how you want to make
|
1782
1787
|
# them visible. You must specify the `Entry` and `Target` pair, where
|
1783
1788
|
# `Entry` shows how the path is made visible and `Target` is the actual
|
1784
|
-
# Amazon S3 or Amazon EFS path. If you only specify a target, it
|
1785
|
-
# displayed as is. You also must ensure that your
|
1786
|
-
# Access Management (IAM) role provides access to paths in
|
1787
|
-
# This value can only be set when `HomeDirectoryType` is set
|
1788
|
-
# *LOGICAL*.
|
1789
|
+
# Amazon S3 or Amazon EFS path. If you only specify a target, it is
|
1790
|
+
# displayed as is. You also must ensure that your Amazon Web Services
|
1791
|
+
# Identity and Access Management (IAM) role provides access to paths in
|
1792
|
+
# `Target`. This value can only be set when `HomeDirectoryType` is set
|
1793
|
+
# to *LOGICAL*.
|
1789
1794
|
#
|
1790
1795
|
# The following is an `Entry` and `Target` pair example.
|
1791
1796
|
#
|
@@ -1799,24 +1804,19 @@ module Aws::Transfer
|
|
1799
1804
|
#
|
1800
1805
|
# The following is an `Entry` and `Target` pair example for `chroot`.
|
1801
1806
|
#
|
1802
|
-
# `[ \{ "Entry": "/", "Target": "/bucket_name/home/mydirectory" \} ]`
|
1807
|
+
# `[ \{ "Entry:": "/", "Target": "/bucket_name/home/mydirectory" \} ]`
|
1803
1808
|
#
|
1804
1809
|
# <note markdown="1"> If the target of a logical directory entry does not exist in Amazon S3
|
1805
|
-
# or
|
1806
|
-
#
|
1807
|
-
#
|
1808
|
-
#
|
1809
|
-
#
|
1810
|
-
#
|
1811
|
-
#
|
1812
|
-
#
|
1813
|
-
# The end of the key name must end in a `/` for it to be considered a
|
1814
|
-
# folder.
|
1810
|
+
# or EFS, the entry is ignored. As a workaround, you can use the Amazon
|
1811
|
+
# S3 API or EFS API to create 0 byte objects as place holders for your
|
1812
|
+
# directory. If using the CLI, use the `s3api` or `efsapi` call instead
|
1813
|
+
# of `s3` or `efs` so you can use the put-object operation. For example,
|
1814
|
+
# you use the following: `aws s3api put-object --bucket bucketname --key
|
1815
|
+
# path/to/folder/`. Make sure that the end of the key name ends in a `/`
|
1816
|
+
# for it to be considered a folder.
|
1815
1817
|
#
|
1816
1818
|
# </note>
|
1817
1819
|
#
|
1818
|
-
# Required: No
|
1819
|
-
#
|
1820
1820
|
# @option params [String] :policy
|
1821
1821
|
# A scope-down policy for your user so that you can use the same IAM
|
1822
1822
|
# role across multiple users. This policy scopes down user access to
|
@@ -1827,16 +1827,16 @@ module Aws::Transfer
|
|
1827
1827
|
# <note markdown="1"> This only applies when domain of `ServerId` is S3. Amazon EFS does not
|
1828
1828
|
# use scope down policy.
|
1829
1829
|
#
|
1830
|
-
# For scope-down policies,
|
1831
|
-
# JSON blob, instead of the Amazon Resource Name (ARN) of
|
1832
|
-
# You save the policy as a JSON blob and pass it in the
|
1833
|
-
# argument.
|
1830
|
+
# For scope-down policies, Amazon Web ServicesTransfer Family stores the
|
1831
|
+
# policy as a JSON blob, instead of the Amazon Resource Name (ARN) of
|
1832
|
+
# the policy. You save the policy as a JSON blob and pass it in the
|
1833
|
+
# `Policy` argument.
|
1834
1834
|
#
|
1835
1835
|
# For an example of a scope-down policy, see [Example scope-down
|
1836
1836
|
# policy][1].
|
1837
1837
|
#
|
1838
|
-
# For more information, see [AssumeRole][2] in the *
|
1839
|
-
# Service API Reference*.
|
1838
|
+
# For more information, see [AssumeRole][2] in the *Amazon Web
|
1839
|
+
# ServicesSecurity Token Service API Reference*.
|
