aws-sdk-transfer 1.54.0 → 1.57.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -23,6 +23,80 @@ module Aws::Transfer
23
23
  include Aws::Structure
24
24
  end
25
25
 
26
+ # Contains the details for a connector object. The connector object is
27
+ # used for AS2 outbound processes, to connect the Transfer Family
28
+ # customer with the trading partner.
29
+ #
30
+ # @note When making an API call, you may pass As2ConnectorConfig
31
+ # data as a hash:
32
+ #
33
+ # {
34
+ # local_profile_id: "ProfileId",
35
+ # partner_profile_id: "ProfileId",
36
+ # message_subject: "MessageSubject",
37
+ # compression: "ZLIB", # accepts ZLIB, DISABLED
38
+ # encryption_algorithm: "AES128_CBC", # accepts AES128_CBC, AES192_CBC, AES256_CBC
39
+ # signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE
40
+ # mdn_signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE, DEFAULT
41
+ # mdn_response: "SYNC", # accepts SYNC, NONE
42
+ # }
43
+ #
44
+ # @!attribute [rw] local_profile_id
45
+ # A unique identifier for the AS2 process.
46
+ # @return [String]
47
+ #
48
+ # @!attribute [rw] partner_profile_id
49
+ # A unique identifier for the partner for the connector.
50
+ # @return [String]
51
+ #
52
+ # @!attribute [rw] message_subject
53
+ # A short description to help identify the connector.
54
+ # @return [String]
55
+ #
56
+ # @!attribute [rw] compression
57
+ # Specifies whether the AS2 file is compressed.
58
+ # @return [String]
59
+ #
60
+ # @!attribute [rw] encryption_algorithm
61
+ # The algorithm that is used to encrypt the file.
62
+ # @return [String]
63
+ #
64
+ # @!attribute [rw] signing_algorithm
65
+ # The algorithm that is used to sign the AS2 transfers for this
66
+ # partner profile.
67
+ # @return [String]
68
+ #
69
+ # @!attribute [rw] mdn_signing_algorithm
70
+ # The signing algorithm for the MDN response.
71
+ # @return [String]
72
+ #
73
+ # @!attribute [rw] mdn_response
74
+ # Used for outbound requests (from an Transfer Family server to a
75
+ # partner AS2 server) to determine whether the partner response for
76
+ # transfers is synchronous or asynchronous. Specify either of the
77
+ # following values:
78
+ #
79
+ # * `SYNC`\: The system expects a synchronous MDN response, confirming
80
+ # that the file was transferred successfully (or not).
81
+ #
82
+ # * `NONE`\: Specifies that no MDN response is required.
83
+ # @return [String]
84
+ #
85
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/As2ConnectorConfig AWS API Documentation
86
+ #
87
+ class As2ConnectorConfig < Struct.new(
88
+ :local_profile_id,
89
+ :partner_profile_id,
90
+ :message_subject,
91
+ :compression,
92
+ :encryption_algorithm,
93
+ :signing_algorithm,
94
+ :mdn_signing_algorithm,
95
+ :mdn_response)
96
+ SENSITIVE = []
97
+ include Aws::Structure
98
+ end
99
+
26
100
  # This exception is thrown when the `UpdateServer` is called for a file
27
101
  # transfer protocol-enabled server that has VPC as the endpoint type and
28
102
  # the server's `VpcEndpointID` is not in the available state.
@@ -129,13 +203,13 @@ module Aws::Transfer
129
203
  # @return [String]
130
204
  #
131
205
  # @!attribute [rw] home_directory_type
132
- # The type of landing directory (folder) you want your users' home
133
- # directory to be when they log into the server. If you set it to
134
- # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
135
- # as is in their file transfer protocol clients. If you set it
206
+ # The type of landing directory (folder) that you want your users'
207
+ # home directory to be when they log in to the server. If you set it
208
+ # to `PATH`, the user will see the absolute Amazon S3 bucket or EFS
209
+ # paths as is in their file transfer protocol clients. If you set it
136
210
  # `LOGICAL`, you need to provide mappings in the
137
- # `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
138
- # paths visible to your users.
211
+ # `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon
212
+ # EFS paths visible to your users.
139
213
  # @return [String]
140
214
  #
141
215
  # @!attribute [rw] home_directory_mappings
@@ -144,10 +218,10 @@ module Aws::Transfer
144
218
  # make them visible. You must specify the `Entry` and `Target` pair,
145
219
  # where `Entry` shows how the path is made visible and `Target` is the
146
220
  # actual Amazon S3 or Amazon EFS path. If you only specify a target,
147
- # it is displayed as is. You also must ensure that your Amazon Web
148
- # Services Identity and Access Management (IAM) role provides access
149
- # to paths in `Target`. This value can only be set when
150
- # `HomeDirectoryType` is set to *LOGICAL*.
221
+ # it is displayed as is. You also must ensure that your Identity and
222
+ # Access Management (IAM) role provides access to paths in `Target`.
223
+ # This value can be set only when `HomeDirectoryType` is set to
224
+ # *LOGICAL*.
151
225
  #
152
226
  # The following is an `Entry` and `Target` pair example.
153
227
  #
@@ -165,24 +239,24 @@ module Aws::Transfer
165
239
  # @return [Array<Types::HomeDirectoryMapEntry>]
166
240
  #
167
241
  # @!attribute [rw] policy
168
- # A session policy for your user so that you can use the same IAM role
169
- # across multiple users. This policy scopes down user access to
170
- # portions of their Amazon S3 bucket. Variables that you can use
171
- # inside this policy include `$\{Transfer:UserName\}`,
172
- # `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
242
+ # A session policy for your user so that you can use the same Identity
243
+ # and Access Management (IAM) role across multiple users. This policy
244
+ # scopes down a user's access to portions of their Amazon S3 bucket.
245
+ # Variables that you can use inside this policy include
246
+ # `$\{Transfer:UserName\}`, `$\{Transfer:HomeDirectory\}`, and
247
+ # `$\{Transfer:HomeBucket\}`.
173
248
  #
174
- # <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not
175
- # use session policies.
249
+ # <note markdown="1"> This policy applies only when the domain of `ServerId` is Amazon S3.
250
+ # Amazon EFS does not use session policies.
176
251
  #
177
- # For session policies, Amazon Web Services Transfer Family stores the
178
- # policy as a JSON blob, instead of the Amazon Resource Name (ARN) of
179
- # the policy. You save the policy as a JSON blob and pass it in the
180
- # `Policy` argument.
252
+ # For session policies, Transfer Family stores the policy as a JSON
253
+ # blob, instead of the Amazon Resource Name (ARN) of the policy. You
254
+ # save the policy as a JSON blob and pass it in the `Policy` argument.
181
255
  #
182
256
  # For an example of a session policy, see [Example session policy][1].
183
257
  #
184
- # For more information, see [AssumeRole][2] in the *Amazon Web
185
- # Services Security Token Service API Reference*.
258
+ # For more information, see [AssumeRole][2] in the *Security Token
259
+ # Service API Reference*.
186
260
  #
187
261
  # </note>
188
262
  #
@@ -202,14 +276,14 @@ module Aws::Transfer
202
276
  # @return [Types::PosixProfile]
203
277
  #
204
278
  # @!attribute [rw] role
205
- # Specifies the Amazon Resource Name (ARN) of the IAM role that
206
- # controls your users' access to your Amazon S3 bucket or EFS file
207
- # system. The policies attached to this role determine the level of
208
- # access that you want to provide your users when transferring files
209
- # into and out of your Amazon S3 bucket or EFS file system. The IAM
210
- # role should also contain a trust relationship that allows the server
211
- # to access your resources when servicing your users' transfer
212
- # requests.
279
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
280
+ # (IAM) role that controls your users' access to your Amazon S3
281
+ # bucket or Amazon EFS file system. The policies attached to this role
282
+ # determine the level of access that you want to provide your users
283
+ # when transferring files into and out of your Amazon S3 bucket or
284
+ # Amazon EFS file system. The IAM role should also contain a trust
285
+ # relationship that allows the server to access your resources when
286
+ # servicing your users' transfer requests.
213
287
  # @return [String]
214
288
  #
215
289
  # @!attribute [rw] server_id
@@ -221,9 +295,9 @@ module Aws::Transfer
221
295
  # A unique identifier that is required to identify specific groups
222
296
  # within your directory. The users of the group that you associate
223
297
  # have access to your Amazon S3 or Amazon EFS resources over the
224
- # enabled protocols using Amazon Web Services Transfer Family. If you
225
- # know the group name, you can view the SID values by running the
226
- # following command using Windows PowerShell.
298
+ # enabled protocols using Transfer Family. If you know the group name,
299
+ # you can view the SID values by running the following command using
300
+ # Windows PowerShell.
227
301
  #
228
302
  # `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\}
229
303
  # -Properties * | Select SamAccountName,ObjectSid`
@@ -231,10 +305,10 @@ module Aws::Transfer
231
305
  # In that command, replace *YourGroupName* with the name of your
232
306
  # Active Directory group.
233
307
  #
234
- # The regex used to validate this parameter is a string of characters
235
- # consisting of uppercase and lowercase alphanumeric characters with
236
- # no spaces. You can also include underscores or any of the following
237
- # characters: =,.@:/-
308
+ # The regular expression used to validate this parameter is a string
309
+ # of characters consisting of uppercase and lowercase alphanumeric
310
+ # characters with no spaces. You can also include underscores or any
311
+ # of the following characters: =,.@:/-
238
312
  # @return [String]
239
313
  #
240
314
  # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateAccessRequest AWS API Documentation
@@ -258,8 +332,8 @@ module Aws::Transfer
258
332
  #
259
333
  # @!attribute [rw] external_id
260
334
  # The external ID of the group whose users have access to your Amazon
261
- # S3 or Amazon EFS resources over the enabled protocols using Amazon
262
- # Web Services Transfer Family.
335
+ # S3 or Amazon EFS resources over the enabled protocols using Transfer
336
+ # Family.
263
337
  # @return [String]
264
338
  #
265
339
  # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateAccessResponse AWS API Documentation
@@ -271,6 +345,247 @@ module Aws::Transfer
271
345
  include Aws::Structure
272
346
  end
273
347
 
348
+ # @note When making an API call, you may pass CreateAgreementRequest
349
+ # data as a hash:
350
+ #
351
+ # {
352
+ # description: "Description",
353
+ # server_id: "ServerId", # required
354
+ # local_profile_id: "ProfileId", # required
355
+ # partner_profile_id: "ProfileId", # required
356
+ # base_directory: "HomeDirectory", # required
357
+ # access_role: "Role", # required
358
+ # status: "ACTIVE", # accepts ACTIVE, INACTIVE
359
+ # tags: [
360
+ # {
361
+ # key: "TagKey", # required
362
+ # value: "TagValue", # required
363
+ # },
364
+ # ],
365
+ # }
366
+ #
367
+ # @!attribute [rw] description
368
+ # A name or short description to identify the agreement.
369
+ # @return [String]
370
+ #
371
+ # @!attribute [rw] server_id
372
+ # A system-assigned unique identifier for a server instance. This is
373
+ # the specific server that the agreement uses.
374
+ # @return [String]
375
+ #
376
+ # @!attribute [rw] local_profile_id
377
+ # A unique identifier for the AS2 local profile.
378
+ # @return [String]
379
+ #
380
+ # @!attribute [rw] partner_profile_id
381
+ # A unique identifier for the partner profile used in the agreement.
382
+ # @return [String]
383
+ #
384
+ # @!attribute [rw] base_directory
385
+ # The landing directory (folder) for files transferred by using the
386
+ # AS2 protocol.
387
+ #
388
+ # A `BaseDirectory` example is `/DOC-EXAMPLE-BUCKET/home/mydirectory
389
+ # `.
390
+ # @return [String]
391
+ #
392
+ # @!attribute [rw] access_role
393
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
394
+ # (IAM) role that grants access to at least the `HomeDirectory` of
395
+ # your users' Amazon S3 buckets.
