RubyGems - aws-sdk-transfer - Versions diffs - 1.38.0 → 1.39.0 - Mend

aws-sdk-transfer 1.38.0 → 1.39.0

Files changed (8) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/VERSION +1 -1
data/lib/aws-sdk-transfer/client.rb +561 -82
data/lib/aws-sdk-transfer/client_api.rb +347 -0
data/lib/aws-sdk-transfer/types.rb +1355 -113
data/lib/aws-sdk-transfer.rb +1 -1
metadata +2 -2

data/lib/aws-sdk-transfer/types.rb CHANGED Viewed

@@ -23,7 +23,7 @@ module Aws::Transfer
       include Aws::Structure
     end
-    # This exception is thrown when the `UpdatServer` is called for a file
+    # This exception is thrown when the `UpdateServer` is called for a file
     # transfer protocol-enabled server that has VPC as the endpoint type and
     # the server's `VpcEndpointID` is not in the available state.
     #
@@ -38,6 +38,50 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # Each step type has its own `StepDetails` structure.
+    #
+    # @note When making an API call, you may pass CopyStepDetails
+    #   data as a hash:
+    #
+    #       {
+    #         name: "WorkflowStepName",
+    #         destination_file_location: {
+    #           s3_file_location: {
+    #             bucket: "S3Bucket",
+    #             key: "S3Key",
+    #           },
+    #           efs_file_location: {
+    #             file_system_id: "EfsFileSystemId",
+    #             path: "EfsPath",
+    #           },
+    #         },
+    #         overwrite_existing: "TRUE", # accepts TRUE, FALSE
+    #       }
+    #
+    # @!attribute [rw] name
+    #   The name of the step, used as an identifier.
+    #   @return [String]
+    #
+    # @!attribute [rw] destination_file_location
+    #   Specifies the location for the file being copied. Only applicable
+    #   for the Copy type of workflow steps.
+    #   @return [Types::InputFileLocation]
+    #
+    # @!attribute [rw] overwrite_existing
+    #   A flag that indicates whether or not to overwrite an existing file
+    #   of the same name. The default is `FALSE`.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CopyStepDetails AWS API Documentation
+    #
+    class CopyStepDetails < Struct.new(
+      :name,
+      :destination_file_location,
+      :overwrite_existing)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass CreateAccessRequest
     #   data as a hash:
     #
@@ -73,7 +117,7 @@ module Aws::Transfer
     #   directory to be when they log into the server. If you set it to
     #   `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
     #   as is in their file transfer protocol clients. If you set it
-    #   `LOGICAL`, you will need to provide mappings in the
+    #   `LOGICAL`, you need to provide mappings in the
     #   `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
     #   paths visible to your users.
     #   @return [String]
@@ -94,8 +138,8 @@ module Aws::Transfer
     #   `[ \{ "Entry": "your-personal-report.pdf", "Target":
     #   "/bucket3/customized-reports/$\{transfer:UserName\}.pdf" \} ]`
     #
-    #   In most cases, you can use this value instead of the scope-down
-    #   policy to lock down your user to the designated home directory
+    #   In most cases, you can use this value instead of the session policy
+    #   to lock down your user to the designated home directory
     #   ("`chroot`"). To do this, you can set `Entry` to `/` and set
     #   `Target` to the `HomeDirectory` parameter value.
     #
@@ -116,22 +160,21 @@ module Aws::Transfer
     #   @return [Array<Types::HomeDirectoryMapEntry>]
     #
     # @!attribute [rw] policy
-    #   A scope-down policy for your user so that you can use the same IAM
-    #   role across multiple users. This policy scopes down user access to
+    #   A session policy for your user so that you can use the same IAM role
+    #   across multiple users. This policy scopes down user access to
     #   portions of their Amazon S3 bucket. Variables that you can use
     #   inside this policy include `$\{Transfer:UserName\}`,
     #   `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
     #
-    #   <note markdown="1"> This only applies when domain of `ServerId` is S3. Amazon EFS does
-    #   not use scope-down policies.
+    #   <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not
+    #   use session policies.
     #
-    #    For scope-down policies, Amazon Web Services Transfer Family stores
-    #   the policy as a JSON blob, instead of the Amazon Resource Name (ARN)
-    #   of the policy. You save the policy as a JSON blob and pass it in the
+    #    For session policies, Amazon Web Services Transfer Family stores the
+    #   policy as a JSON blob, instead of the Amazon Resource Name (ARN) of
+    #   the policy. You save the policy as a JSON blob and pass it in the
     #   `Policy` argument.
     #
-    #    For an example of a scope-down policy, see [Example scope-down
-    #   policy][1].
+    #    For an example of a session policy, see [Example session policy][1].
     #
     #    For more information, see [AssumeRole][2] in the *Amazon Web
     #   Services Security Token Service API Reference*.
@@ -140,7 +183,7 @@ module Aws::Transfer
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/transfer/latest/userguide/scope-down-policy.html
+    #   [1]: https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html
     #   [2]: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
     #   @return [String]
     #
@@ -253,6 +296,14 @@ module Aws::Transfer
     #             value: "TagValue", # required
     #           },
     #         ],
+    #         workflow_details: {
+    #           on_upload: [ # required
+    #             {
+    #               workflow_id: "WorkflowId", # required
+    #               execution_role: "Role", # required
+    #             },
+    #           ],
+    #         },
     #       }
     #
     # @!attribute [rw] certificate
@@ -436,6 +487,11 @@ module Aws::Transfer
     #   Key-value pairs that can be used to group and search for servers.
     #   @return [Array<Types::Tag>]
     #
+    # @!attribute [rw] workflow_details
+    #   Specifies the workflow ID for the workflow to assign and the
+    #   execution role used for executing the workflow.
+    #   @return [Types::WorkflowDetails]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateServerRequest AWS API Documentation
     #
     class CreateServerRequest < Struct.new(
@@ -449,7 +505,8 @@ module Aws::Transfer
       :logging_role,
       :protocols,
       :security_policy_name,
-      :tags)
+      :tags,
+      :workflow_details)
       SENSITIVE = [:host_key]
       include Aws::Structure
     end
@@ -508,7 +565,7 @@ module Aws::Transfer
     #   directory to be when they log into the server. If you set it to
     #   `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
     #   as is in their file transfer protocol clients. If you set it
-    #   `LOGICAL`, you will need to provide mappings in the
+    #   `LOGICAL`, you need to provide mappings in the
     #   `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
     #   paths visible to your users.
     #   @return [String]
@@ -529,8 +586,8 @@ module Aws::Transfer
     #   `[ \{ "Entry": "your-personal-report.pdf", "Target":
     #   "/bucket3/customized-reports/$\{transfer:UserName\}.pdf" \} ]`
     #
-    #   In most cases, you can use this value instead of the scope-down
-    #   policy to lock your user down to the designated home directory
+    #   In most cases, you can use this value instead of the session policy
+    #   to lock your user down to the designated home directory
     #   ("`chroot`"). To do this, you can set `Entry` to `/` and set
     #   `Target` to the HomeDirectory parameter value.
     #
@@ -551,22 +608,21 @@ module Aws::Transfer
     #   @return [Array<Types::HomeDirectoryMapEntry>]
     #
     # @!attribute [rw] policy
-    #   A scope-down policy for your user so that you can use the same IAM
-    #   role across multiple users. This policy scopes down user access to
+    #   A session policy for your user so that you can use the same IAM role
+    #   across multiple users. This policy scopes down user access to
     #   portions of their Amazon S3 bucket. Variables that you can use
     #   inside this policy include `$\{Transfer:UserName\}`,
     #   `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
     #
-    #   <note markdown="1"> This only applies when domain of ServerId is S3. EFS does not use
-    #   scope down policy.