1840
1840
|
#
|
1841
1841
|
# </note>
|
1842
1842
|
#
|
@@ -1854,13 +1854,13 @@ module Aws::Transfer
|
|
1854
1854
|
# out of your Amazon EFS file systems.
|
1855
1855
|
#
|
1856
1856
|
# @option params [String] :role
|
1857
|
-
# Specifies the
|
1858
|
-
# Amazon S3 bucket or EFS file system. The
|
1859
|
-
# role determine the level of access that you
|
1860
|
-
# when transferring files into and out of
|
1861
|
-
# file system. The IAM role should also
|
1862
|
-
# that allows the server to access your
|
1863
|
-
# users' transfer requests.
|
1857
|
+
# Specifies the Amazon Resource Name (ARN) of the IAM role that controls
|
1858
|
+
# your users' access to your Amazon S3 bucket or EFS file system. The
|
1859
|
+
# policies attached to this role determine the level of access that you
|
1860
|
+
# want to provide your users when transferring files into and out of
|
1861
|
+
# your Amazon S3 bucket or EFS file system. The IAM role should also
|
1862
|
+
# contain a trust relationship that allows the server to access your
|
1863
|
+
# resources when servicing your users' transfer requests.
|
1864
1864
|
#
|
1865
1865
|
# @option params [required, String] :server_id
|
1866
1866
|
# A system-assigned unique identifier for a server instance. This is the
|
@@ -1870,12 +1870,12 @@ module Aws::Transfer
|
|
1870
1870
|
# A unique identifier that is required to identify specific groups
|
1871
1871
|
# within your directory. The users of the group that you associate have
|
1872
1872
|
# access to your Amazon S3 or Amazon EFS resources over the enabled
|
1873
|
-
# protocols using
|
1874
|
-
# can view the SID values by running the following
|
1875
|
-
# PowerShell.
|
1873
|
+
# protocols using Amazon Web Services Transfer Family. If you know the
|
1874
|
+
# group name, you can view the SID values by running the following
|
1875
|
+
# command using Windows PowerShell.
|
1876
1876
|
#
|
1877
1877
|
# `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\}
|
1878
|
-
# -Properties * | Select
|
1878
|
+
# -Properties * | Select SamAccountName,ObjectSid`
|
1879
1879
|
#
|
1880
1880
|
# In that command, replace *YourGroupName* with the name of your Active
|
1881
1881
|
# Directory group.
|
@@ -1933,19 +1933,20 @@ module Aws::Transfer
|
|
1933
1933
|
# updated.
|
1934
1934
|
#
|
1935
1935
|
# @option params [String] :certificate
|
1936
|
-
# The Amazon Resource Name (ARN) of the
|
1937
|
-
# certificate. Required when `Protocols` is set to `FTPS`.
|
1936
|
+
# The Amazon Resource Name (ARN) of the Amazon Web ServicesCertificate
|
1937
|
+
# Manager (ACM) certificate. Required when `Protocols` is set to `FTPS`.
|
1938
1938
|
#
|
1939
1939
|
# To request a new public certificate, see [Request a public
|
1940
|
-
# certificate][1] in the <i>
|
1940
|
+
# certificate][1] in the <i> Amazon Web ServicesCertificate Manager User
|
1941
|
+
# Guide</i>.
|
1941
1942
|
#
|
1942
1943
|
# To import an existing certificate into ACM, see [Importing
|
1943
|
-
# certificates into ACM][2] in the <i>
|
1944
|
-
# Guide</i>.
|
1944
|
+
# certificates into ACM][2] in the <i> Amazon Web ServicesCertificate
|
1945
|
+
# Manager User Guide</i>.
|
1945
1946
|
#
|
1946
1947
|
# To request a private certificate to use FTPS through private IP
|
1947
|
-
# addresses, see [Request a private certificate][3] in the <i>
|
1948
|
-
#
|
1948
|
+
# addresses, see [Request a private certificate][3] in the <i> Amazon
|
1949
|
+
# Web ServicesCertificate Manager User Guide</i>.
|