396
+ # @return [String]
397
+ #
398
+ # @!attribute [rw] status
399
+ # The status of the agreement. The agreement can be either `ACTIVE` or
400
+ # `INACTIVE`.
401
+ # @return [String]
402
+ #
403
+ # @!attribute [rw] tags
404
+ # Key-value pairs that can be used to group and search for agreements.
405
+ # @return [Array<Types::Tag>]
406
+ #
407
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateAgreementRequest AWS API Documentation
408
+ #
409
+ class CreateAgreementRequest < Struct.new(
410
+ :description,
411
+ :server_id,
412
+ :local_profile_id,
413
+ :partner_profile_id,
414
+ :base_directory,
415
+ :access_role,
416
+ :status,
417
+ :tags)
418
+ SENSITIVE = []
419
+ include Aws::Structure
420
+ end
421
+
422
+ # @!attribute [rw] agreement_id
423
+ # The unique identifier for the agreement. Use this ID for deleting,
424
+ # or updating an agreement, as well as in any other API calls that
425
+ # require that you specify the agreement ID.
426
+ # @return [String]
427
+ #
428
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateAgreementResponse AWS API Documentation
429
+ #
430
+ class CreateAgreementResponse < Struct.new(
431
+ :agreement_id)
432
+ SENSITIVE = []
433
+ include Aws::Structure
434
+ end
435
+
436
+ # @note When making an API call, you may pass CreateConnectorRequest
437
+ # data as a hash:
438
+ #
439
+ # {
440
+ # url: "Url", # required
441
+ # as_2_config: { # required
442
+ # local_profile_id: "ProfileId",
443
+ # partner_profile_id: "ProfileId",
444
+ # message_subject: "MessageSubject",
445
+ # compression: "ZLIB", # accepts ZLIB, DISABLED
446
+ # encryption_algorithm: "AES128_CBC", # accepts AES128_CBC, AES192_CBC, AES256_CBC
447
+ # signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE
448
+ # mdn_signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE, DEFAULT
449
+ # mdn_response: "SYNC", # accepts SYNC, NONE
450
+ # },
451
+ # access_role: "Role", # required
452
+ # logging_role: "Role",
453
+ # tags: [
454
+ # {
455
+ # key: "TagKey", # required
456
+ # value: "TagValue", # required
457
+ # },
458
+ # ],
459
+ # }
460
+ #
461
+ # @!attribute [rw] url
462
+ # The URL of the partner's AS2 endpoint.
463
+ # @return [String]
464
+ #
465
+ # @!attribute [rw] as_2_config
466
+ # A structure that contains the parameters for a connector object.
467
+ # @return [Types::As2ConnectorConfig]
468
+ #
469
+ # @!attribute [rw] access_role
470
+ # With AS2, you can send files by calling `StartFileTransfer` and
471
+ # specifying the file paths in the request parameter, `SendFilePaths`.
472
+ # We use the file’s parent directory (for example, for
473
+ # `--send-file-paths /bucket/dir/file.txt`, parent directory is
474
+ # `/bucket/dir/`) to temporarily store a processed AS2 message file,
475
+ # store the MDN when we receive them from the partner, and write a
476
+ # final JSON file containing relevant metadata of the transmission.
477
+ # So, the `AccessRole` needs to provide read and write access to the
478
+ # parent directory of the file location used in the
479
+ # `StartFileTransfer` request. Additionally, you need to provide read
480
+ # and write access to the parent directory of the files that you
481
+ # intend to send with `StartFileTransfer`.
482
+ # @return [String]
483
+ #
484
+ # @!attribute [rw] logging_role
485
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
486
+ # (IAM) role that allows a connector to turn on CloudWatch logging for
487
+ # Amazon S3 events. When set, you can view connector activity in your
488
+ # CloudWatch logs.
489
+ # @return [String]
490
+ #
491
+ # @!attribute [rw] tags
492
+ # Key-value pairs that can be used to group and search for connectors.
493
+ # Tags are metadata attached to connectors for any purpose.
494
+ # @return [Array<Types::Tag>]
495
+ #
496
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateConnectorRequest AWS API Documentation
497
+ #
498
+ class CreateConnectorRequest < Struct.new(
499
+ :url,
500
+ :as_2_config,
501
+ :access_role,
502
+ :logging_role,
503
+ :tags)
504
+ SENSITIVE = []
505
+ include Aws::Structure
506
+ end
507
+
508
+ # @!attribute [rw] connector_id
509
+ # The unique identifier for the connector, returned after the API call
510
+ # succeeds.
511
+ # @return [String]
512
+ #
513
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateConnectorResponse AWS API Documentation
514
+ #
515
+ class CreateConnectorResponse < Struct.new(
516
+ :connector_id)
517
+ SENSITIVE = []
518
+ include Aws::Structure
519
+ end
520
+
521
+ # @note When making an API call, you may pass CreateProfileRequest
522
+ # data as a hash:
523
+ #
524
+ # {
525
+ # as_2_id: "As2Id", # required
526
+ # profile_type: "LOCAL", # required, accepts LOCAL, PARTNER
527
+ # certificate_ids: ["CertificateId"],
528
+ # tags: [
529
+ # {
530
+ # key: "TagKey", # required
531
+ # value: "TagValue", # required
532
+ # },
533
+ # ],
534
+ # }
535
+ #
536
+ # @!attribute [rw] as_2_id
537
+ # The `As2Id` is the *AS2-name*, as defined in the defined in the [RFC
538
+ # 4130][1]. For inbound transfers, this is the `AS2-From` header for
539
+ # the AS2 messages sent from the partner. For outbound connectors,
540
+ # this is the `AS2-To` header for the AS2 messages sent to the partner
541
+ # using the `StartFileTransfer` API operation. This ID cannot include
542
+ # spaces.
543
+ #
544
+ #
545
+ #
546
+ # [1]: https://datatracker.ietf.org/doc/html/rfc4130
547
+ # @return [String]
548
+ #
549
+ # @!attribute [rw] profile_type
550
+ # Indicates whether to list only `LOCAL` type profiles or only
551
+ # `PARTNER` type profiles. If not supplied in the request, the command
552
+ # lists all types of profiles.
553
+ # @return [String]
554
+ #
555
+ # @!attribute [rw] certificate_ids
556
+ # An array of identifiers for the imported certificates. You use this
557
+ # identifier for working with profiles and partner profiles.
558
+ # @return [Array<String>]
559
+ #
560
+ # @!attribute [rw] tags
561
+ # Key-value pairs that can be used to group and search for AS2
562
+ # profiles.
563
+ # @return [Array<Types::Tag>]
564
+ #
565
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateProfileRequest AWS API Documentation
566
+ #
567
+ class CreateProfileRequest < Struct.new(
568
+ :as_2_id,
569
+ :profile_type,
570
+ :certificate_ids,
571
+ :tags)
572
+ SENSITIVE = []
573
+ include Aws::Structure
574
+ end
575
+
576
+ # @!attribute [rw] profile_id
577
+ # The unique identifier for the AS2 profile, returned after the API
578
+ # call succeeds.
579
+ # @return [String]
580
+ #
581
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateProfileResponse AWS API Documentation
582
+ #
583
+ class CreateProfileResponse < Struct.new(
584
+ :profile_id)
585
+ SENSITIVE = []
586
+ include Aws::Structure
587
+ end
588
+
274
589
  # @note When making an API call, you may pass CreateServerRequest
275
590
  # data as a hash:
276
591
  #
@@ -296,10 +611,12 @@ module Aws::Transfer
296
611
  # logging_role: "Role",
297
612
  # post_authentication_login_banner: "PostAuthenticationLoginBanner",
298
613
  # pre_authentication_login_banner: "PreAuthenticationLoginBanner",
299
- # protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
614
+ # protocols: ["SFTP"], # accepts SFTP, FTP, FTPS, AS2
300
615
  # protocol_details: {
301
616
  # passive_ip: "PassiveIp",
302
617
  # tls_session_resumption_mode: "DISABLED", # accepts DISABLED, ENABLED, ENFORCED
618
+ # set_stat_option: "DEFAULT", # accepts DEFAULT, ENABLE_NO_OP
619
+ # as_2_transports: ["HTTP"], # accepts HTTP
303
620
  # },
304
621
  # security_policy_name: "SecurityPolicyName",
305
622
  # tags: [
@@ -319,21 +636,18 @@ module Aws::Transfer
319
636
  # }
320
637
  #
321
638
  # @!attribute [rw] certificate
322
- # The Amazon Resource Name (ARN) of the Amazon Web Services
323
- # Certificate Manager (ACM) certificate. Required when `Protocols` is
324
- # set to `FTPS`.
639
+ # The Amazon Resource Name (ARN) of the Certificate Manager (ACM)
640
+ # certificate. Required when `Protocols` is set to `FTPS`.
325
641
  #
326
642
  # To request a new public certificate, see [Request a public
327
- # certificate][1] in the <i> Amazon Web Services Certificate Manager
328
- # User Guide</i>.
643
+ # certificate][1] in the *Certificate Manager User Guide*.
329
644
  #
330
645
  # To import an existing certificate into ACM, see [Importing
331
- # certificates into ACM][2] in the <i> Amazon Web Services Certificate
332
- # Manager User Guide</i>.
646
+ # certificates into ACM][2] in the *Certificate Manager User Guide*.
333
647
  #
334
648
  # To request a private certificate to use FTPS through private IP
335
- # addresses, see [Request a private certificate][3] in the <i> Amazon
336
- # Web Services Certificate Manager User Guide</i>.
649
+ # addresses, see [Request a private certificate][3] in the
650
+ # *Certificate Manager User Guide*.
337
651
  #
338
652
  # Certificates with the following cryptographic algorithms and key
339
653
  # sizes are supported:
@@ -374,10 +688,10 @@ module Aws::Transfer
374
688
  # @!attribute [rw] endpoint_details
375
689
  # The virtual private cloud (VPC) endpoint settings that are
376
690
  # configured for your server. When you host your endpoint within your
377
- # VPC, you can make it accessible only to resources within your VPC,
378
- # or you can attach Elastic IP addresses and make it accessible to
379
- # clients over the internet. Your VPC's default security groups are
380
- # automatically assigned to your endpoint.
691
+ # VPC, you can make your endpoint accessible only to resources within
692
+ # your VPC, or you can attach Elastic IP addresses and make your
693
+ # endpoint accessible to clients over the internet. Your VPC's
694
+ # default security groups are automatically assigned to your endpoint.
381
695
  # @return [Types::EndpointDetails]
382
696
  #
383
697
  # @!attribute [rw] endpoint_type
@@ -409,15 +723,15 @@ module Aws::Transfer
409
723
  # @return [String]
410
724
  #
411
725
  # @!attribute [rw] host_key
412
- # The RSA or ECDSA private key to use for your server.
726
+ # The RSA, ECDSA, or ED25519 private key to use for your server.
413
727
  #
414
728
  # Use the following command to generate an RSA 2048 bit key with no
415
729
  # passphrase:
416
730
  #
417
731
  # `ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key`.
418
732
  #
419
- # Use a minimum value of 2048 for the `-b` option: you can create a
420
- # stronger key using 3072 or 4096.
733
+ # Use a minimum value of 2048 for the `-b` option. You can create a
734
+ # stronger key by using 3072 or 4096.
421
735
  #
422
736
  # Use the following command to generate an ECDSA 256 bit key with no
423
737
  # passphrase:
@@ -426,7 +740,12 @@ module Aws::Transfer
426
740
  #
427
741
  # Valid values for the `-b` option for ECDSA are 256, 384, and 521.
428
742
  #
429
- # For both of these commands, you can replace *my-new-server-key* with
743
+ # Use the following command to generate an ED25519 key with no
744
+ # passphrase:
745
+ #
746
+ # `ssh-keygen -t ed25519 -N "" -f my-new-server-key`.