+    #   <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not
+    #   use session policies.
     #
-    #    For scope-down policies, Amazon Web Services Transfer Family stores
-    #   the policy as a JSON blob, instead of the Amazon Resource Name (ARN)
-    #   of the policy. You save the policy as a JSON blob and pass it in the
+    #    For session policies, Amazon Web Services Transfer Family stores the
+    #   policy as a JSON blob, instead of the Amazon Resource Name (ARN) of
+    #   the policy. You save the policy as a JSON blob and pass it in the
     #   `Policy` argument.
     #
-    #    For an example of a scope-down policy, see [Example scope-down
-    #   policy][1].
+    #    For an example of a session policy, see [Example session policy][1].
     #
     #    For more information, see [AssumeRole][2] in the *Amazon Web
     #   Services Security Token Service API Reference*.
@@ -575,7 +631,7 @@ module Aws::Transfer
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/transfer/latest/userguide/scope-down-policy.html
+    #   [1]: https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html
     #   [2]: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
     #   @return [String]
     #
@@ -615,12 +671,11 @@ module Aws::Transfer
     #   @return [Array<Types::Tag>]
     #
     # @!attribute [rw] user_name
-    #   A unique string that identifies a user and is associated with a as
-    #   specified by the `ServerId`. This user name must be a minimum of 3
-    #   and a maximum of 100 characters long. The following are valid
-    #   characters: a-z, A-Z, 0-9, underscore '\_', hyphen '-', period
-    #   '.', and at sign '@'. The user name can't start with a hyphen,
-    #   period, or at sign.
+    #   A unique string that identifies a user and is associated with a
+    #   `ServerId`. This user name must be a minimum of 3 and a maximum of
+    #   100 characters long. The following are valid characters: a-z, A-Z,
+    #   0-9, underscore '\_', hyphen '-', period '.', and at sign
+    #   '@'. The user name can't start with a hyphen, period, or at sign.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateUserRequest AWS API Documentation
@@ -658,6 +713,180 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # @note When making an API call, you may pass CreateWorkflowRequest
+    #   data as a hash:
+    #
+    #       {
+    #         description: "WorkflowDescription",
+    #         steps: [ # required
+    #           {
+    #             type: "COPY", # accepts COPY, CUSTOM, TAG, DELETE
+    #             copy_step_details: {
+    #               name: "WorkflowStepName",
+    #               destination_file_location: {
+    #                 s3_file_location: {
+    #                   bucket: "S3Bucket",
+    #                   key: "S3Key",
+    #                 },
+    #                 efs_file_location: {
+    #                   file_system_id: "EfsFileSystemId",
+    #                   path: "EfsPath",
+    #                 },
+    #               },
+    #               overwrite_existing: "TRUE", # accepts TRUE, FALSE
+    #             },
+    #             custom_step_details: {
+    #               name: "WorkflowStepName",
+    #               target: "CustomStepTarget",
+    #               timeout_seconds: 1,
+    #             },
+    #             delete_step_details: {
+    #               name: "WorkflowStepName",
+    #             },
+    #             tag_step_details: {
+    #               name: "WorkflowStepName",
+    #               tags: [
+    #                 {
+    #                   key: "S3TagKey", # required
+    #                   value: "S3TagValue", # required
+    #                 },
+    #               ],
+    #             },
+    #           },
+    #         ],
+    #         on_exception_steps: [
+    #           {
+    #             type: "COPY", # accepts COPY, CUSTOM, TAG, DELETE
+    #             copy_step_details: {
+    #               name: "WorkflowStepName",
+    #               destination_file_location: {
+    #                 s3_file_location: {
+    #                   bucket: "S3Bucket",
+    #                   key: "S3Key",
+    #                 },
+    #                 efs_file_location: {
+    #                   file_system_id: "EfsFileSystemId",
+    #                   path: "EfsPath",
+    #                 },
+    #               },
+    #               overwrite_existing: "TRUE", # accepts TRUE, FALSE
+    #             },
+    #             custom_step_details: {
+    #               name: "WorkflowStepName",
+    #               target: "CustomStepTarget",
+    #               timeout_seconds: 1,
+    #             },
+    #             delete_step_details: {
+    #               name: "WorkflowStepName",
+    #             },
+    #             tag_step_details: {
+    #               name: "WorkflowStepName",
+    #               tags: [
+    #                 {
+    #                   key: "S3TagKey", # required
+    #                   value: "S3TagValue", # required
+    #                 },
+    #               ],
+    #             },
+    #           },
+    #         ],
+    #         tags: [
+    #           {
+    #             key: "TagKey", # required
+    #             value: "TagValue", # required
+    #           },
+    #         ],
+    #       }
+    #
+    # @!attribute [rw] description
+    #   A textual description for the workflow.
+    #   @return [String]
+    #
+    # @!attribute [rw] steps
+    #   Specifies the details for the steps that are in the specified
+    #   workflow.
+    #
+    #   The `TYPE` specifies which of the following actions is being taken
+    #   for this step.
+    #
+    #   * *Copy*\: copy the file to another location
+    #
+    #   * *Custom*\: custom step with a lambda target
+    #
+    #   * *Delete*\: delete the file
+    #
+    #   * *Tag*\: add a tag to the file
+    #
+    #   For file location, you specify either the S3 bucket and key, or the
+    #   EFS filesystem ID and path.
+    #   @return [Array<Types::WorkflowStep>]
+    #
+    # @!attribute [rw] on_exception_steps
+    #   Specifies the steps (actions) to take if any errors are encountered
+    #   during execution of the workflow.
+    #   @return [Array<Types::WorkflowStep>]
+    #
+    # @!attribute [rw] tags
+    #   Key-value pairs that can be used to group and search for workflows.
+    #   Tags are metadata attached to workflows for any purpose.
+    #   @return [Array<Types::Tag>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateWorkflowRequest AWS API Documentation
+    #
+    class CreateWorkflowRequest < Struct.new(
+      :description,
+      :steps,
+      :on_exception_steps,
+      :tags)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] workflow_id
+    #   A unique identifier for the workflow.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateWorkflowResponse AWS API Documentation
+    #
+    class CreateWorkflowResponse < Struct.new(
+      :workflow_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Each step type has its own `StepDetails` structure.
+    #
+    # @note When making an API call, you may pass CustomStepDetails
+    #   data as a hash:
+    #
+    #       {
+    #         name: "WorkflowStepName",
+    #         target: "CustomStepTarget",
+    #         timeout_seconds: 1,
+    #       }
+    #
+    # @!attribute [rw] name
+    #   The name of the step, used as an identifier.
+    #   @return [String]
+    #
+    # @!attribute [rw] target
+    #   The ARN for the lambda function that is being called.
+    #   @return [String]
+    #
+    # @!attribute [rw] timeout_seconds
+    #   Timeout, in seconds, for the step.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CustomStepDetails AWS API Documentation
+    #
+    class CustomStepDetails < Struct.new(
+      :name,
+      :target,
+      :timeout_seconds)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass DeleteAccessRequest
     #   data as a hash:
     #
@@ -752,6 +981,27 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # The name of the step, used to identify the step that is being deleted.