1949
1950
|
#
|
1950
1951
|
# Certificates with the following cryptographic algorithms and key sizes
|
1951
1952
|
# are supported:
|
@@ -1971,12 +1972,20 @@ module Aws::Transfer
|
|
1971
1972
|
# [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
|
1972
1973
|
# [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html
|
1973
1974
|
#
|
1975
|
+
# @option params [Types::ProtocolDetails] :protocol_details
|
1976
|
+
# The protocol settings that are configured for your server.
|
1977
|
+
#
|
1978
|
+
# Use the `PassiveIp` parameter to indicate passive mode (for FTP and
|
1979
|
+
# FTPS protocols). Enter a single dotted-quad IPv4 address, such as the
|
1980
|
+
# external IP address of a firewall, router, or load balancer.
|
1981
|
+
#
|
1974
1982
|
# @option params [Types::EndpointDetails] :endpoint_details
|
1975
1983
|
# The virtual private cloud (VPC) endpoint settings that are configured
|
1976
|
-
# for your server.
|
1977
|
-
#
|
1978
|
-
#
|
1979
|
-
#
|
1984
|
+
# for your server. When you host your endpoint within your VPC, you can
|
1985
|
+
# make it accessible only to resources within your VPC, or you can
|
1986
|
+
# attach Elastic IP addresses and make it accessible to clients over the
|
1987
|
+
# internet. Your VPC's default security groups are automatically
|
1988
|
+
# assigned to your endpoint.
|
1980
1989
|
#
|
1981
1990
|
# @option params [String] :endpoint_type
|
1982
1991
|
# The type of endpoint that you want your server to use. You can choose
|
@@ -1986,12 +1995,12 @@ module Aws::Transfer
|
|
1986
1995
|
# choose to make it internet facing by attaching Elastic IP addresses
|
1987
1996
|
# directly to it.
|
1988
1997
|
#
|
1989
|
-
# <note markdown="1"> After
|
1990
|
-
# `EndpointType=VPC_ENDPOINT` in your
|
1991
|
-
# hasn't already done so before
|
1992
|
-
# created servers with `EndpointType=VPC_ENDPOINT` in your
|
1993
|
-
# on or before
|
1994
|
-
# date, use `EndpointType`=`VPC`.
|
1998
|
+
# <note markdown="1"> After May 19, 2021, you won't be able to create a server using
|
1999
|
+
# `EndpointType=VPC_ENDPOINT` in your Amazon Web Servicesaccount if your
|
2000
|
+
# account hasn't already done so before May 19, 2021. If you have
|
2001
|
+
# already created servers with `EndpointType=VPC_ENDPOINT` in your
|
2002
|
+
# Amazon Web Servicesaccount on or before May 19, 2021, you will not be
|
2003
|
+
# affected. After this date, use `EndpointType`=`VPC`.
|
1995
2004
|
#
|
1996
2005
|
# For more information, see
|
1997
2006
|
# https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.
|
@@ -2014,7 +2023,7 @@ module Aws::Transfer
|
|
2014
2023
|
# changing a server's host key can be disruptive.
|
2015
2024
|
#
|
2016
2025
|
# For more information, see [Change the host key for your SFTP-enabled
|
2017
|
-
# server][1] in the *
|
2026
|
+
# server][1] in the *Amazon Web ServicesTransfer Family User Guide*.
|
2018
2027
|
#
|
2019
2028
|
#
|
2020
2029
|
#
|
@@ -2025,9 +2034,10 @@ module Aws::Transfer
|
|
2025
2034
|
# customer's authentication API method.
|
2026
2035
|
#
|
2027
2036
|
# @option params [String] :logging_role
|
2028
|
-
#
|
2029
|
-
#
|
2030
|
-
#
|
2037
|
+
# Specifies the Amazon Resource Name (ARN) of the Amazon Web Services
|
2038
|
+
# Identity and Access Management (IAM) role that allows a server to turn
|
2039
|
+
# on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When
|
2040
|
+
# set, user activity can be viewed in your CloudWatch logs.
|
2031
2041
|
#
|
2032
2042
|