747
+ #
748
+ # For all of these commands, you can replace *my-new-server-key* with
430
749
  # a string of your choice.
431
750
  #
432
751
  # If you aren't planning to migrate existing users from an existing
@@ -434,7 +753,7 @@ module Aws::Transfer
434
753
  # Accidentally changing a server's host key can be disruptive.
435
754
  #
436
755
  # For more information, see [Change the host key for your SFTP-enabled
437
- # server][1] in the *Amazon Web Services Transfer Family User Guide*.
756
+ # server][1] in the *Transfer Family User Guide*.
438
757
  #
439
758
  #
440
759
  #
@@ -451,38 +770,37 @@ module Aws::Transfer
451
770
  # @return [Types::IdentityProviderDetails]
452
771
  #
453
772
  # @!attribute [rw] identity_provider_type
454
- # Specifies the mode of authentication for a server. The default value
455
- # is `SERVICE_MANAGED`, which allows you to store and access user
456
- # credentials within the Amazon Web Services Transfer Family service.
773
+ # The mode of authentication for a server. The default value is
774
+ # `SERVICE_MANAGED`, which allows you to store and access user
775
+ # credentials within the Transfer Family service.
457
776
  #
458
777
  # Use `AWS_DIRECTORY_SERVICE` to provide access to Active Directory
459
- # groups in Amazon Web Services Managed Active Directory or Microsoft
460
- # Active Directory in your on-premises environment or in Amazon Web
461
- # Services using AD Connectors. This option also requires you to
462
- # provide a Directory ID using the `IdentityProviderDetails`
778
+ # groups in Directory Service for Microsoft Active Directory or
779
+ # Microsoft Active Directory in your on-premises environment or in
780
+ # Amazon Web Services using AD Connector. This option also requires
781
+ # you to provide a Directory ID by using the `IdentityProviderDetails`
463
782
  # parameter.
464
783
  #
465
784
  # Use the `API_GATEWAY` value to integrate with an identity provider
466
785
  # of your choosing. The `API_GATEWAY` setting requires you to provide
467
- # an API Gateway endpoint URL to call for authentication using the
468
- # `IdentityProviderDetails` parameter.
786
+ # an Amazon API Gateway endpoint URL to call for authentication by
787
+ # using the `IdentityProviderDetails` parameter.
469
788
  #
470
- # Use the `AWS_LAMBDA` value to directly use a Lambda function as your
471
- # identity provider. If you choose this value, you must specify the
472
- # ARN for the lambda function in the `Function` parameter for the
789
+ # Use the `AWS_LAMBDA` value to directly use an Lambda function as
790
+ # your identity provider. If you choose this value, you must specify
791
+ # the ARN for the Lambda function in the `Function` parameter or the
473
792
  # `IdentityProviderDetails` data type.
474
793
  # @return [String]
475
794
  #
476
795
  # @!attribute [rw] logging_role
477
- # Specifies the Amazon Resource Name (ARN) of the Amazon Web Services
478
- # Identity and Access Management (IAM) role that allows a server to
479
- # turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS
480
- # events. When set, user activity can be viewed in your CloudWatch
481
- # logs.
796
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
797
+ # (IAM) role that allows a server to turn on Amazon CloudWatch logging
798
+ # for Amazon S3 or Amazon EFSevents. When set, you can view user
799
+ # activity in your CloudWatch logs.
482
800
  # @return [String]
483
801
  #
484
802
  # @!attribute [rw] post_authentication_login_banner
485
- # Specify a string to display when users connect to a server. This
803
+ # Specifies a string to display when users connect to a server. This
486
804
  # string is displayed after the user authenticates.
487
805
  #
488
806
  # <note markdown="1"> The SFTP protocol does not support post-authentication display
@@ -492,9 +810,9 @@ module Aws::Transfer
492
810
  # @return [String]
493
811
  #
494
812
  # @!attribute [rw] pre_authentication_login_banner
495
- # Specify a string to display when users connect to a server. This
813
+ # Specifies a string to display when users connect to a server. This
496
814
  # string is displayed before the user authenticates. For example, the
497
- # following banner displays details about using the system.
815
+ # following banner displays details about using the system:
498
816
  #
499
817
  # `This system is for the use of authorized users only. Individuals
500
818
  # using this computer system without authority, or in excess of their
@@ -515,20 +833,26 @@ module Aws::Transfer
515
833
  #
516
834
  # * `FTP` (File Transfer Protocol): Unencrypted file transfer
517
835
  #
518
- # <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in Amazon
519
- # Web Services Certificate Manager (ACM) which is used to identify
520
- # your server when clients connect to it over FTPS.
836
+ # * `AS2` (Applicability Statement 2): used for transporting
837
+ # structured business-to-business data
521
838
  #
522
- # If `Protocol` includes either `FTP` or `FTPS`, then the
523
- # `EndpointType` must be `VPC` and the `IdentityProviderType` must be
524
- # `AWS_DIRECTORY_SERVICE` or `API_GATEWAY`.
839
+ # <note markdown="1"> * If you select `FTPS`, you must choose a certificate stored in
840
+ # Certificate Manager (ACM) which is used to identify your server
841
+ # when clients connect to it over FTPS.
525
842
  #
526
- # If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
527
- # associated.
843
+ # * If `Protocol` includes either `FTP` or `FTPS`, then the
844
+ # `EndpointType` must be `VPC` and the `IdentityProviderType` must
845
+ # be `AWS_DIRECTORY_SERVICE` or `API_GATEWAY`.
528
846
  #
529
- # If `Protocol` is set only to `SFTP`, the `EndpointType` can be set
530
- # to `PUBLIC` and the `IdentityProviderType` can be set to
531
- # `SERVICE_MANAGED`.
847
+ # * If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot
848
+ # be associated.
849
+ #
850
+ # * If `Protocol` is set only to `SFTP`, the `EndpointType` can be set
851
+ # to `PUBLIC` and the `IdentityProviderType` can be set to
852
+ # `SERVICE_MANAGED`.
853
+ #
854
+ # * If `Protocol` includes `AS2`, then the `EndpointType` must be
855
+ # `VPC`, and domain must be Amazon S3.
532
856
  #
533
857
  # </note>
534
858
  # @return [Array<String>]
@@ -536,13 +860,27 @@ module Aws::Transfer
536
860
  # @!attribute [rw] protocol_details
537
861
  # The protocol settings that are configured for your server.
538
862
  #
539
- # Use the `PassiveIp` parameter to indicate passive mode (for FTP and
540
- # FTPS protocols). Enter a single dotted-quad IPv4 address, such as
541
- # the external IP address of a firewall, router, or load balancer.
542
- #
543
- # Use the `TlsSessionResumptionMode` parameter to determine whether or
544
- # not your Transfer server resumes recent, negotiated sessions through
545
- # a unique session ID.
863
+ # * To indicate passive mode (for FTP and FTPS protocols), use the
864
+ # `PassiveIp` parameter. Enter a single dotted-quad IPv4 address,
865
+ # such as the external IP address of a firewall, router, or load
866
+ # balancer.
867
+ #
868
+ # * To ignore the error that is generated when the client attempts to
869
+ # use the `SETSTAT` command on a file that you are uploading to an
870
+ # Amazon S3 bucket, use the `SetStatOption` parameter. To have the
871
+ # Transfer Family server ignore the `SETSTAT` command and upload
872
+ # files without needing to make any changes to your SFTP client, set
873
+ # the value to `ENABLE_NO_OP`. If you set the `SetStatOption`
874
+ # parameter to `ENABLE_NO_OP`, Transfer Family generates a log entry
875
+ # to Amazon CloudWatch Logs, so that you can determine when the
876
+ # client is making a `SETSTAT` call.
877
+ #
878
+ # * To determine whether your Transfer Family server resumes recent,
879
+ # negotiated sessions through a unique session ID, use the
880
+ # `TlsSessionResumptionMode` parameter.
881
+ #
882
+ # * `As2Transports` indicates the transport method for the AS2
883
+ # messages. Currently, only HTTP is supported.
546
884
  # @return [Types::ProtocolDetails]
547
885
  #
548
886
  # @!attribute [rw] security_policy_name
@@ -556,7 +894,7 @@ module Aws::Transfer
556
894
  #
557
895
  # @!attribute [rw] workflow_details
558
896
  # Specifies the workflow ID for the workflow to assign and the
559
- # execution role used for executing the workflow.
897
+ # execution role that's used for executing the workflow.
560
898
  # @return [Types::WorkflowDetails]
561
899
  #
562
900
  # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateServerRequest AWS API Documentation
@@ -631,13 +969,13 @@ module Aws::Transfer
631
969
  # @return [String]
632
970
  #
633
971
  # @!attribute [rw] home_directory_type
634
- # The type of landing directory (folder) you want your users' home
635
- # directory to be when they log into the server. If you set it to
636
- # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
637
- # as is in their file transfer protocol clients. If you set it
972
+ # The type of landing directory (folder) that you want your users'
973
+ # home directory to be when they log in to the server. If you set it
974
+ # to `PATH`, the user will see the absolute Amazon S3 bucket or EFS
975
+ # paths as is in their file transfer protocol clients. If you set it
638
976
  # `LOGICAL`, you need to provide mappings in the
639
- # `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
640
- # paths visible to your users.
977
+ # `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon
978
+ # EFS paths visible to your users.
641
979
  # @return [String]
642
980
  #
643
981
  # @!attribute [rw] home_directory_mappings
@@ -646,10 +984,10 @@ module Aws::Transfer
646
984
  # make them visible. You must specify the `Entry` and `Target` pair,
647
985
  # where `Entry` shows how the path is made visible and `Target` is the
648
986
  # actual Amazon S3 or Amazon EFS path. If you only specify a target,
649
- # it is displayed as is. You also must ensure that your Amazon Web
650
- # Services Identity and Access Management (IAM) role provides access
651
- # to paths in `Target`. This value can only be set when
652
- # `HomeDirectoryType` is set to *LOGICAL*.
987
+ # it is displayed as is. You also must ensure that your Identity and
988
+ # Access Management (IAM) role provides access to paths in `Target`.
989
+ # This value can be set only when `HomeDirectoryType` is set to
990
+ # *LOGICAL*.
653
991
  #
654
992
  # The following is an `Entry` and `Target` pair example.
655
993
  #
@@ -667,19 +1005,19 @@ module Aws::Transfer
667
1005
  # @return [Array<Types::HomeDirectoryMapEntry>]
668
1006
  #
669
1007
  # @!attribute [rw] policy
670
- # A session policy for your user so that you can use the same IAM role
671
- # across multiple users. This policy scopes down user access to
672
- # portions of their Amazon S3 bucket. Variables that you can use
673
- # inside this policy include `$\{Transfer:UserName\}`,
674
- # `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
1008
+ # A session policy for your user so that you can use the same Identity
1009
+ # and Access Management (IAM) role across multiple users. This policy
1010
+ # scopes down a user's access to portions of their Amazon S3 bucket.
1011
+ # Variables that you can use inside this policy include
1012
+ # `$\{Transfer:UserName\}`, `$\{Transfer:HomeDirectory\}`, and
1013
+ # `$\{Transfer:HomeBucket\}`.
675
1014
  #
676
- # <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not
677
- # use session policies.
1015
+ # <note markdown="1"> This policy applies only when the domain of `ServerId` is Amazon S3.
1016
+ # Amazon EFS does not use session policies.
678
1017
  #
679
- # For session policies, Amazon Web Services Transfer Family stores the
680
- # policy as a JSON blob, instead of the Amazon Resource Name (ARN) of
681
- # the policy. You save the policy as a JSON blob and pass it in the
682
- # `Policy` argument.
1018
+ # For session policies, Transfer Family stores the policy as a JSON
1019
+ # blob, instead of the Amazon Resource Name (ARN) of the policy. You
1020
+ # save the policy as a JSON blob and pass it in the `Policy` argument.