+    #
+    # @note When making an API call, you may pass DeleteStepDetails
+    #   data as a hash:
+    #
+    #       {
+    #         name: "WorkflowStepName",
+    #       }
+    #
+    # @!attribute [rw] name
+    #   The name of the step, used as an identifier.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteStepDetails AWS API Documentation
+    #
+    class DeleteStepDetails < Struct.new(
+      :name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass DeleteUserRequest
     #   data as a hash:
     #
@@ -779,6 +1029,25 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # @note When making an API call, you may pass DeleteWorkflowRequest
+    #   data as a hash:
+    #
+    #       {
+    #         workflow_id: "WorkflowId", # required
+    #       }
+    #
+    # @!attribute [rw] workflow_id
+    #   A unique identifier for the workflow.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteWorkflowRequest AWS API Documentation
+    #
+    class DeleteWorkflowRequest < Struct.new(
+      :workflow_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass DescribeAccessRequest
     #   data as a hash:
     #
@@ -839,6 +1108,48 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # @note When making an API call, you may pass DescribeExecutionRequest
+    #   data as a hash:
+    #
+    #       {
+    #         execution_id: "ExecutionId", # required
+    #         workflow_id: "WorkflowId", # required
+    #       }
+    #
+    # @!attribute [rw] execution_id
+    #   A unique identifier for the execution of a workflow.
+    #   @return [String]
+    #
+    # @!attribute [rw] workflow_id
+    #   A unique identifier for the workflow.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeExecutionRequest AWS API Documentation
+    #
+    class DescribeExecutionRequest < Struct.new(
+      :execution_id,
+      :workflow_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] workflow_id
+    #   A unique identifier for the workflow.
+    #   @return [String]
+    #
+    # @!attribute [rw] execution
+    #   The structure that contains the details of the workflow' execution.
+    #   @return [Types::DescribedExecution]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeExecutionResponse AWS API Documentation
+    #
+    class DescribeExecutionResponse < Struct.new(
+      :workflow_id,
+      :execution)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass DescribeSecurityPolicyRequest
     #   data as a hash:
     #
@@ -950,6 +1261,37 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # @note When making an API call, you may pass DescribeWorkflowRequest
+    #   data as a hash:
+    #
+    #       {
+    #         workflow_id: "WorkflowId", # required
+    #       }
+    #
+    # @!attribute [rw] workflow_id
+    #   A unique identifier for the workflow.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeWorkflowRequest AWS API Documentation
+    #
+    class DescribeWorkflowRequest < Struct.new(
+      :workflow_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] workflow
+    #   The structure that contains the details of the workflow.
+    #   @return [Types::DescribedWorkflow]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeWorkflowResponse AWS API Documentation
+    #
+    class DescribeWorkflowResponse < Struct.new(
+      :workflow)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # Describes the properties of the access that was specified.
     #
     # @!attribute [rw] home_directory
@@ -970,10 +1312,10 @@ module Aws::Transfer
     #   to paths in `Target`. This value can only be set when
     #   `HomeDirectoryType` is set to *LOGICAL*.
     #
-    #   In most cases, you can use this value instead of the scope-down
-    #   policy to lock down the associated access to the designated home
-    #   directory ("`chroot`"). To do this, you can set `Entry` to '/'
-    #   and set `Target` to the `HomeDirectory` parameter value.
+    #   In most cases, you can use this value instead of the session policy
+    #   to lock down the associated access to the designated home directory
+    #   ("`chroot`"). To do this, you can set `Entry` to '/' and set
+    #   `Target` to the `HomeDirectory` parameter value.
     #   @return [Array<Types::HomeDirectoryMapEntry>]
     #
     # @!attribute [rw] home_directory_type
@@ -981,14 +1323,14 @@ module Aws::Transfer
     #   directory to be when they log into the server. If you set it to
     #   `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
     #   as is in their file transfer protocol clients. If you set it
-    #   `LOGICAL`, you will need to provide mappings in the
+    #   `LOGICAL`, you need to provide mappings in the
     #   `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
     #   paths visible to your users.
     #   @return [String]
     #
     # @!attribute [rw] policy
-    #   A scope-down policy for your user so that you can use the same IAM
-    #   role across multiple users. This policy scopes down user access to
+    #   A session policy for your user so that you can use the same IAM role
+    #   across multiple users. This policy scopes down user access to
     #   portions of their Amazon S3 bucket. Variables that you can use
     #   inside this policy include `$\{Transfer:UserName\}`,
     #   `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
@@ -1048,6 +1390,67 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # The details for an execution object.
+    #
+    # @!attribute [rw] execution_id
+    #   A unique identifier for the execution of a workflow.
+    #   @return [String]
+    #
+    # @!attribute [rw] initial_file_location
+    #   A structure that describes the Amazon S3 or EFS file location. This
+    #   is the file location when the execution begins: if the file is being
+    #   copied, this is the initial (as opposed to destination) file
+    #   location.
+    #   @return [Types::FileLocation]
+    #
+    # @!attribute [rw] service_metadata
+    #   A container object for the session details associated with a
+    #   workflow.
+    #   @return [Types::ServiceMetadata]
+    #
+    # @!attribute [rw] execution_role
+    #   The IAM role associated with the execution.
+    #   @return [String]
+    #
+    # @!attribute [rw] logging_configuration
+    #   The IAM logging role associated with the execution.
+    #   @return [Types::LoggingConfiguration]
+    #
+    # @!attribute [rw] posix_profile
+    #   The full POSIX identity, including user ID (`Uid`), group ID
+    #   (`Gid`), and any secondary groups IDs (`SecondaryGids`), that
+    #   controls your users' access to your Amazon EFS file systems. The
+    #   POSIX permissions that are set on files and directories in your file
+    #   system determine the level of access your users get when
+    #   transferring files into and out of your Amazon EFS file systems.
+    #   @return [Types::PosixProfile]
+    #
+    # @!attribute [rw] status
+    #   The status is one of the execution. Can be in progress, completed,
+    #   exception encountered, or handling the exception.
+    #   @return [String]
+    #
+    # @!attribute [rw] results
+    #   A structure that describes the execution results. This includes a
+    #   list of the steps along with the details of each step, error type
+    #   and message (if any), and the `OnExceptionSteps` structure.
+    #   @return [Types::ExecutionResults]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedExecution AWS API Documentation
+    #
+    class DescribedExecution < Struct.new(
+      :execution_id,
+      :initial_file_location,
+      :service_metadata,
+      :execution_role,
+      :logging_configuration,
+      :posix_profile,
+      :status,
+      :results)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # Describes the properties of a security policy that was specified. For
     # more information about security policies, see [Working with security
     # policies][1].
@@ -1225,6 +1628,11 @@ module Aws::Transfer
     #   specified with the `ServerId`.
     #   @return [Integer]
     #
+    # @!attribute [rw] workflow_details
+    #   Specifies the workflow ID for the workflow to assign and the
+    #   execution role used for executing the workflow.