# @option params [Array<String>] :protocols
|
2033
2043
|
# Specifies the file transfer protocol or protocols over which your file
|
@@ -2042,9 +2052,9 @@ module Aws::Transfer
|
|
2042
2052
|
#
|
2043
2053
|
# * File Transfer Protocol (FTP): Unencrypted file transfer
|
2044
2054
|
#
|
2045
|
-
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in
|
2046
|
-
#
|
2047
|
-
# when clients connect to it over FTPS.
|
2055
|
+
# <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in Amazon
|
2056
|
+
# Web ServicesCertificate Manager (ACM) which will be used to identify
|
2057
|
+
# your server when clients connect to it over FTPS.
|
2048
2058
|
#
|
2049
2059
|
# If `Protocol` includes either `FTP` or `FTPS`, then the `EndpointType`
|
2050
2060
|
# must be `VPC` and the `IdentityProviderType` must be
|
@@ -2075,6 +2085,9 @@ module Aws::Transfer
|
|
2075
2085
|
#
|
2076
2086
|
# resp = client.update_server({
|
2077
2087
|
# certificate: "Certificate",
|
2088
|
+
# protocol_details: {
|
2089
|
+
# passive_ip: "PassiveIp",
|
2090
|
+
# },
|
2078
2091
|
# endpoint_details: {
|
2079
2092
|
# address_allocation_ids: ["AddressAllocationId"],
|
2080
2093
|
# subnet_ids: ["SubnetId"],
|
@@ -2116,10 +2129,10 @@ module Aws::Transfer
|
|
2116
2129
|
# user.
|
2117
2130
|
#
|
2118
2131
|
# @option params [String] :home_directory
|
2119
|
-
#
|
2120
|
-
#
|
2132
|
+
# The landing directory (folder) for a user when they log in to the
|
2133
|
+
# server using the client.
|
2121
2134
|
#
|
2122
|
-
#
|
2135
|
+
# A `HomeDirectory` example is `/bucket_name/home/mydirectory`.
|
2123
2136
|
#
|
2124
2137
|
# @option params [String] :home_directory_type
|
2125
2138
|
# The type of landing directory (folder) you want your users' home
|
@@ -2133,50 +2146,59 @@ module Aws::Transfer
|
|
2133
2146
|
# @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
|
2134
2147
|
# Logical directory mappings that specify what Amazon S3 or Amazon EFS
|
2135
2148
|
# paths and keys should be visible to your user and how you want to make
|
2136
|
-
# them visible. You
|
2137
|
-
#
|
2138
|
-
#
|
2139
|
-
#
|
2140
|
-
#
|
2141
|
-
#
|
2149
|
+
# them visible. You must specify the `Entry` and `Target` pair, where
|
2150
|
+
# `Entry` shows how the path is made visible and `Target` is the actual
|
2151
|
+
# Amazon S3 or Amazon EFS path. If you only specify a target, it is
|
2152
|
+
# displayed as is. You also must ensure that your Amazon Web Services
|
2153
|
+
# Identity and Access Management (IAM) role provides access to paths in
|
2154
|
+
# `Target`. This value can only be set when `HomeDirectoryType` is set
|
2155
|
+
# to *LOGICAL*.
|
2156
|
+
#
|
2157
|
+
# The following is an `Entry` and `Target` pair example.
|
2142
2158
|
#
|
2143
|
-
# `
|
2144
|
-
# "
|
2145
|
-
# ]'`
|
2159
|
+
# `[ \{ "Entry": "your-personal-report.pdf", "Target":
|
2160
|
+
# "/bucket3/customized-reports/$\{transfer:UserName\}.pdf" \} ]`
|
2146
2161
|
#
|
2147
2162
|
# In most cases, you can use this value instead of the scope-down policy
|
2148
2163
|
# to lock down your user to the designated home directory
|
2149
2164
|
# ("`chroot`"). To do this, you can set `Entry` to '/' and set
|
2150
2165
|
# `Target` to the HomeDirectory parameter value.
|
2151
2166
|
#
|
2167
|
+
# The following is an `Entry` and `Target` pair example for `chroot`.
|
2168
|
+
#
|
2169
|
+
# `[ \{ "Entry:": "/", "Target": "/bucket_name/home/mydirectory" \} ]`
|
2170
|
+
#
|
2152
2171
|
# <note markdown="1"> If the target of a logical directory entry does not exist in Amazon S3
|