683
1021
  #
684
1022
  # For an example of a session policy, see [Example session policy][1].
685
1023
  #
@@ -704,14 +1042,14 @@ module Aws::Transfer
704
1042
  # @return [Types::PosixProfile]
705
1043
  #
706
1044
  # @!attribute [rw] role
707
- # Specifies the Amazon Resource Name (ARN) of the IAM role that
708
- # controls your users' access to your Amazon S3 bucket or EFS file
709
- # system. The policies attached to this role determine the level of
710
- # access that you want to provide your users when transferring files
711
- # into and out of your Amazon S3 bucket or EFS file system. The IAM
712
- # role should also contain a trust relationship that allows the server
713
- # to access your resources when servicing your users' transfer
714
- # requests.
1045
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
1046
+ # (IAM) role that controls your users' access to your Amazon S3
1047
+ # bucket or Amazon EFS file system. The policies attached to this role
1048
+ # determine the level of access that you want to provide your users
1049
+ # when transferring files into and out of your Amazon S3 bucket or
1050
+ # Amazon EFS file system. The IAM role should also contain a trust
1051
+ # relationship that allows the server to access your resources when
1052
+ # servicing your users' transfer requests.
715
1053
  # @return [String]
716
1054
  #
717
1055
  # @!attribute [rw] server_id
@@ -723,10 +1061,7 @@ module Aws::Transfer
723
1061
  # The public portion of the Secure Shell (SSH) key used to
724
1062
  # authenticate the user to the server.
725
1063
  #
726
- # <note markdown="1"> Currently, Transfer Family does not accept elliptical curve keys
727
- # (keys beginning with `ecdsa`).
728
- #
729
- # </note>
1064
+ # Transfer Family accepts RSA, ECDSA, and ED25519 keys.
730
1065
  # @return [String]
731
1066
  #
732
1067
  # @!attribute [rw] tags
@@ -881,20 +1216,20 @@ module Aws::Transfer
881
1216
  # The `TYPE` specifies which of the following actions is being taken
882
1217
  # for this step.
883
1218
  #
884
- # * *COPY*\: copy the file to another location
1219
+ # * *COPY*\: Copy the file to another location.
885
1220
  #
886
- # * *CUSTOM*\: custom step with a lambda target
1221
+ # * *CUSTOM*\: Perform a custom step with an Lambda function target.
887
1222
  #
888
- # * *DELETE*\: delete the file
1223
+ # * *DELETE*\: Delete the file.
889
1224
  #
890
- # * *TAG*\: add a tag to the file
1225
+ # * *TAG*\: Add a tag to the file.
891
1226
  #
892
1227
  # <note markdown="1"> Currently, copying and tagging are supported only on S3.
893
1228
  #
894
1229
  # </note>
895
1230
  #
896
1231
  # For file location, you specify either the S3 bucket and key, or the
897
- # EFS filesystem ID and path.
1232
+ # EFS file system ID and path.
898
1233
  # @return [Array<Types::WorkflowStep>]
899
1234
  #
900
1235
  # @!attribute [rw] on_exception_steps
@@ -1002,9 +1337,9 @@ module Aws::Transfer
1002
1337
  # A unique identifier that is required to identify specific groups
1003
1338
  # within your directory. The users of the group that you associate
1004
1339
  # have access to your Amazon S3 or Amazon EFS resources over the
1005
- # enabled protocols using Amazon Web Services Transfer Family. If you
1006
- # know the group name, you can view the SID values by running the
1007
- # following command using Windows PowerShell.
1340
+ # enabled protocols using Transfer Family. If you know the group name,
1341
+ # you can view the SID values by running the following command using
1342
+ # Windows PowerShell.
1008
1343
  #
1009
1344
  # `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\}
1010
1345
  # -Properties * | Select SamAccountName,ObjectSid`
@@ -1012,10 +1347,10 @@ module Aws::Transfer
1012
1347
  # In that command, replace *YourGroupName* with the name of your
1013
1348
  # Active Directory group.
1014
1349
  #
1015
- # The regex used to validate this parameter is a string of characters
1016
- # consisting of uppercase and lowercase alphanumeric characters with
1017
- # no spaces. You can also include underscores or any of the following
1018
- # characters: =,.@:/-
1350
+ # The regular expression used to validate this parameter is a string
1351
+ # of characters consisting of uppercase and lowercase alphanumeric
1352
+ # characters with no spaces. You can also include underscores or any
1353
+ # of the following characters: =,.@:/-
1019
1354
  # @return [String]
1020
1355
  #
1021
1356
  # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteAccessRequest AWS API Documentation
@@ -1027,6 +1362,89 @@ module Aws::Transfer
1027
1362
  include Aws::Structure
1028
1363
  end
1029
1364
 
1365
+ # @note When making an API call, you may pass DeleteAgreementRequest
1366
+ # data as a hash:
1367
+ #
1368
+ # {
1369
+ # agreement_id: "AgreementId", # required
1370
+ # server_id: "ServerId", # required
1371
+ # }
1372
+ #
1373
+ # @!attribute [rw] agreement_id
1374
+ # A unique identifier for the agreement. This identifier is returned
1375
+ # when you create an agreement.
1376
+ # @return [String]
1377
+ #
1378
+ # @!attribute [rw] server_id
1379
+ # The server ID associated with the agreement that you are deleting.
1380
+ # @return [String]
1381
+ #
1382
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteAgreementRequest AWS API Documentation
1383
+ #
1384
+ class DeleteAgreementRequest < Struct.new(
1385
+ :agreement_id,
1386
+ :server_id)
1387
+ SENSITIVE = []
1388
+ include Aws::Structure
1389
+ end
1390
+
1391
+ # @note When making an API call, you may pass DeleteCertificateRequest
1392
+ # data as a hash:
1393
+ #
1394
+ # {
1395
+ # certificate_id: "CertificateId", # required
1396
+ # }
1397
+ #
1398
+ # @!attribute [rw] certificate_id
1399
+ # The ID of the certificate object that you are deleting.
1400
+ # @return [String]
1401
+ #
1402
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteCertificateRequest AWS API Documentation
1403
+ #
1404
+ class DeleteCertificateRequest < Struct.new(
1405
+ :certificate_id)
1406
+ SENSITIVE = []
1407
+ include Aws::Structure
1408
+ end
1409
+
1410
+ # @note When making an API call, you may pass DeleteConnectorRequest
1411
+ # data as a hash:
1412
+ #
1413
+ # {
1414
+ # connector_id: "ConnectorId", # required
1415
+ # }
1416
+ #
1417
+ # @!attribute [rw] connector_id
1418
+ # The unique identifier for the connector.
1419
+ # @return [String]
1420
+ #
1421
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteConnectorRequest AWS API Documentation
1422
+ #
1423
+ class DeleteConnectorRequest < Struct.new(
1424
+ :connector_id)
1425
+ SENSITIVE = []
1426
+ include Aws::Structure
1427
+ end
1428
+
1429
+ # @note When making an API call, you may pass DeleteProfileRequest
1430
+ # data as a hash:
1431
+ #
1432
+ # {
1433
+ # profile_id: "ProfileId", # required
1434
+ # }
1435
+ #
1436
+ # @!attribute [rw] profile_id
1437
+ # The ID of the profile that you are deleting.
1438
+ # @return [String]
1439
+ #
1440
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteProfileRequest AWS API Documentation
1441
+ #
1442
+ class DeleteProfileRequest < Struct.new(
1443
+ :profile_id)
1444
+ SENSITIVE = []
1445
+ include Aws::Structure
1446
+ end
1447
+
1030
1448
  # @note When making an API call, you may pass DeleteServerRequest
1031
1449
  # data as a hash:
1032
1450
  #
@@ -1178,9 +1596,9 @@ module Aws::Transfer
1178
1596
  # A unique identifier that is required to identify specific groups
1179
1597
  # within your directory. The users of the group that you associate
1180
1598
  # have access to your Amazon S3 or Amazon EFS resources over the
1181
- # enabled protocols using Amazon Web Services Transfer Family. If you
1182
- # know the group name, you can view the SID values by running the
1183
- # following command using Windows PowerShell.
1599
+ # enabled protocols using Transfer Family. If you know the group name,
1600
+ # you can view the SID values by running the following command using
1601
+ # Windows PowerShell.
1184
1602
  #
1185
1603
  # `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\}
1186
1604
  # -Properties * | Select SamAccountName,ObjectSid`
@@ -1188,10 +1606,10 @@ module Aws::Transfer
1188
1606
  # In that command, replace *YourGroupName* with the name of your
1189
1607
  # Active Directory group.
1190
1608
  #
1191
- # The regex used to validate this parameter is a string of characters
1192
- # consisting of uppercase and lowercase alphanumeric characters with
1193
- # no spaces. You can also include underscores or any of the following
1194
- # characters: =,.@:/-
1609
+ # The regular expression used to validate this parameter is a string
1610
+ # of characters consisting of uppercase and lowercase alphanumeric
1611
+ # characters with no spaces. You can also include underscores or any
1612
+ # of the following characters: =,.@:/-
1195
1613
  # @return [String]
1196
1614
  #
1197
1615
  # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeAccessRequest AWS API Documentation
@@ -1221,48 +1639,181 @@ module Aws::Transfer
1221
1639
  include Aws::Structure
1222
1640
  end
1223
1641
 
1224
- # @note When making an API call, you may pass DescribeExecutionRequest
1642
+ # @note When making an API call, you may pass DescribeAgreementRequest
1225
1643
  # data as a hash:
1226
1644
  #
1227
1645
  # {
1228
- # execution_id: "ExecutionId", # required
1229
- # workflow_id: "WorkflowId", # required
1646
+ # agreement_id: "AgreementId", # required
1647
+ # server_id: "ServerId", # required
1230
1648
  # }
1231
1649
  #
1232
- # @!attribute [rw] execution_id
1233
- # A unique identifier for the execution of a workflow.
1650
+ # @!attribute [rw] agreement_id
1651
+ # A unique identifier for the agreement. This identifier is returned
1652
+ # when you create an agreement.
1234
1653
  # @return [String]
1235
1654
  #
1236
- # @!attribute [rw] workflow_id
1237
- # A unique identifier for the workflow.
1655
+ # @!attribute [rw] server_id
1656
+ # The server ID that's associated with the agreement.
1238
1657
  # @return [String]
1239
1658
  #
1240
- # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeExecutionRequest AWS API Documentation
1659
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeAgreementRequest AWS API Documentation
1241
1660
  #
1242
- class DescribeExecutionRequest < Struct.new(
1243
- :execution_id,
1244
- :workflow_id)
1661
+ class DescribeAgreementRequest < Struct.new(
1662
+ :agreement_id,
1663
+ :server_id)
1245
1664
  SENSITIVE = []
1246
1665
  include Aws::Structure
1247
1666
  end
1248
1667
 
1249
- # @!attribute [rw] workflow_id
1250
- # A unique identifier for the workflow.
1251
- # @return [String]
1252
- #
1253
- # @!attribute [rw] execution
1254
- # The structure that contains the details of the workflow' execution.
1255
- # @return [Types::DescribedExecution]
1668
+ # @!attribute [rw] agreement
1669
+ # The details for the specified agreement, returned as a
1670
+ # `DescribedAgreement` object.
1671
+ # @return [Types::DescribedAgreement]
1256
1672
  #
1257
- # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeExecutionResponse AWS API Documentation
1673
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeAgreementResponse AWS API Documentation
1258
1674
  #
1259
- class DescribeExecutionResponse < Struct.new(
1260
- :workflow_id,
1675
+ class DescribeAgreementResponse < Struct.new(
1676
+ :agreement)
1677
+ SENSITIVE = []
1678
+ include Aws::Structure
1679
+ end
1680
+
1681
+ # @note When making an API call, you may pass DescribeCertificateRequest
1682
+ # data as a hash:
1683
+ #
1684
+ # {
1685
+ # certificate_id: "CertificateId", # required
1686
+ # }
1687
+ #
1688
+ # @!attribute [rw] certificate_id
1689
+ # An array of identifiers for the imported certificates. You use this
1690
+ # identifier for working with profiles and partner profiles.