+    #   @return [Types::WorkflowDetails]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedServer AWS API Documentation
     #
     class DescribedServer < Struct.new(
@@ -1243,7 +1651,8 @@ module Aws::Transfer
       :server_id,
       :state,
       :tags,
-      :user_count)
+      :user_count,
+      :workflow_details)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1273,8 +1682,8 @@ module Aws::Transfer
     #   to paths in `Target`. This value can only be set when
     #   `HomeDirectoryType` is set to *LOGICAL*.
     #
-    #   In most cases, you can use this value instead of the scope-down
-    #   policy to lock your user down to the designated home directory
+    #   In most cases, you can use this value instead of the session policy
+    #   to lock your user down to the designated home directory
     #   ("`chroot`"). To do this, you can set `Entry` to '/' and set
     #   `Target` to the HomeDirectory parameter value.
     #   @return [Array<Types::HomeDirectoryMapEntry>]
@@ -1284,14 +1693,14 @@ module Aws::Transfer
     #   directory to be when they log into the server. If you set it to
     #   `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
     #   as is in their file transfer protocol clients. If you set it
-    #   `LOGICAL`, you will need to provide mappings in the
+    #   `LOGICAL`, you need to provide mappings in the
     #   `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
     #   paths visible to your users.
     #   @return [String]
     #
     # @!attribute [rw] policy
-    #   A scope-down policy for your user so that you can use the same IAM
-    #   role across multiple users. This policy scopes down user access to
+    #   A session policy for your user so that you can use the same IAM role
+    #   across multiple users. This policy scopes down user access to
     #   portions of their Amazon S3 bucket. Variables that you can use
     #   inside this policy include `$\{Transfer:UserName\}`,
     #   `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
@@ -1351,6 +1760,90 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # Describes the properties of the specified workflow
+    #
+    # @!attribute [rw] arn
+    #   Specifies the unique Amazon Resource Name (ARN) for the workflow.
+    #   @return [String]
+    #
+    # @!attribute [rw] description
+    #   Specifies the text description for the workflow.
+    #   @return [String]
+    #
+    # @!attribute [rw] steps
+    #   Specifies the details for the steps that are in the specified
+    #   workflow.
+    #   @return [Array<Types::WorkflowStep>]
+    #
+    # @!attribute [rw] on_exception_steps
+    #   Specifies the steps (actions) to take if any errors are encountered
+    #   during execution of the workflow.
+    #   @return [Array<Types::WorkflowStep>]
+    #
+    # @!attribute [rw] workflow_id
+    #   A unique identifier for the workflow.
+    #   @return [String]
+    #
+    # @!attribute [rw] tags
+    #   Key-value pairs that can be used to group and search for workflows.
+    #   Tags are metadata attached to workflows for any purpose.
+    #   @return [Array<Types::Tag>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedWorkflow AWS API Documentation
+    #
+    class DescribedWorkflow < Struct.new(
+      :arn,
+      :description,
+      :steps,
+      :on_exception_steps,
+      :workflow_id,
+      :tags)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Specifies the details for the file location for the file being used in
+    # the workflow. Only applicable if you are using Amazon EFS for storage.
+    #
+    # You need to provide the file system ID and the pathname. The pathname
+    # can represent either a path or a file. This is determined by whether
+    # or not you end the path value with the forward slash (/) character. If
+    # the final character is "/", then your file is copied to the folder,
+    # and its name does not change. If, rather, the final character is
+    # alphanumeric, your uploaded file is renamed to the path value. In this
+    # case, if a file with that name already exists, it is overwritten.
+    #
+    # For example, if your path is `shared-files/bob/`, your uploaded files
+    # are copied to the `shared-files/bob/`, folder. If your path is
+    # `shared-files/today`, each uploaded file is copied to the
+    # `shared-files` folder and named `today`\: each upload overwrites the
+    # previous version of the `bob` file.
+    #
+    # @note When making an API call, you may pass EfsFileLocation
+    #   data as a hash:
+    #
+    #       {
+    #         file_system_id: "EfsFileSystemId",
+    #         path: "EfsPath",
+    #       }
+    #
+    # @!attribute [rw] file_system_id
+    #   The ID of the file system, assigned by Amazon EFS.
+    #   @return [String]
+    #
+    # @!attribute [rw] path
+    #   The pathname for the folder being used by a workflow.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/EfsFileLocation AWS API Documentation
+    #
+    class EfsFileLocation < Struct.new(
+      :file_system_id,
+      :path)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # The virtual private cloud (VPC) endpoint settings that are configured
     # for your file transfer protocol-enabled server. With a VPC endpoint,
     # you can restrict access to your server and resources only within your
@@ -1451,55 +1944,156 @@ module Aws::Transfer
       include Aws::Structure
     end
-    # Represents an object that contains entries and targets for
-    # `HomeDirectoryMappings`.
-    #
-    # The following is an `Entry` and `Target` pair example for `chroot`.
-    #
-    # `[ \{ "Entry:": "/", "Target": "/bucket_name/home/mydirectory" \} ]`
-    #
-    # <note markdown="1"> If the target of a logical directory entry does not exist in Amazon S3
-    # or EFS, the entry is ignored. As a workaround, you can use the Amazon
-    # S3 API or EFS API to create 0 byte objects as place holders for your
-    # directory. If using the CLI, use the `s3api` or `efsapi` call instead
-    # of `s3` or `efs` so you can use the put-object operation. For example,
-    # you use the following: `aws s3api put-object --bucket bucketname --key
-    # path/to/folder/`. Make sure that the end of the key name ends in a `/`
-    # for it to be considered a folder.
-    #
-    #  </note>
-    #
-    # @note When making an API call, you may pass HomeDirectoryMapEntry
-    #   data as a hash:
-    #
-    #       {
-    #         entry: "MapEntry", # required
-    #         target: "MapTarget", # required
-    #       }
+    # Specifies the error message and type, for an error that occurs during
+    # the execution of the workflow.
     #
-    # @!attribute [rw] entry
-    #   Represents an entry for `HomeDirectoryMappings`.
+    # @!attribute [rw] type
+    #   Specifies the error type: currently, the only valid value is
+    #   `PERMISSION_DENIED`, which occurs if your policy does not contain
+    #   the correct permissions to complete one or more of the steps in the
+    #   workflow.
     #   @return [String]
     #
-    # @!attribute [rw] target
-    #   Represents the map target that is used in a `HomeDirectorymapEntry`.
+    # @!attribute [rw] message
+    #   Specifies the descriptive message that corresponds to the
+    #   `ErrorType`.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/HomeDirectoryMapEntry AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ExecutionError AWS API Documentation
     #
-    class HomeDirectoryMapEntry < Struct.new(
-      :entry,
-      :target)
+    class ExecutionError < Struct.new(
+      :type,
+      :message)
       SENSITIVE = []
       include Aws::Structure
     end
-    # Returns information related to the type of user authentication that is
-    # in use for a file transfer protocol-enabled server's users. A server
-    # can have only one method of authentication.
+    # Specifies the steps in the workflow, as well as the steps to execute
+    # in case of any errors during workflow execution.
     #
-    # @note When making an API call, you may pass IdentityProviderDetails
-    #   data as a hash:
+    # @!attribute [rw] steps
+    #   Specifies the details for the steps that are in the specified
+    #   workflow.
+    #   @return [Array<Types::ExecutionStepResult>]
+    #
+    # @!attribute [rw] on_exception_steps
+    #   Specifies the steps (actions) to take if any errors are encountered
+    #   during execution of the workflow.
+    #   @return [Array<Types::ExecutionStepResult>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ExecutionResults AWS API Documentation
+    #
+    class ExecutionResults < Struct.new(
+      :steps,
+      :on_exception_steps)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Specifies the following details for the step: error (if any), outputs
+    # (if any), and the step type.
+    #
+    # @!attribute [rw] step_type
+    #   One of the available step types.