2153
|
-
# or EFS, the entry
|
2154
|
-
#
|
2155
|
-
#
|
2156
|
-
#
|
2157
|
-
#
|
2158
|
-
#
|
2159
|
-
#
|
2172
|
+
# or EFS, the entry is ignored. As a workaround, you can use the Amazon
|
2173
|
+
# S3 API or EFS API to create 0 byte objects as place holders for your
|
2174
|
+
# directory. If using the CLI, use the `s3api` or `efsapi` call instead
|
2175
|
+
# of `s3` or `efs` so you can use the put-object operation. For example,
|
2176
|
+
# you use the following: `aws s3api put-object --bucket bucketname --key
|
2177
|
+
# path/to/folder/`. Make sure that the end of the key name ends in a `/`
|
2178
|
+
# for it to be considered a folder.
|
2160
2179
|
#
|
2161
2180
|
# </note>
|
2162
2181
|
#
|
2163
2182
|
# @option params [String] :policy
|
2164
|
-
#
|
2165
|
-
#
|
2166
|
-
#
|
2167
|
-
#
|
2183
|
+
# A scope-down policy for your user so that you can use the same IAM
|
2184
|
+
# role across multiple users. This policy scopes down user access to
|
2185
|
+
# portions of their Amazon S3 bucket. Variables that you can use inside
|
2186
|
+
# this policy include `$\{Transfer:UserName\}`,
|
2168
2187
|
# `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
|
2169
2188
|
#
|
2170
|
-
# <note markdown="1">
|
2171
|
-
#
|
2172
|
-
#
|
2173
|
-
#
|
2189
|
+
# <note markdown="1"> This only applies when domain of `ServerId` is S3. Amazon EFS does not
|
2190
|
+
# use scope-down policies.
|
2191
|
+
#
|
2192
|
+
# For scope-down policies, Amazon Web ServicesTransfer Family stores the
|
2193
|
+
# policy as a JSON blob, instead of the Amazon Resource Name (ARN) of
|
2194
|
+
# the policy. You save the policy as a JSON blob and pass it in the
|
2195
|
+
# `Policy` argument.
|
2174
2196
|
#
|
2175
2197
|
# For an example of a scope-down policy, see [Creating a scope-down
|
2176
2198
|
# policy][1].
|
2177
2199
|
#
|
2178
|
-
# For more information, see [AssumeRole][2] in the *
|
2179
|
-
# Service API Reference*.
|
2200
|
+
# For more information, see [AssumeRole][2] in the *Amazon Web Services
|
2201
|
+
# Security Token Service API Reference*.
|
2180
2202
|
#
|
2181
2203
|
# </note>
|
2182
2204
|
#
|
@@ -2194,12 +2216,13 @@ module Aws::Transfer
|
|
2194
2216
|
# transferring files into and out of your Amazon EFS file systems.
|
2195
2217
|
#
|
2196
2218
|
# @option params [String] :role
|
2197
|
-
#
|
2198
|
-
#
|
2199
|
-
#
|
2200
|
-
#
|
2201
|
-
#
|
2202
|
-
#
|
2219
|
+
# Specifies the Amazon Resource Name (ARN) of the IAM role that controls
|
2220
|
+
# your users' access to your Amazon S3 bucket or EFS file system. The
|
2221
|
+
# policies attached to this role determine the level of access that you
|
2222
|
+
# want to provide your users when transferring files into and out of
|
2223
|
+
# your Amazon S3 bucket or EFS file system. The IAM role should also
|
2224
|
+
# contain a trust relationship that allows the server to access your
|
2225
|
+
# resources when servicing your users' transfer requests.
|
2203
2226
|
#
|
2204
2227
|
# @option params [required, String] :server_id
|
2205
2228
|
# A system-assigned unique identifier for a server instance that the
|
@@ -2267,7 +2290,7 @@ module Aws::Transfer
|
|
2267
2290
|
params: params,
|
2268
2291
|
config: config)
|
2269
2292
|
context[:gem_name] = 'aws-sdk-transfer'
|
2270
|
-
context[:gem_version] = '1.
|
2293
|
+
context[:gem_version] = '1.37.0'
|
2271
2294
|
Seahorse::Client::Request.new(handlers, context)
|
2272
2295
|
end
|
2273
2296
|
|