1691
+ # @return [String]
1692
+ #
1693
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeCertificateRequest AWS API Documentation
1694
+ #
1695
+ class DescribeCertificateRequest < Struct.new(
1696
+ :certificate_id)
1697
+ SENSITIVE = []
1698
+ include Aws::Structure
1699
+ end
1700
+
1701
+ # @!attribute [rw] certificate
1702
+ # The details for the specified certificate, returned as an object.
1703
+ # @return [Types::DescribedCertificate]
1704
+ #
1705
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeCertificateResponse AWS API Documentation
1706
+ #
1707
+ class DescribeCertificateResponse < Struct.new(
1708
+ :certificate)
1709
+ SENSITIVE = []
1710
+ include Aws::Structure
1711
+ end
1712
+
1713
+ # @note When making an API call, you may pass DescribeConnectorRequest
1714
+ # data as a hash:
1715
+ #
1716
+ # {
1717
+ # connector_id: "ConnectorId", # required
1718
+ # }
1719
+ #
1720
+ # @!attribute [rw] connector_id
1721
+ # The unique identifier for the connector.
1722
+ # @return [String]
1723
+ #
1724
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeConnectorRequest AWS API Documentation
1725
+ #
1726
+ class DescribeConnectorRequest < Struct.new(
1727
+ :connector_id)
1728
+ SENSITIVE = []
1729
+ include Aws::Structure
1730
+ end
1731
+
1732
+ # @!attribute [rw] connector
1733
+ # The structure that contains the details of the connector.
1734
+ # @return [Types::DescribedConnector]
1735
+ #
1736
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeConnectorResponse AWS API Documentation
1737
+ #
1738
+ class DescribeConnectorResponse < Struct.new(
1739
+ :connector)
1740
+ SENSITIVE = []
1741
+ include Aws::Structure
1742
+ end
1743
+
1744
+ # @note When making an API call, you may pass DescribeExecutionRequest
1745
+ # data as a hash:
1746
+ #
1747
+ # {
1748
+ # execution_id: "ExecutionId", # required
1749
+ # workflow_id: "WorkflowId", # required
1750
+ # }
1751
+ #
1752
+ # @!attribute [rw] execution_id
1753
+ # A unique identifier for the execution of a workflow.
1754
+ # @return [String]
1755
+ #
1756
+ # @!attribute [rw] workflow_id
1757
+ # A unique identifier for the workflow.
1758
+ # @return [String]
1759
+ #
1760
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeExecutionRequest AWS API Documentation
1761
+ #
1762
+ class DescribeExecutionRequest < Struct.new(
1763
+ :execution_id,
1764
+ :workflow_id)
1765
+ SENSITIVE = []
1766
+ include Aws::Structure
1767
+ end
1768
+
1769
+ # @!attribute [rw] workflow_id
1770
+ # A unique identifier for the workflow.
1771
+ # @return [String]
1772
+ #
1773
+ # @!attribute [rw] execution
1774
+ # The structure that contains the details of the workflow' execution.
1775
+ # @return [Types::DescribedExecution]
1776
+ #
1777
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeExecutionResponse AWS API Documentation
1778
+ #
1779
+ class DescribeExecutionResponse < Struct.new(
1780
+ :workflow_id,
1261
1781
  :execution)
1262
1782
  SENSITIVE = []
1263
1783
  include Aws::Structure
1264
1784
  end
1265
1785
 
1786
+ # @note When making an API call, you may pass DescribeProfileRequest
1787
+ # data as a hash:
1788
+ #
1789
+ # {
1790
+ # profile_id: "ProfileId", # required
1791
+ # }
1792
+ #
1793
+ # @!attribute [rw] profile_id
1794
+ # The identifier of the profile that you want described.
1795
+ # @return [String]
1796
+ #
1797
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeProfileRequest AWS API Documentation
1798
+ #
1799
+ class DescribeProfileRequest < Struct.new(
1800
+ :profile_id)
1801
+ SENSITIVE = []
1802
+ include Aws::Structure
1803
+ end
1804
+
1805
+ # @!attribute [rw] profile
1806
+ # The details of the specified profile, returned as an object.
1807
+ # @return [Types::DescribedProfile]
1808
+ #
1809
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeProfileResponse AWS API Documentation
1810
+ #
1811
+ class DescribeProfileResponse < Struct.new(
1812
+ :profile)
1813
+ SENSITIVE = []
1814
+ include Aws::Structure
1815
+ end
1816
+
1266
1817
  # @note When making an API call, you may pass DescribeSecurityPolicyRequest
1267
1818
  # data as a hash:
1268
1819
  #
@@ -1342,8 +1893,8 @@ module Aws::Transfer
1342
1893
  #
1343
1894
  # @!attribute [rw] user_name
1344
1895
  # The name of the user assigned to one or more servers. User names are
1345
- # part of the sign-in credentials to use the Amazon Web Services
1346
- # Transfer Family service and perform file transfer tasks.
1896
+ # part of the sign-in credentials to use the Transfer Family service
1897
+ # and perform file transfer tasks.
1347
1898
  # @return [String]
1348
1899
  #
1349
1900
  # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeUserRequest AWS API Documentation
@@ -1420,10 +1971,10 @@ module Aws::Transfer
1420
1971
  # make them visible. You must specify the `Entry` and `Target` pair,
1421
1972
  # where `Entry` shows how the path is made visible and `Target` is the
1422
1973
  # actual Amazon S3 or Amazon EFS path. If you only specify a target,
1423
- # it is displayed as is. You also must ensure that your Amazon Web
1424
- # Services Identity and Access Management (IAM) role provides access
1425
- # to paths in `Target`. This value can only be set when
1426
- # `HomeDirectoryType` is set to *LOGICAL*.
1974
+ # it is displayed as is. You also must ensure that your Identity and
1975
+ # Access Management (IAM) role provides access to paths in `Target`.
1976
+ # This value can be set only when `HomeDirectoryType` is set to
1977
+ # *LOGICAL*.
1427
1978
  #
1428
1979
  # In most cases, you can use this value instead of the session policy
1429
1980
  # to lock down the associated access to the designated home directory
@@ -1432,21 +1983,22 @@ module Aws::Transfer
1432
1983
  # @return [Array<Types::HomeDirectoryMapEntry>]
1433
1984
  #
1434
1985
  # @!attribute [rw] home_directory_type
1435
- # The type of landing directory (folder) you want your users' home
1436
- # directory to be when they log into the server. If you set it to
1437
- # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
1438
- # as is in their file transfer protocol clients. If you set it
1986
+ # The type of landing directory (folder) that you want your users'
1987
+ # home directory to be when they log in to the server. If you set it
1988
+ # to `PATH`, the user will see the absolute Amazon S3 bucket or EFS
1989
+ # paths as is in their file transfer protocol clients. If you set it
1439
1990
  # `LOGICAL`, you need to provide mappings in the
1440
- # `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
1441
- # paths visible to your users.
1991
+ # `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon
1992
+ # EFS paths visible to your users.
1442
1993
  # @return [String]
1443
1994
  #
1444
1995
  # @!attribute [rw] policy
1445
- # A session policy for your user so that you can use the same IAM role
1446
- # across multiple users. This policy scopes down user access to
1447
- # portions of their Amazon S3 bucket. Variables that you can use
1448
- # inside this policy include `$\{Transfer:UserName\}`,
1449
- # `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
1996
+ # A session policy for your user so that you can use the same Identity
1997
+ # and Access Management (IAM) role across multiple users. This policy
1998
+ # scopes down a user's access to portions of their Amazon S3 bucket.
1999
+ # Variables that you can use inside this policy include
2000
+ # `$\{Transfer:UserName\}`, `$\{Transfer:HomeDirectory\}`, and
2001
+ # `$\{Transfer:HomeBucket\}`.
1450
2002
  # @return [String]
1451
2003
  #
1452
2004
  # @!attribute [rw] posix_profile
@@ -1459,23 +2011,23 @@ module Aws::Transfer
1459
2011
  # @return [Types::PosixProfile]
1460
2012
  #
1461
2013
  # @!attribute [rw] role
1462
- # Specifies the Amazon Resource Name (ARN) of the IAM role that
1463
- # controls your users' access to your Amazon S3 bucket or EFS file
1464
- # system. The policies attached to this role determine the level of
1465
- # access that you want to provide your users when transferring files
1466
- # into and out of your Amazon S3 bucket or EFS file system. The IAM
1467
- # role should also contain a trust relationship that allows the server
1468
- # to access your resources when servicing your users' transfer
1469
- # requests.
2014
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
2015
+ # (IAM) role that controls your users' access to your Amazon S3
2016
+ # bucket or Amazon EFS file system. The policies attached to this role
2017
+ # determine the level of access that you want to provide your users
2018
+ # when transferring files into and out of your Amazon S3 bucket or
2019
+ # Amazon EFS file system. The IAM role should also contain a trust
2020
+ # relationship that allows the server to access your resources when
2021
+ # servicing your users' transfer requests.
1470
2022
  # @return [String]
1471
2023
  #
1472
2024
  # @!attribute [rw] external_id
1473
2025
  # A unique identifier that is required to identify specific groups
1474
2026
  # within your directory. The users of the group that you associate
1475
2027
  # have access to your Amazon S3 or Amazon EFS resources over the
1476
- # enabled protocols using Amazon Web Services Transfer Family. If you
1477
- # know the group name, you can view the SID values by running the
1478
- # following command using Windows PowerShell.
2028
+ # enabled protocols using Transfer Family. If you know the group name,
2029
+ # you can view the SID values by running the following command using
2030
+ # Windows PowerShell.
1479
2031
  #
1480
2032
  # `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\}
1481
2033
  # -Properties * | Select SamAccountName,ObjectSid`
@@ -1483,10 +2035,10 @@ module Aws::Transfer
1483
2035
  # In that command, replace *YourGroupName* with the name of your
1484
2036
  # Active Directory group.
1485
2037
  #
1486
- # The regex used to validate this parameter is a string of characters
1487
- # consisting of uppercase and lowercase alphanumeric characters with
1488
- # no spaces. You can also include underscores or any of the following
1489
- # characters: =,.@:/-
2038
+ # The regular expression used to validate this parameter is a string
2039
+ # of characters consisting of uppercase and lowercase alphanumeric
2040
+ # characters with no spaces. You can also include underscores or any
2041
+ # of the following characters: =,.@:/-
1490
2042
  # @return [String]
1491
2043
  #
1492
2044
  # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedAccess AWS API Documentation
@@ -1503,6 +2055,217 @@ module Aws::Transfer
1503
2055
  include Aws::Structure
1504
2056
  end
1505
2057
 
2058
+ # Describes the properties of an agreement.
2059
+ #
2060
+ # @!attribute [rw] arn
2061
+ # The unique Amazon Resource Name (ARN) for the agreement.
2062
+ # @return [String]
2063
+ #
2064
+ # @!attribute [rw] agreement_id
2065
+ # A unique identifier for the agreement. This identifier is returned
2066
+ # when you create an agreement.
2067
+ # @return [String]
2068
+ #
2069
+ # @!attribute [rw] description
2070
+ # The name or short description that's used to identify the
2071
+ # agreement.
2072
+ # @return [String]
2073
+ #
2074
+ # @!attribute [rw] status
2075
+ # The current status of the agreement, either `ACTIVE` or `INACTIVE`.
2076
+ # @return [String]
2077
+ #
2078
+ # @!attribute [rw] server_id
2079
+ # A system-assigned unique identifier for a server instance. This
2080
+ # identifier indicates the specific server that the agreement uses.
2081
+ # @return [String]
2082
+ #
2083
+ # @!attribute [rw] local_profile_id
2084
+ # A unique identifier for the AS2 process.
2085
+ # @return [String]
2086
+ #
2087
+ # @!attribute [rw] partner_profile_id
2088
+ # A unique identifier for the partner in the agreement.
2089
+ # @return [String]
2090
+ #
2091
+ # @!attribute [rw] base_directory
2092
+ # The landing directory (folder) for files that are transferred by
2093
+ # using the AS2 protocol.