+    #
+    #   * *Copy*\: copy the file to another location
+    #
+    #   * *Custom*\: custom step with a lambda target
+    #
+    #   * *Delete*\: delete the file
+    #
+    #   * *Tag*\: add a tag to the file
+    #   @return [String]
+    #
+    # @!attribute [rw] outputs
+    #   The values for the key/value pair applied as a tag to the file. Only
+    #   applicable if the step type is `TAG`.
+    #   @return [String]
+    #
+    # @!attribute [rw] error
+    #   Specifies the details for an error, if it occurred during execution
+    #   of the specified workfow step.
+    #   @return [Types::ExecutionError]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ExecutionStepResult AWS API Documentation
+    #
+    class ExecutionStepResult < Struct.new(
+      :step_type,
+      :outputs,
+      :error)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Specifies the Amazon S3 or EFS file details to be used in the step.
+    #
+    # @!attribute [rw] s3_file_location
+    #   Specifies the S3 details for the file being used, such as bucket,
+    #   Etag, and so forth.
+    #   @return [Types::S3FileLocation]
+    #
+    # @!attribute [rw] efs_file_location
+    #   Specifies the Amazon EFS ID and the path for the file being used.
+    #   @return [Types::EfsFileLocation]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/FileLocation AWS API Documentation
+    #
+    class FileLocation < Struct.new(
+      :s3_file_location,
+      :efs_file_location)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Represents an object that contains entries and targets for
+    # `HomeDirectoryMappings`.
+    #
+    # The following is an `Entry` and `Target` pair example for `chroot`.
+    #
+    # `[ \{ "Entry:": "/", "Target": "/bucket_name/home/mydirectory" \} ]`
+    #
+    # <note markdown="1"> If the target of a logical directory entry does not exist in Amazon S3
+    # or EFS, the entry is ignored. As a workaround, you can use the Amazon
+    # S3 API or EFS API to create 0 byte objects as place holders for your
+    # directory. If using the CLI, use the `s3api` or `efsapi` call instead
+    # of `s3` or `efs` so you can use the put-object operation. For example,
+    # you use the following: `aws s3api put-object --bucket bucketname --key
+    # path/to/folder/`. Make sure that the end of the key name ends in a `/`
+    # for it to be considered a folder.
+    #
+    #  </note>
+    #
+    # @note When making an API call, you may pass HomeDirectoryMapEntry
+    #   data as a hash:
+    #
+    #       {
+    #         entry: "MapEntry", # required
+    #         target: "MapTarget", # required
+    #       }
+    #
+    # @!attribute [rw] entry
+    #   Represents an entry for `HomeDirectoryMappings`.
+    #   @return [String]
+    #
+    # @!attribute [rw] target
+    #   Represents the map target that is used in a `HomeDirectorymapEntry`.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/HomeDirectoryMapEntry AWS API Documentation
+    #
+    class HomeDirectoryMapEntry < Struct.new(
+      :entry,
+      :target)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Returns information related to the type of user authentication that is
+    # in use for a file transfer protocol-enabled server's users. A server
+    # can have only one method of authentication.
+    #
+    # @note When making an API call, you may pass IdentityProviderDetails
+    #   data as a hash:
     #
     #       {
     #         url: "Url",
@@ -1590,6 +2184,40 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # Specifies the location for the file being copied. Only applicable for
+    # the Copy type of workflow steps.
+    #
+    # @note When making an API call, you may pass InputFileLocation
+    #   data as a hash:
+    #
+    #       {
+    #         s3_file_location: {
+    #           bucket: "S3Bucket",
+    #           key: "S3Key",
+    #         },
+    #         efs_file_location: {
+    #           file_system_id: "EfsFileSystemId",
+    #           path: "EfsPath",
+    #         },
+    #       }
+    #
+    # @!attribute [rw] s3_file_location
+    #   Specifies the details for the S3 file being copied.
+    #   @return [Types::S3InputFileLocation]
+    #
+    # @!attribute [rw] efs_file_location
+    #   Specifies the details for the Amazon EFS file being copied.
+    #   @return [Types::EfsFileLocation]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/InputFileLocation AWS API Documentation
+    #
+    class InputFileLocation < Struct.new(
+      :s3_file_location,
+      :efs_file_location)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # This exception is thrown when an error occurs in the Amazon Web
     # ServicesTransfer Family service.
     #
@@ -1692,6 +2320,92 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # @note When making an API call, you may pass ListExecutionsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         max_results: 1,
+    #         next_token: "NextToken",
+    #         workflow_id: "WorkflowId", # required
+    #       }
+    #
+    # @!attribute [rw] max_results
+    #   Specifies the aximum number of executions to return.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   `ListExecutions` returns the `NextToken` parameter in the output.
+    #   You can then pass the `NextToken` parameter in a subsequent command
+    #   to continue listing additional executions.
+    #
+    #   This is useful for pagination, for instance. If you have 100
+    #   executions for a workflow, you might only want to list first 10. If
+    #   so, callthe API by specifing the `max-results`\:
+    #
+    #   `aws transfer list-executions --max-results 10`
+    #
+    #   This returns details for the first 10 executions, as well as the
+    #   pointer (`NextToken`) to the eleventh execution. You can now call
+    #   the API again, suppling the `NextToken` value you received:
+    #
+    #   `aws transfer list-executions --max-results 10 --next-token
+    #   $somePointerReturnedFromPreviousListResult`
+    #
+    #   This call returns the next 10 executions, the 11th through the 20th.
+    #   You can then repeat the call until the details for all 100
+    #   executions have been returned.
+    #   @return [String]
+    #
+    # @!attribute [rw] workflow_id
+    #   A unique identifier for the workflow.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListExecutionsRequest AWS API Documentation
+    #
+    class ListExecutionsRequest < Struct.new(
+      :max_results,
+      :next_token,
+      :workflow_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] next_token
+    #   `ListExecutions` returns the `NextToken` parameter in the output.
+    #   You can then pass the `NextToken` parameter in a subsequent command
+    #   to continue listing additional executions.
+    #   @return [String]
+    #
+    # @!attribute [rw] workflow_id
+    #   A unique identifier for the workflow.
+    #   @return [String]
+    #
+    # @!attribute [rw] executions
+    #   Returns the details for each execution.
+    #
+    #   * **NextToken**\: returned from a call to several APIs, you can use
+    #     pass it to a subsequent command to continue listing additional
+    #     executions.
+    #
+    #   * **StartTime**\: timestamp indicating when the execution began.
+    #
+    #   * **Executions**\: details of the execution, including the execution
+    #     ID, initial file location, and Service metadata.
+    #
+    #   * **Status**\: one of the following values: `IN_PROGRESS`,
+    #     `COMPLETED`, `EXCEPTION`, `HANDLING_EXEPTION`.
+    #   @return [Array<Types::ListedExecution>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListExecutionsResponse AWS API Documentation
+    #
+    class ListExecutionsResponse < Struct.new(
+      :next_token,
+      :workflow_id,
+      :executions)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass ListSecurityPoliciesRequest
     #   data as a hash:
     #
@@ -1917,6 +2631,53 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # @note When making an API call, you may pass ListWorkflowsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         max_results: 1,
+    #         next_token: "NextToken",
+    #       }
+    #
+    # @!attribute [rw] max_results
+    #   Specifies the maximum number of workflows to return.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   `ListWorkflows` returns the `NextToken` parameter in the output. You
+    #   can then pass the `NextToken` parameter in a subsequent command to
+    #   continue listing additional workflows.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListWorkflowsRequest AWS API Documentation
+    #
+    class ListWorkflowsRequest < Struct.new(
+      :max_results,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] next_token
+    #   `ListWorkflows` returns the `NextToken` parameter in the output. You
+    #   can then pass the `NextToken` parameter in a subsequent command to
+    #   continue listing additional workflows.