2094
+ # @return [String]
2095
+ #
2096
+ # @!attribute [rw] access_role
2097
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
2098
+ # (IAM) role that grants access to at least the `HomeDirectory` of
2099
+ # your users' Amazon S3 buckets.
2100
+ # @return [String]
2101
+ #
2102
+ # @!attribute [rw] tags
2103
+ # Key-value pairs that can be used to group and search for agreements.
2104
+ # @return [Array<Types::Tag>]
2105
+ #
2106
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedAgreement AWS API Documentation
2107
+ #
2108
+ class DescribedAgreement < Struct.new(
2109
+ :arn,
2110
+ :agreement_id,
2111
+ :description,
2112
+ :status,
2113
+ :server_id,
2114
+ :local_profile_id,
2115
+ :partner_profile_id,
2116
+ :base_directory,
2117
+ :access_role,
2118
+ :tags)
2119
+ SENSITIVE = []
2120
+ include Aws::Structure
2121
+ end
2122
+
2123
+ # Describes the properties of a certificate.
2124
+ #
2125
+ # @!attribute [rw] arn
2126
+ # The unique Amazon Resource Name (ARN) for the certificate.
2127
+ # @return [String]
2128
+ #
2129
+ # @!attribute [rw] certificate_id
2130
+ # An array of identifiers for the imported certificates. You use this
2131
+ # identifier for working with profiles and partner profiles.
2132
+ # @return [String]
2133
+ #
2134
+ # @!attribute [rw] usage
2135
+ # Specifies whether this certificate is used for signing or
2136
+ # encryption.
2137
+ # @return [String]
2138
+ #
2139
+ # @!attribute [rw] status
2140
+ # The certificate can be either `ACTIVE`, `PENDING_ROTATION`, or
2141
+ # `INACTIVE`. `PENDING_ROTATION` means that this certificate will
2142
+ # replace the current certificate when it expires.
2143
+ # @return [String]
2144
+ #
2145
+ # @!attribute [rw] certificate
2146
+ # The file name for the certificate.
2147
+ # @return [String]
2148
+ #
2149
+ # @!attribute [rw] certificate_chain
2150
+ # The list of certificates that make up the chain for the certificate.
2151
+ # @return [String]
2152
+ #
2153
+ # @!attribute [rw] active_date
2154
+ # An optional date that specifies when the certificate becomes active.
2155
+ # @return [Time]
2156
+ #
2157
+ # @!attribute [rw] inactive_date
2158
+ # An optional date that specifies when the certificate becomes
2159
+ # inactive.
2160
+ # @return [Time]
2161
+ #
2162
+ # @!attribute [rw] serial
2163
+ # The serial number for the certificate.
2164
+ # @return [String]
2165
+ #
2166
+ # @!attribute [rw] not_before_date
2167
+ # The earliest date that the certificate is valid.
2168
+ # @return [Time]
2169
+ #
2170
+ # @!attribute [rw] not_after_date
2171
+ # The final date that the certificate is valid.
2172
+ # @return [Time]
2173
+ #
2174
+ # @!attribute [rw] type
2175
+ # If a private key has been specified for the certificate, its type is
2176
+ # `CERTIFICATE_WITH_PRIVATE_KEY`. If there is no private key, the type
2177
+ # is `CERTIFICATE`.
2178
+ # @return [String]
2179
+ #
2180
+ # @!attribute [rw] description
2181
+ # The name or description that's used to identity the certificate.
2182
+ # @return [String]
2183
+ #
2184
+ # @!attribute [rw] tags
2185
+ # Key-value pairs that can be used to group and search for
2186
+ # certificates.
2187
+ # @return [Array<Types::Tag>]
2188
+ #
2189
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedCertificate AWS API Documentation
2190
+ #
2191
+ class DescribedCertificate < Struct.new(
2192
+ :arn,
2193
+ :certificate_id,
2194
+ :usage,
2195
+ :status,
2196
+ :certificate,
2197
+ :certificate_chain,
2198
+ :active_date,
2199
+ :inactive_date,
2200
+ :serial,
2201
+ :not_before_date,
2202
+ :not_after_date,
2203
+ :type,
2204
+ :description,
2205
+ :tags)
2206
+ SENSITIVE = [:certificate, :certificate_chain]
2207
+ include Aws::Structure
2208
+ end
2209
+
2210
+ # Describes the parameters for the connector, as identified by the
2211
+ # `ConnectorId`.
2212
+ #
2213
+ # @!attribute [rw] arn
2214
+ # The unique Amazon Resource Name (ARN) for the connector.
2215
+ # @return [String]
2216
+ #
2217
+ # @!attribute [rw] connector_id
2218
+ # The unique identifier for the connector.
2219
+ # @return [String]
2220
+ #
2221
+ # @!attribute [rw] url
2222
+ # The URL of the partner's AS2 endpoint.
2223
+ # @return [String]
2224
+ #
2225
+ # @!attribute [rw] as_2_config
2226
+ # A structure that contains the parameters for a connector object.
2227
+ # @return [Types::As2ConnectorConfig]
2228
+ #
2229
+ # @!attribute [rw] access_role
2230
+ # With AS2, you can send files by calling `StartFileTransfer` and
2231
+ # specifying the file paths in the request parameter, `SendFilePaths`.
2232
+ # We use the file’s parent directory (for example, for
2233
+ # `--send-file-paths /bucket/dir/file.txt`, parent directory is
2234
+ # `/bucket/dir/`) to temporarily store a processed AS2 message file,
2235
+ # store the MDN when we receive them from the partner, and write a
2236
+ # final JSON file containing relevant metadata of the transmission.
2237
+ # So, the `AccessRole` needs to provide read and write access to the
2238
+ # parent directory of the file location used in the
2239
+ # `StartFileTransfer` request. Additionally, you need to provide read
2240
+ # and write access to the parent directory of the files that you
2241
+ # intend to send with `StartFileTransfer`.
2242
+ # @return [String]
2243
+ #
2244
+ # @!attribute [rw] logging_role
2245
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
2246
+ # (IAM) role that allows a connector to turn on CloudWatch logging for
2247
+ # Amazon S3 events. When set, you can view connector activity in your
2248
+ # CloudWatch logs.
2249
+ # @return [String]
2250
+ #
2251
+ # @!attribute [rw] tags
2252
+ # Key-value pairs that can be used to group and search for connectors.
2253
+ # @return [Array<Types::Tag>]
2254
+ #
2255
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedConnector AWS API Documentation
2256
+ #
2257
+ class DescribedConnector < Struct.new(
2258
+ :arn,
2259
+ :connector_id,
2260
+ :url,
2261
+ :as_2_config,
2262
+ :access_role,
2263
+ :logging_role,
2264
+ :tags)
2265
+ SENSITIVE = []
2266
+ include Aws::Structure
2267
+ end
2268
+
1506
2269
  # The details for an execution object.
1507
2270
  #
1508
2271
  # @!attribute [rw] execution_id
@@ -1517,8 +2280,8 @@ module Aws::Transfer
1517
2280
  # @return [Types::FileLocation]
1518
2281
  #
1519
2282
  # @!attribute [rw] service_metadata
1520
- # A container object for the session details associated with a
1521
- # workflow.
2283
+ # A container object for the session details that are associated with
2284
+ # a workflow.
1522
2285
  # @return [Types::ServiceMetadata]
1523
2286
  #
1524
2287
  # @!attribute [rw] execution_role
@@ -1564,6 +2327,48 @@ module Aws::Transfer
1564
2327
  include Aws::Structure
1565
2328
  end
1566
2329
 
2330
+ # The details for a local or partner AS2 profile. profile.
2331
+ #
2332
+ # @!attribute [rw] arn
2333
+ # The unique Amazon Resource Name (ARN) for the profile.
2334
+ # @return [String]
2335
+ #
2336
+ # @!attribute [rw] profile_id
2337
+ # A unique identifier for the local or partner AS2 profile.
2338
+ # @return [String]
2339
+ #
2340
+ # @!attribute [rw] profile_type
2341
+ # Indicates whether to list only `LOCAL` type profiles or only
2342
+ # `PARTNER` type profiles. If not supplied in the request, the command
2343
+ # lists all types of profiles.
2344
+ # @return [String]
2345
+ #
2346
+ # @!attribute [rw] as_2_id
2347
+ # The unique identifier for the AS2 process.
2348
+ # @return [String]
2349
+ #
2350
+ # @!attribute [rw] certificate_ids
2351
+ # An array of identifiers for the imported certificates. You use this
2352
+ # identifier for working with profiles and partner profiles.
2353
+ # @return [Array<String>]
2354
+ #
2355
+ # @!attribute [rw] tags
2356
+ # Key-value pairs that can be used to group and search for profiles.
2357
+ # @return [Array<Types::Tag>]
2358
+ #
2359
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedProfile AWS API Documentation
2360
+ #
2361
+ class DescribedProfile < Struct.new(
2362
+ :arn,
2363
+ :profile_id,
2364
+ :profile_type,
2365
+ :as_2_id,
2366
+ :certificate_ids,
2367
+ :tags)
2368
+ SENSITIVE = []
2369
+ include Aws::Structure
2370
+ end
2371
+
1567
2372
  # Describes the properties of a security policy that was specified. For
1568
2373
  # more information about security policies, see [Working with security
1569
2374
  # policies][1].
@@ -1633,8 +2438,8 @@ module Aws::Transfer
1633
2438
  # The protocol settings that are configured for your server.
1634
2439
  #
1635
2440
  # Use the `PassiveIp` parameter to indicate passive mode. Enter a
1636
- # single dotted-quad IPv4 address, such as the external IP address of
1637
- # a firewall, router, or load balancer.
2441
+ # single IPv4 address, such as the public IP address of a firewall,
2442
+ # router, or load balancer.
1638
2443
  # @return [Types::ProtocolDetails]
1639
2444
  #
1640
2445
  # @!attribute [rw] domain
@@ -1645,10 +2450,10 @@ module Aws::Transfer
1645
2450
  # @!attribute [rw] endpoint_details
1646
2451
  # The virtual private cloud (VPC) endpoint settings that are
1647
2452
  # configured for your server. When you host your endpoint within your
1648
- # VPC, you can make it accessible only to resources within your VPC,
1649
- # or you can attach Elastic IP addresses and make it accessible to
1650
- # clients over the internet. Your VPC's default security groups are
1651
- # automatically assigned to your endpoint.
2453
+ # VPC, you can make your endpoint accessible only to resources within
2454
+ # your VPC, or you can attach Elastic IP addresses and make your
2455
+ # endpoint accessible to clients over the internet. Your VPC's
2456
+ # default security groups are automatically assigned to your endpoint.
1652
2457
  # @return [Types::EndpointDetails]
1653
2458
  #
1654
2459
  # @!attribute [rw] endpoint_type
@@ -1670,38 +2475,37 @@ module Aws::Transfer
1670
2475
  # @return [Types::IdentityProviderDetails]
1671
2476
  #
1672
2477
  # @!attribute [rw] identity_provider_type
1673
- # Specifies the mode of authentication for a server. The default value
1674
- # is `SERVICE_MANAGED`, which allows you to store and access user
1675
- # credentials within the Amazon Web Services Transfer Family service.
2478
+ # The mode of authentication for a server. The default value is
2479
+ # `SERVICE_MANAGED`, which allows you to store and access user
2480
+ # credentials within the Transfer Family service.
1676
2481
  #
1677
2482
  # Use `AWS_DIRECTORY_SERVICE` to provide access to Active Directory
1678
- # groups in Amazon Web Services Managed Active Directory or Microsoft
1679
- # Active Directory in your on-premises environment or in Amazon Web
1680
- # Services using AD Connectors. This option also requires you to
1681
- # provide a Directory ID using the `IdentityProviderDetails`
2483
+ # groups in Directory Service for Microsoft Active Directory or
2484
+ # Microsoft Active Directory in your on-premises environment or in
2485
+ # Amazon Web Services using AD Connector. This option also requires
2486
+ # you to provide a Directory ID by using the `IdentityProviderDetails`
1682
2487
  # parameter.
1683
2488
  #
1684
2489
  # Use the `API_GATEWAY` value to integrate with an identity provider
1685
2490
  # of your choosing. The `API_GATEWAY` setting requires you to provide
1686
- # an API Gateway endpoint URL to call for authentication using the
1687
- # `IdentityProviderDetails` parameter.
2491
+ # an Amazon API Gateway endpoint URL to call for authentication by
2492
+ # using the `IdentityProviderDetails` parameter.
1688
2493
  #
1689
- # Use the `AWS_LAMBDA` value to directly use a Lambda function as your
1690
- # identity provider. If you choose this value, you must specify the
1691
- # ARN for the lambda function in the `Function` parameter for the
2494
+ # Use the `AWS_LAMBDA` value to directly use an Lambda function as
2495
+ # your identity provider. If you choose this value, you must specify
2496
+ # the ARN for the Lambda function in the `Function` parameter or the
1692
2497
  # `IdentityProviderDetails` data type.
1693
2498
  # @return [String]
1694
2499
  #
1695
2500
  # @!attribute [rw] logging_role
1696
- # Specifies the Amazon Resource Name (ARN) of the Amazon Web Services
1697
- # Identity and Access Management (IAM) role that allows a server to
1698
- # turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS
1699
- # events. When set, user activity can be viewed in your CloudWatch
1700
- # logs.
2501
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
2502
+ # (IAM) role that allows a server to turn on Amazon CloudWatch logging
2503
+ # for Amazon S3 or Amazon EFSevents. When set, you can view user
2504
+ # activity in your CloudWatch logs.
1701
2505
  # @return [String]
1702
2506
  #
1703
2507
  # @!attribute [rw] post_authentication_login_banner
1704
- # Specify a string to display when users connect to a server. This
2508
+ # Specifies a string to display when users connect to a server. This
1705
2509
  # string is displayed after the user authenticates.
1706
2510
  #
1707
2511
  # <note markdown="1"> The SFTP protocol does not support post-authentication display
@@ -1711,9 +2515,9 @@ module Aws::Transfer
1711
2515
  # @return [String]
1712
2516
  #
1713
2517
  # @!attribute [rw] pre_authentication_login_banner
1714
- # Specify a string to display when users connect to a server. This
2518
+ # Specifies a string to display when users connect to a server. This
1715
2519
  # string is displayed before the user authenticates. For example, the
1716
- # following banner displays details about using the system.
2520
+ # following banner displays details about using the system:
1717
2521
  #
1718
2522
  # `This system is for the use of authorized users only. Individuals
1719
2523
  # using this computer system without authority, or in excess of their
@@ -1746,10 +2550,10 @@ module Aws::Transfer
1746
2550
  # @return [String]
1747
2551
  #
1748
2552
  # @!attribute [rw] state
1749
- # Specifies the condition of a server for the server that was
1750
- # described. A value of `ONLINE` indicates that the server can accept
1751
- # jobs and transfer files. A `State` value of `OFFLINE` means that the
1752
- # server cannot perform file transfer operations.
2553
+ # The condition of the server that was described. A value of `ONLINE`
2554
+ # indicates that the server can accept jobs and transfer files. A
2555
+ # `State` value of `OFFLINE` means that the server cannot perform file
2556
+ # transfer operations.
1753
2557
  #
1754
2558
  # The states of `STARTING` and `STOPPING` indicate that the server is
1755
2559
  # in an intermediate state, either not fully able to respond, or not
@@ -1769,7 +2573,7 @@ module Aws::Transfer
1769
2573
  #
1770
2574
  # @!attribute [rw] workflow_details
1771
2575
  # Specifies the workflow ID for the workflow to assign and the
1772
- # execution role used for executing the workflow.
2576
+ # execution role that's used for executing the workflow.
1773
2577
  # @return [Types::WorkflowDetails]
1774
2578
  #
1775
2579
  # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedServer AWS API Documentation
@@ -1818,10 +2622,10 @@ module Aws::Transfer
1818
2622
  # make them visible. You must specify the `Entry` and `Target` pair,
1819
2623
  # where `Entry` shows how the path is made visible and `Target` is the
1820
2624
  # actual Amazon S3 or Amazon EFS path. If you only specify a target,
1821
- # it is displayed as is. You also must ensure that your Amazon Web
1822
- # Services Identity and Access Management (IAM) role provides access
1823
- # to paths in `Target`. This value can only be set when
1824
- # `HomeDirectoryType` is set to *LOGICAL*.
2625
+ # it is displayed as is. You also must ensure that your Identity and
2626
+ # Access Management (IAM) role provides access to paths in `Target`.
2627
+ # This value can be set only when `HomeDirectoryType` is set to
2628
+ # *LOGICAL*.
1825
2629
  #
1826
2630
  # In most cases, you can use this value instead of the session policy
1827
2631
  # to lock your user down to the designated home directory
@@ -1830,21 +2634,22 @@ module Aws::Transfer
1830
2634
  # @return [Array<Types::HomeDirectoryMapEntry>]
1831
2635
  #
1832
2636
  # @!attribute [rw] home_directory_type
1833
- # The type of landing directory (folder) you want your users' home
1834
- # directory to be when they log into the server. If you set it to
1835
- # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
1836
- # as is in their file transfer protocol clients. If you set it
2637
+ # The type of landing directory (folder) that you want your users'
2638
+ # home directory to be when they log in to the server. If you set it
2639
+ # to `PATH`, the user will see the absolute Amazon S3 bucket or EFS
2640
+ # paths as is in their file transfer protocol clients. If you set it
1837
2641
  # `LOGICAL`, you need to provide mappings in the
1838
- # `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
1839
- # paths visible to your users.
2642
+ # `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon
2643
+ # EFS paths visible to your users.
1840
2644
  # @return [String]
1841
2645
  #
1842
2646
  # @!attribute [rw] policy
1843
- # A session policy for your user so that you can use the same IAM role
1844
- # across multiple users. This policy scopes down user access to
1845
- # portions of their Amazon S3 bucket. Variables that you can use
1846
- # inside this policy include `$\{Transfer:UserName\}`,
1847
- # `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
2647
+ # A session policy for your user so that you can use the same Identity
2648
+ # and Access Management (IAM) role across multiple users. This policy
2649
+ # scopes down a user's access to portions of their Amazon S3 bucket.
2650
+ # Variables that you can use inside this policy include
2651
+ # `$\{Transfer:UserName\}`, `$\{Transfer:HomeDirectory\}`, and
2652
+ # `$\{Transfer:HomeBucket\}`.
1848
2653
  # @return [String]
1849
2654
  #
1850
2655
  # @!attribute [rw] posix_profile
@@ -1858,14 +2663,14 @@ module Aws::Transfer
1858
2663
  # @return [Types::PosixProfile]
1859
2664
  #
1860
2665
  # @!attribute [rw] role
1861
- # Specifies the Amazon Resource Name (ARN) of the IAM role that
1862
- # controls your users' access to your Amazon S3 bucket or EFS file
1863
- # system. The policies attached to this role determine the level of
1864
- # access that you want to provide your users when transferring files
1865
- # into and out of your Amazon S3 bucket or EFS file system. The IAM
1866
- # role should also contain a trust relationship that allows the server
1867
- # to access your resources when servicing your users' transfer
1868
- # requests.
2666
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
2667
+ # (IAM) role that controls your users' access to your Amazon S3
2668
+ # bucket or Amazon EFS file system. The policies attached to this role
2669
+ # determine the level of access that you want to provide your users
2670
+ # when transferring files into and out of your Amazon S3 bucket or
2671
+ # Amazon EFS file system. The IAM role should also contain a trust
2672
+ # relationship that allows the server to access your resources when
2673
+ # servicing your users' transfer requests.
1869
2674
  # @return [String]
1870
2675
  #
1871
2676
  # @!attribute [rw] ssh_public_keys
@@ -2150,13 +2955,13 @@ module Aws::Transfer
2150
2955
  # @!attribute [rw] step_type
2151
2956
  # One of the available step types.
2152
2957
  #
2153
- # * *COPY*\: copy the file to another location
2958
+ # * *COPY*\: Copy the file to another location.
2154
2959
  #
2155
- # * *CUSTOM*\: custom step with a lambda target
2960
+ # * *CUSTOM*\: Perform a custom step with an Lambda function target.
2156
2961
  #
2157
- # * *DELETE*\: delete the file
2962
+ # * *DELETE*\: Delete the file.
2158
2963
  #
2159
- # * *TAG*\: add a tag to the file
2964
+ # * *TAG*\: Add a tag to the file.
2160
2965
  # @return [String]
2161
2966
  #
2162
2967
  # @!attribute [rw] outputs
@@ -2166,7 +2971,7 @@ module Aws::Transfer
2166
2971
  #
2167
2972
  # @!attribute [rw] error
2168
2973
  # Specifies the details for an error, if it occurred during execution
2169
- # of the specified workfow step.
2974
+ # of the specified workflow step.
2170
2975
  # @return [Types::ExecutionError]
2171
2976
  #
2172
2977
  # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ExecutionStepResult AWS API Documentation
@@ -2183,7 +2988,7 @@ module Aws::Transfer
2183
2988
  #
2184
2989
  # @!attribute [rw] s3_file_location
2185
2990
  # Specifies the S3 details for the file being used, such as bucket,
2186
- # Etag, and so forth.
2991
+ # ETag, and so forth.
2187
2992
  # @return [Types::S3FileLocation]
2188
2993
  #
2189
2994
  # @!attribute [rw] efs_file_location
@@ -2256,8 +3061,8 @@ module Aws::Transfer
2256
3061
  # @return [String]
2257
3062
  #
2258
3063
  # @!attribute [rw] directory_id
2259
- # The identifier of the Amazon Web Services Directory Service
2260
- # directory that you want to stop sharing.
3064
+ # The identifier of the Directory Service directory that you want to
3065
+ # stop sharing.
2261
3066
  # @return [String]
2262
3067
  #
2263
3068
  # @!attribute [rw] function
@@ -2275,6 +3080,90 @@ module Aws::Transfer
2275
3080
  include Aws::Structure
2276
3081
  end
2277
3082
 
3083
+ # @note When making an API call, you may pass ImportCertificateRequest
3084
+ # data as a hash:
3085
+ #
3086
+ # {
3087
+ # usage: "SIGNING", # required, accepts SIGNING, ENCRYPTION
3088
+ # certificate: "CertificateBodyType", # required
3089
+ # certificate_chain: "CertificateChainType",
3090
+ # private_key: "PrivateKeyType",
3091
+ # active_date: Time.now,
3092
+ # inactive_date: Time.now,
3093
+ # description: "Description",
3094
+ # tags: [
3095
+ # {
3096
+ # key: "TagKey", # required
3097
+ # value: "TagValue", # required
3098
+ # },
3099
+ # ],
3100
+ # }
3101
+ #
3102
+ # @!attribute [rw] usage
3103
+ # Specifies whether this certificate is used for signing or
3104
+ # encryption.
3105
+ # @return [String]
3106
+ #
3107
+ # @!attribute [rw] certificate
3108
+ # The file that contains the certificate to import.
3109
+ # @return [String]
3110
+ #
3111
+ # @!attribute [rw] certificate_chain
3112
+ # An optional list of certificates that make up the chain for the
3113
+ # certificate that's being imported.
3114
+ # @return [String]
3115
+ #
3116
+ # @!attribute [rw] private_key
3117
+ # The file that contains the private key for the certificate that's
3118
+ # being imported.
3119
+ # @return [String]
3120
+ #
3121
+ # @!attribute [rw] active_date
3122
+ # An optional date that specifies when the certificate becomes active.
3123
+ # @return [Time]
3124
+ #
3125
+ # @!attribute [rw] inactive_date
3126
+ # An optional date that specifies when the certificate becomes
3127
+ # inactive.