+    #   @return [String]
+    #
+    # @!attribute [rw] workflows
+    #   Returns the `Arn`, `WorkflowId`, and `Description` for each
+    #   workflow.
+    #   @return [Array<Types::ListedWorkflow>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListWorkflowsResponse AWS API Documentation
+    #
+    class ListWorkflowsResponse < Struct.new(
+      :next_token,
+      :workflows)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # Lists the properties for one or more specified associated accesses.
     #
     # @!attribute [rw] home_directory
@@ -1931,7 +2692,7 @@ module Aws::Transfer
     #   directory to be when they log into the server. If you set it to
     #   `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
     #   as is in their file transfer protocol clients. If you set it
-    #   `LOGICAL`, you will need to provide mappings in the
+    #   `LOGICAL`, you need to provide mappings in the
     #   `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
     #   paths visible to your users.
     #   @return [String]
@@ -1978,6 +2739,40 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # Returns properties of the execution that is specified.
+    #
+    # @!attribute [rw] execution_id
+    #   A unique identifier for the execution of a workflow.
+    #   @return [String]
+    #
+    # @!attribute [rw] initial_file_location
+    #   A structure that describes the Amazon S3 or EFS file location. This
+    #   is the file location when the execution begins: if the file is being
+    #   copied, this is the initial (as opposed to destination) file
+    #   location.
+    #   @return [Types::FileLocation]
+    #
+    # @!attribute [rw] service_metadata
+    #   A container object for the session details associated with a
+    #   workflow.
+    #   @return [Types::ServiceMetadata]
+    #
+    # @!attribute [rw] status
+    #   The status is one of the execution. Can be in progress, completed,
+    #   exception encountered, or handling the exception.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListedExecution AWS API Documentation
+    #
+    class ListedExecution < Struct.new(
+      :execution_id,
+      :initial_file_location,
+      :service_metadata,
+      :status)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # Returns properties of a file transfer protocol-enabled server that was
     # specified.
     #
@@ -2079,7 +2874,7 @@ module Aws::Transfer
     #   directory to be when they log into the server. If you set it to
     #   `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
     #   as is in their file transfer protocol clients. If you set it
-    #   `LOGICAL`, you will need to provide mappings in the
+    #   `LOGICAL`, you need to provide mappings in the
     #   `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
     #   paths visible to your users.
     #   @return [String]
@@ -2128,6 +2923,55 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # Contains the ID, text description, and Amazon Resource Name (ARN) for
+    # the workflow.
+    #
+    # @!attribute [rw] workflow_id
+    #   A unique identifier for the workflow.
+    #   @return [String]
+    #
+    # @!attribute [rw] description
+    #   Specifies the text description for the workflow.
+    #   @return [String]
+    #
+    # @!attribute [rw] arn
+    #   Specifies the unique Amazon Resource Name (ARN) for the workflow.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListedWorkflow AWS API Documentation
+    #
+    class ListedWorkflow < Struct.new(
+      :workflow_id,
+      :description,
+      :arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Consists of the logging role and the log group name.
+    #
+    # @!attribute [rw] logging_role
+    #   Specifies the Amazon Resource Name (ARN) of the Amazon Web Services
+    #   Identity and Access Management (IAM) role that allows a server to
+    #   turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS
+    #   events. When set, user activity can be viewed in your CloudWatch
+    #   logs.
+    #   @return [String]
+    #
+    # @!attribute [rw] log_group_name
+    #   The name of the CloudWatch logging group for the Amazon Web Services
+    #   Transfer server to which this workflow belongs.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/LoggingConfiguration AWS API Documentation
+    #
+    class LoggingConfiguration < Struct.new(
+      :logging_role,
+      :log_group_name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # The full POSIX identity, including user ID (`Uid`), group ID (`Gid`),
     # and any secondary groups IDs (`SecondaryGids`), that controls your
     # users' access to your Amazon EFS file systems. The POSIX permissions
@@ -2189,6 +3033,18 @@ module Aws::Transfer
     #
     #   Replace ` 0.0.0.0 ` in the example above with the actual IP address
     #   you want to use.
+    #
+    #   <note markdown="1"> If you change the `PassiveIp` value, you must stop and then restart
+    #   your Transfer server for the change to take effect. For details on
+    #   using Passive IP (PASV) in a NAT environment, see [Configuring your
+    #   FTPS server behind a firewall or NAT with Amazon Web Services
+    #   Transfer Family][1].
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: http://aws.amazon.com/blogs/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ProtocolDetails AWS API Documentation
@@ -2242,6 +3098,165 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # Specifies the details for the file location for the file being used in
+    # the workflow. Only applicable if you are using S3 storage.
+    #
+    # You need to provide the bucket and key. The key can represent either a
+    # path or a file. This is determined by whether or not you end the key
+    # value with the forward slash (/) character. If the final character is
+    # "/", then your file is copied to the folder, and its name does not
+    # change. If, rather, the final character is alphanumeric, your uploaded
+    # file is renamed to the path value. In this case, if a file with that
+    # name already exists, it is overwritten.
+    #
+    # For example, if your path is `shared-files/bob/`, your uploaded files
+    # are copied to the `shared-files/bob/`, folder. If your path is
+    # `shared-files/today`, each uploaded file is copied to the
+    # `shared-files` folder and named `today`\: each upload overwrites the
+    # previous version of the *bob* file.
+    #
+    # @!attribute [rw] bucket
+    #   Specifies the S3 bucket that contains the file being used.
+    #   @return [String]
+    #
+    # @!attribute [rw] key
+    #   The name assigned to the file when it was created in S3. You use the
+    #   object key to retrieve the object.
+    #   @return [String]
+    #
+    # @!attribute [rw] version_id
+    #   Specifies the file version.
+    #   @return [String]
+    #
+    # @!attribute [rw] etag
+    #   The entity tag is a hash of the object. The ETag reflects changes
+    #   only to the contents of an object, not its metadata.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/S3FileLocation AWS API Documentation
+    #
+    class S3FileLocation < Struct.new(
+      :bucket,
+      :key,
+      :version_id,
+      :etag)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Specifies the details for the S3 file being copied.
+    #
+    # @note When making an API call, you may pass S3InputFileLocation
+    #   data as a hash:
+    #
+    #       {
+    #         bucket: "S3Bucket",
+    #         key: "S3Key",
+    #       }
+    #
+    # @!attribute [rw] bucket
+    #   Specifies the S3 bucket that contains the file being copied.
+    #   @return [String]
+    #
+    # @!attribute [rw] key
+    #   The name assigned to the file when it was created in S3. You use the
+    #   object key to retrieve the object.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/S3InputFileLocation AWS API Documentation
+    #
+    class S3InputFileLocation < Struct.new(
+      :bucket,
+      :key)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Specifies the key-value pair that are assigned to a file during the
+    # execution of a Tagging step.
+    #
+    # @note When making an API call, you may pass S3Tag
+    #   data as a hash:
+    #
+    #       {
+    #         key: "S3TagKey", # required
+    #         value: "S3TagValue", # required
+    #       }
+    #
+    # @!attribute [rw] key
+    #   The name assigned to the tag that you create.
+    #   @return [String]
+    #
+    # @!attribute [rw] value
+    #   The value that corresponds to the key.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/S3Tag AWS API Documentation
+    #
+    class S3Tag < Struct.new(
+      :key,
+      :value)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @note When making an API call, you may pass SendWorkflowStepStateRequest
+    #   data as a hash:
+    #
+    #       {
+    #         workflow_id: "WorkflowId", # required
+    #         execution_id: "ExecutionId", # required
+    #         token: "CallbackToken", # required
+    #         status: "SUCCESS", # required, accepts SUCCESS, FAILURE
+    #       }
+    #
+    # @!attribute [rw] workflow_id
+    #   A unique identifier for the workflow.
+    #   @return [String]
+    #
+    # @!attribute [rw] execution_id
+    #   A unique identifier for the execution of a workflow.
+    #   @return [String]
+    #
+    # @!attribute [rw] token
+    #   Used to distinguish between multiple callbacks for multiple Lambda
+    #   steps within the same execution.
+    #   @return [String]
+    #
+    # @!attribute [rw] status
+    #   Indicates whether the specified step succeeded or failed.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/SendWorkflowStepStateRequest AWS API Documentation
+    #
+    class SendWorkflowStepStateRequest < Struct.new(
+      :workflow_id,
+      :execution_id,
+      :token,
+      :status)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/SendWorkflowStepStateResponse AWS API Documentation
+    #
+    class SendWorkflowStepStateResponse < Aws::EmptyStructure; end
+    # A container object for the session details associated with a workflow.
+    #
+    # @!attribute [rw] user_details
+    #   The Server ID (`ServerId`), Session ID (`SessionId`) and user
+    #   (`UserName`) make up the `UserDetails`.
+    #   @return [Types::UserDetails]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ServiceMetadata AWS API Documentation
+    #
+    class ServiceMetadata < Struct.new(
+      :user_details)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # The request has failed because the Amazon Web ServicesTransfer Family
     # service is not available.
     #
@@ -2392,6 +3407,41 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # Each step type has its own `StepDetails` structure.
+    #
+    # The key/value pairs used to tag a file during the execution of a
+    # workflow step.
+    #
+    # @note When making an API call, you may pass TagStepDetails
+    #   data as a hash:
+    #
+    #       {
+    #         name: "WorkflowStepName",
+    #         tags: [
+    #           {
+    #             key: "S3TagKey", # required
+    #             value: "S3TagValue", # required
+    #           },
+    #         ],
+    #       }
+    #
+    # @!attribute [rw] name
+    #   The name of the step, used as an identifier.
+    #   @return [String]
+    #
+    # @!attribute [rw] tags
+    #   Array that contains from 1 to 10 key/value pairs.
+    #   @return [Array<Types::S3Tag>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/TagStepDetails AWS API Documentation
+    #
+    class TagStepDetails < Struct.new(
+      :name,
+      :tags)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass TestIdentityProviderRequest
     #   data as a hash:
     #
@@ -2550,7 +3600,7 @@ module Aws::Transfer
     #   directory to be when they log into the server. If you set it to
     #   `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
     #   as is in their file transfer protocol clients. If you set it
-    #   `LOGICAL`, you will need to provide mappings in the
+    #   `LOGICAL`, you need to provide mappings in the
     #   `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
     #   paths visible to your users.
     #   @return [String]
@@ -2571,8 +3621,8 @@ module Aws::Transfer
     #   `[ \{ "Entry": "your-personal-report.pdf", "Target":
     #   "/bucket3/customized-reports/$\{transfer:UserName\}.pdf" \} ]`
     #
-    #   In most cases, you can use this value instead of the scope-down
-    #   policy to lock down your user to the designated home directory
+    #   In most cases, you can use this value instead of the session policy
+    #   to lock down your user to the designated home directory
     #   ("`chroot`"). To do this, you can set `Entry` to `/` and set
     #   `Target` to the `HomeDirectory` parameter value.
     #
@@ -2593,22 +3643,21 @@ module Aws::Transfer
     #   @return [Array<Types::HomeDirectoryMapEntry>]
     #
     # @!attribute [rw] policy
-    #   A scope-down policy for your user so that you can use the same IAM
-    #   role across multiple users. This policy scopes down user access to
+    #   A session policy for your user so that you can use the same IAM role
+    #   across multiple users. This policy scopes down user access to
     #   portions of their Amazon S3 bucket. Variables that you can use
     #   inside this policy include `$\{Transfer:UserName\}`,
     #   `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
     #
-    #   <note markdown="1"> This only applies when domain of `ServerId` is S3. Amazon EFS does
-    #   not use scope down policy.
+    #   <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not
+    #   use session policies.
     #
-    #    For scope-down policies, Amazon Web ServicesTransfer Family stores
-    #   the policy as a JSON blob, instead of the Amazon Resource Name (ARN)
-    #   of the policy. You save the policy as a JSON blob and pass it in the
+    #    For session policies, Amazon Web Services Transfer Family stores the
+    #   policy as a JSON blob, instead of the Amazon Resource Name (ARN) of
+    #   the policy. You save the policy as a JSON blob and pass it in the
     #   `Policy` argument.
     #
-    #    For an example of a scope-down policy, see [Example scope-down
-    #   policy][1].
+    #    For an example of a session policy, see [Example session policy][1].
     #
     #    For more information, see [AssumeRole][2] in the *Amazon Web
     #   ServicesSecurity Token Service API Reference*.
@@ -2617,7 +3666,7 @@ module Aws::Transfer
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/transfer/latest/userguide/scope-down-policy.html
+    #   [1]: https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html
     #   [2]: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
     #   @return [String]
     #
@@ -2726,6 +3775,14 @@ module Aws::Transfer
     #         protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
     #         security_policy_name: "SecurityPolicyName",
     #         server_id: "ServerId", # required
+    #         workflow_details: {
+    #           on_upload: [ # required
+    #             {
+    #               workflow_id: "WorkflowId", # required
+    #               execution_role: "Role", # required
+    #             },
+    #           ],
+    #         },
     #       }
     #
     # @!attribute [rw] certificate
@@ -2885,6 +3942,11 @@ module Aws::Transfer
     #   user account is assigned to.
     #   @return [String]
     #
+    # @!attribute [rw] workflow_details
+    #   Specifies the workflow ID for the workflow to assign and the
+    #   execution role used for executing the workflow.
+    #   @return [Types::WorkflowDetails]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateServerRequest AWS API Documentation
     #
     class UpdateServerRequest < Struct.new(
@@ -2897,7 +3959,8 @@ module Aws::Transfer
       :logging_role,
       :protocols,
       :security_policy_name,
-      :server_id)
+      :server_id,
+      :workflow_details)
       SENSITIVE = [:host_key]
       include Aws::Structure
     end
@@ -2950,7 +4013,7 @@ module Aws::Transfer
     #   directory to be when they log into the server. If you set it to
     #   `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
     #   as is in their file transfer protocol clients. If you set it
-    #   `LOGICAL`, you will need to provide mappings in the
+    #   `LOGICAL`, you need to provide mappings in the
     #   `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
     #   paths visible to your users.
     #   @return [String]
@@ -2971,8 +4034,8 @@ module Aws::Transfer
     #   `[ \{ "Entry": "your-personal-report.pdf", "Target":
     #   "/bucket3/customized-reports/$\{transfer:UserName\}.pdf" \} ]`
     #
-    #   In most cases, you can use this value instead of the scope-down
-    #   policy to lock down your user to the designated home directory
+    #   In most cases, you can use this value instead of the session policy
+    #   to lock down your user to the designated home directory
     #   ("`chroot`"). To do this, you can set `Entry` to '/' and set
     #   `Target` to the HomeDirectory parameter value.
     #
@@ -2993,21 +4056,21 @@ module Aws::Transfer
     #   @return [Array<Types::HomeDirectoryMapEntry>]
     #
     # @!attribute [rw] policy
-    #   A scope-down policy for your user so that you can use the same IAM
-    #   role across multiple users. This policy scopes down user access to
+    #   A session policy for your user so that you can use the same IAM role
+    #   across multiple users. This policy scopes down user access to
     #   portions of their Amazon S3 bucket. Variables that you can use
     #   inside this policy include `$\{Transfer:UserName\}`,
     #   `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
     #
-    #   <note markdown="1"> This only applies when domain of `ServerId` is S3. Amazon EFS does
-    #   not use scope-down policies.
+    #   <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not
+    #   use session policies.
     #
-    #    For scope-down policies, Amazon Web ServicesTransfer Family stores
-    #   the policy as a JSON blob, instead of the Amazon Resource Name (ARN)
-    #   of the policy. You save the policy as a JSON blob and pass it in the
+    #    For session policies, Amazon Web Services Transfer Family stores the
+    #   policy as a JSON blob, instead of the Amazon Resource Name (ARN) of
+    #   the policy. You save the policy as a JSON blob and pass it in the
     #   `Policy` argument.
     #
-    #    For an example of a scope-down policy, see [Creating a scope-down
+    #    For an example of a session policy, see [Creating a session
     #   policy][1].
     #
     #    For more information, see [AssumeRole][2] in the *Amazon Web
@@ -3017,7 +4080,7 @@ module Aws::Transfer
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/transfer/latest/userguide/users.html#users-policies-scope-down
+    #   [1]: https://docs.aws.amazon.com/transfer/latest/userguide/session-policy
     #   [2]: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
     #   @return [String]
     #
@@ -3093,5 +4156,184 @@ module Aws::Transfer
       include Aws::Structure
     end
+    # Specifies the user name, server ID, and session ID for a workflow.
+    #
+    # @!attribute [rw] user_name
+    #   A unique string that identifies a user account associated with a
+    #   server.
+    #   @return [String]
+    #
+    # @!attribute [rw] server_id
+    #   The system-assigned unique identifier for a Transfer server
+    #   instance.
+    #   @return [String]
+    #
+    # @!attribute [rw] session_id
+    #   The system-assigned unique identifier for a session that corresponds
+    #   to the workflow.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UserDetails AWS API Documentation
+    #
+    class UserDetails < Struct.new(
+      :user_name,
+      :server_id,
+      :session_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Specifies the workflow ID for the workflow to assign and the execution
+    # role used for executing the workflow.
+    #
+    # @note When making an API call, you may pass WorkflowDetail
+    #   data as a hash:
+    #
+    #       {
+    #         workflow_id: "WorkflowId", # required
+    #         execution_role: "Role", # required
+    #       }
+    #
+    # @!attribute [rw] workflow_id
+    #   A unique identifier for the workflow.
+    #   @return [String]
+    #
+    # @!attribute [rw] execution_role
+    #   Includes the necessary permissions for S3, EFS, and Lambda
+    #   operations that Transfer can assume, so that all workflow steps can
+    #   operate on the required resources
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/WorkflowDetail AWS API Documentation
+    #
+    class WorkflowDetail < Struct.new(
+      :workflow_id,
+      :execution_role)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Container for the `WorkflowDetail` data type. It is used by actions
+    # that trigger a workflow to begin execution.
+    #
+    # @note When making an API call, you may pass WorkflowDetails
+    #   data as a hash:
+    #
+    #       {
+    #         on_upload: [ # required
+    #           {
+    #             workflow_id: "WorkflowId", # required
+    #             execution_role: "Role", # required
+    #           },
+    #         ],
+    #       }
+    #
+    # @!attribute [rw] on_upload
+    #   A trigger that starts a workflow: the workflow begins to execute
+    #   after a file is uploaded.
+    #   @return [Array<Types::WorkflowDetail>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/WorkflowDetails AWS API Documentation
+    #
+    class WorkflowDetails < Struct.new(
+      :on_upload)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # The basic building block of a workflow.
+    #
+    # @note When making an API call, you may pass WorkflowStep
+    #   data as a hash:
+    #
+    #       {
+    #         type: "COPY", # accepts COPY, CUSTOM, TAG, DELETE
+    #         copy_step_details: {
+    #           name: "WorkflowStepName",
+    #           destination_file_location: {
+    #             s3_file_location: {
+    #               bucket: "S3Bucket",
+    #               key: "S3Key",
+    #             },
+    #             efs_file_location: {
+    #               file_system_id: "EfsFileSystemId",
+    #               path: "EfsPath",
+    #             },
+    #           },
+    #           overwrite_existing: "TRUE", # accepts TRUE, FALSE
+    #         },
+    #         custom_step_details: {
+    #           name: "WorkflowStepName",
+    #           target: "CustomStepTarget",
+    #           timeout_seconds: 1,
+    #         },
+    #         delete_step_details: {
+    #           name: "WorkflowStepName",
+    #         },
+    #         tag_step_details: {
+    #           name: "WorkflowStepName",
+    #           tags: [
+    #             {
+    #               key: "S3TagKey", # required
+    #               value: "S3TagValue", # required
+    #             },
+    #           ],
+    #         },
+    #       }
+    #
+    # @!attribute [rw] type
+    #   Currently, the following step types are supported.
+    #
+    #   * *Copy*\: copy the file to another location
+    #
+    #   * *Custom*\: custom step with a lambda target
+    #
+    #   * *Delete*\: delete the file
+    #
+    #   * *Tag*\: add a tag to the file
+    #   @return [String]
+    #
+    # @!attribute [rw] copy_step_details
+    #   Details for a step that performs a file copy.
+    #
+    #   Consists of the following values:
+    #
+    #   * A description
+    #
+    #   * An S3 or EFS location for the destination of the file copy.
+    #
+    #   * A flag that indicates whether or not to overwrite an existing file
+    #     of the same name. The default is `FALSE`.
+    #   @return [Types::CopyStepDetails]
+    #
+    # @!attribute [rw] custom_step_details
+    #   Details for a step that invokes a lambda function.
+    #
+    #   Consists of the lambda function name, target, and timeout (in
+    #   seconds).
+    #   @return [Types::CustomStepDetails]
+    #
+    # @!attribute [rw] delete_step_details
+    #   You need to specify the name of the file to be deleted.
+    #   @return [Types::DeleteStepDetails]
+    #
+    # @!attribute [rw] tag_step_details
+    #   Details for a step that creates one or more tags.
+    #
+    #   You specify one or more tags: each tag contains a key/value pair.
+    #   @return [Types::TagStepDetails]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/WorkflowStep AWS API Documentation
+    #
+    class WorkflowStep < Struct.new(
+      :type,
+      :copy_step_details,
+      :custom_step_details,
+      :delete_step_details,
+      :tag_step_details)
+      SENSITIVE = []
+      include Aws::Structure
+    end
   end
 end