3128
+ # @return [Time]
3129
+ #
3130
+ # @!attribute [rw] description
3131
+ # A short description that helps identify the certificate.
3132
+ # @return [String]
3133
+ #
3134
+ # @!attribute [rw] tags
3135
+ # Key-value pairs that can be used to group and search for
3136
+ # certificates.
3137
+ # @return [Array<Types::Tag>]
3138
+ #
3139
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ImportCertificateRequest AWS API Documentation
3140
+ #
3141
+ class ImportCertificateRequest < Struct.new(
3142
+ :usage,
3143
+ :certificate,
3144
+ :certificate_chain,
3145
+ :private_key,
3146
+ :active_date,
3147
+ :inactive_date,
3148
+ :description,
3149
+ :tags)
3150
+ SENSITIVE = [:certificate, :certificate_chain, :private_key]
3151
+ include Aws::Structure
3152
+ end
3153
+
3154
+ # @!attribute [rw] certificate_id
3155
+ # An array of identifiers for the imported certificates. You use this
3156
+ # identifier for working with profiles and partner profiles.
3157
+ # @return [String]
3158
+ #
3159
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ImportCertificateResponse AWS API Documentation
3160
+ #
3161
+ class ImportCertificateResponse < Struct.new(
3162
+ :certificate_id)
3163
+ SENSITIVE = []
3164
+ include Aws::Structure
3165
+ end
3166
+
2278
3167
  # @note When making an API call, you may pass ImportSshPublicKeyRequest
2279
3168
  # data as a hash:
2280
3169
  #
@@ -2290,6 +3179,8 @@ module Aws::Transfer
2290
3179
  #
2291
3180
  # @!attribute [rw] ssh_public_key_body
2292
3181
  # The public key portion of an SSH key pair.
3182
+ #
3183
+ # Transfer Family accepts RSA, ECDSA, and ED25519 keys.
2293
3184
  # @return [String]
2294
3185
  #
2295
3186
  # @!attribute [rw] user_name
@@ -2469,6 +3360,154 @@ module Aws::Transfer
2469
3360
  include Aws::Structure
2470
3361
  end
2471
3362
 
3363
+ # @note When making an API call, you may pass ListAgreementsRequest
3364
+ # data as a hash:
3365
+ #
3366
+ # {
3367
+ # max_results: 1,
3368
+ # next_token: "NextToken",
3369
+ # server_id: "ServerId", # required
3370
+ # }
3371
+ #
3372
+ # @!attribute [rw] max_results
3373
+ # The maximum number of agreements to return.
3374
+ # @return [Integer]
3375
+ #
3376
+ # @!attribute [rw] next_token
3377
+ # When you can get additional results from the `ListAgreements` call,
3378
+ # a `NextToken` parameter is returned in the output. You can then pass
3379
+ # in a subsequent command to the `NextToken` parameter to continue
3380
+ # listing additional agreements.
3381
+ # @return [String]
3382
+ #
3383
+ # @!attribute [rw] server_id
3384
+ # The identifier of the server for which you want a list of
3385
+ # agreements.
3386
+ # @return [String]
3387
+ #
3388
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListAgreementsRequest AWS API Documentation
3389
+ #
3390
+ class ListAgreementsRequest < Struct.new(
3391
+ :max_results,
3392
+ :next_token,
3393
+ :server_id)
3394
+ SENSITIVE = []
3395
+ include Aws::Structure
3396
+ end
3397
+
3398
+ # @!attribute [rw] next_token
3399
+ # Returns a token that you can use to call `ListAgreements` again and
3400
+ # receive additional results, if there are any.
3401
+ # @return [String]
3402
+ #
3403
+ # @!attribute [rw] agreements
3404
+ # Returns an array, where each item contains the details of an
3405
+ # agreement.
3406
+ # @return [Array<Types::ListedAgreement>]
3407
+ #
3408
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListAgreementsResponse AWS API Documentation
3409
+ #
3410
+ class ListAgreementsResponse < Struct.new(
3411
+ :next_token,
3412
+ :agreements)
3413
+ SENSITIVE = []
3414
+ include Aws::Structure
3415
+ end
3416
+
3417
+ # @note When making an API call, you may pass ListCertificatesRequest
3418
+ # data as a hash:
3419
+ #
3420
+ # {
3421
+ # max_results: 1,
3422
+ # next_token: "NextToken",
3423
+ # }
3424
+ #
3425
+ # @!attribute [rw] max_results
3426
+ # The maximum number of certificates to return.
3427
+ # @return [Integer]
3428
+ #
3429
+ # @!attribute [rw] next_token
3430
+ # When you can get additional results from the `ListCertificates`
3431
+ # call, a `NextToken` parameter is returned in the output. You can
3432
+ # then pass in a subsequent command to the `NextToken` parameter to
3433
+ # continue listing additional certificates.
3434
+ # @return [String]
3435
+ #
3436
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListCertificatesRequest AWS API Documentation
3437
+ #
3438
+ class ListCertificatesRequest < Struct.new(
3439
+ :max_results,
3440
+ :next_token)
3441
+ SENSITIVE = []
3442
+ include Aws::Structure
3443
+ end
3444
+
3445
+ # @!attribute [rw] next_token
3446
+ # Returns the next token, which you can use to list the next
3447
+ # certificate.
3448
+ # @return [String]
3449
+ #
3450
+ # @!attribute [rw] certificates
3451
+ # Returns an array of the certificates that are specified in the
3452
+ # `ListCertificates` call.
3453
+ # @return [Array<Types::ListedCertificate>]
3454
+ #
3455
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListCertificatesResponse AWS API Documentation
3456
+ #
3457
+ class ListCertificatesResponse < Struct.new(
3458
+ :next_token,
3459
+ :certificates)
3460
+ SENSITIVE = []
3461
+ include Aws::Structure
3462
+ end
3463
+
3464
+ # @note When making an API call, you may pass ListConnectorsRequest
3465
+ # data as a hash:
3466
+ #
3467
+ # {
3468
+ # max_results: 1,
3469
+ # next_token: "NextToken",
3470
+ # }
3471
+ #
3472
+ # @!attribute [rw] max_results
3473
+ # The maximum number of connectors to return.
3474
+ # @return [Integer]
3475
+ #
3476
+ # @!attribute [rw] next_token
3477
+ # When you can get additional results from the `ListConnectors` call,
3478
+ # a `NextToken` parameter is returned in the output. You can then pass
3479
+ # in a subsequent command to the `NextToken` parameter to continue
3480
+ # listing additional connectors.
3481
+ # @return [String]
3482
+ #
3483
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListConnectorsRequest AWS API Documentation
3484
+ #
3485
+ class ListConnectorsRequest < Struct.new(
3486
+ :max_results,
3487
+ :next_token)
3488
+ SENSITIVE = []
3489
+ include Aws::Structure
3490
+ end
3491
+
3492
+ # @!attribute [rw] next_token
3493
+ # Returns a token that you can use to call `ListConnectors` again and
3494
+ # receive additional results, if there are any.
3495
+ # @return [String]
3496
+ #
3497
+ # @!attribute [rw] connectors
3498
+ # Returns an array, where each item contains the details of a
3499
+ # connector.
3500
+ # @return [Array<Types::ListedConnector>]
3501
+ #
3502
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListConnectorsResponse AWS API Documentation
3503
+ #
3504
+ class ListConnectorsResponse < Struct.new(
3505
+ :next_token,
3506
+ :connectors)
3507
+ SENSITIVE = []
3508
+ include Aws::Structure
3509
+ end
3510
+
2472
3511
  # @note When making an API call, you may pass ListExecutionsRequest
2473
3512
  # data as a hash:
2474
3513
  #
@@ -2479,7 +3518,7 @@ module Aws::Transfer
2479
3518
  # }
2480
3519
  #
2481
3520
  # @!attribute [rw] max_results
2482
- # Specifies the aximum number of executions to return.
3521
+ # Specifies the maximum number of executions to return.
2483
3522
  # @return [Integer]
2484
3523
  #
2485
3524
  # @!attribute [rw] next_token
@@ -2489,13 +3528,13 @@ module Aws::Transfer
2489
3528
  #
2490
3529
  # This is useful for pagination, for instance. If you have 100
2491
3530
  # executions for a workflow, you might only want to list first 10. If
2492
- # so, callthe API by specifing the `max-results`\:
3531
+ # so, call the API by specifying the `max-results`\:
2493
3532
  #
2494
3533
  # `aws transfer list-executions --max-results 10`
2495
3534
  #
2496
3535
  # This returns details for the first 10 executions, as well as the
2497
3536
  # pointer (`NextToken`) to the eleventh execution. You can now call
2498
- # the API again, suppling the `NextToken` value you received:
3537
+ # the API again, supplying the `NextToken` value you received:
2499
3538
  #
2500
3539
  # `aws transfer list-executions --max-results 10 --next-token
2501
3540
  # $somePointerReturnedFromPreviousListResult`
@@ -2541,16 +3580,69 @@ module Aws::Transfer
2541
3580
  # * **Executions**\: details of the execution, including the execution
2542
3581
  # ID, initial file location, and Service metadata.
2543
3582
  #
2544
- # * **Status**\: one of the following values: `IN_PROGRESS`,
2545
- # `COMPLETED`, `EXCEPTION`, `HANDLING_EXEPTION`.
2546
- # @return [Array<Types::ListedExecution>]
3583
+ # * **Status**\: one of the following values: `IN_PROGRESS`,
3584
+ # `COMPLETED`, `EXCEPTION`, `HANDLING_EXEPTION`.
3585
+ # @return [Array<Types::ListedExecution>]
3586
+ #
3587
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListExecutionsResponse AWS API Documentation
3588
+ #
3589
+ class ListExecutionsResponse < Struct.new(
3590
+ :next_token,
3591
+ :workflow_id,
3592
+ :executions)
3593
+ SENSITIVE = []
3594
+ include Aws::Structure
3595
+ end
3596
+
3597
+ # @note When making an API call, you may pass ListProfilesRequest
3598
+ # data as a hash:
3599
+ #
3600
+ # {
3601
+ # max_results: 1,
3602
+ # next_token: "NextToken",
3603
+ # profile_type: "LOCAL", # accepts LOCAL, PARTNER
3604
+ # }
3605
+ #
3606
+ # @!attribute [rw] max_results
3607
+ # The maximum number of profiles to return.
3608
+ # @return [Integer]
3609
+ #
3610
+ # @!attribute [rw] next_token
3611
+ # When there are additional results that were not returned, a
3612
+ # `NextToken` parameter is returned. You can use that value for a
3613
+ # subsequent call to `ListProfiles` to continue listing results.
3614
+ # @return [String]
3615
+ #
3616
+ # @!attribute [rw] profile_type
3617
+ # Indicates whether to list only `LOCAL` type profiles or only
3618
+ # `PARTNER` type profiles. If not supplied in the request, the command
3619
+ # lists all types of profiles.
3620
+ # @return [String]
3621
+ #
3622
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListProfilesRequest AWS API Documentation
3623
+ #
3624
+ class ListProfilesRequest < Struct.new(
3625
+ :max_results,
3626
+ :next_token,
3627
+ :profile_type)
3628
+ SENSITIVE = []
3629
+ include Aws::Structure
3630
+ end
3631
+
3632
+ # @!attribute [rw] next_token
3633
+ # Returns a token that you can use to call `ListProfiles` again and
3634
+ # receive additional results, if there are any.
3635
+ # @return [String]
3636
+ #
3637
+ # @!attribute [rw] profiles
3638
+ # Returns an array, where each item contains the details of a profile.
3639
+ # @return [Array<Types::ListedProfile>]
2547
3640
  #
2548
- # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListExecutionsResponse AWS API Documentation
3641
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListProfilesResponse AWS API Documentation
2549
3642
  #
2550
- class ListExecutionsResponse < Struct.new(
3643
+ class ListProfilesResponse < Struct.new(
2551
3644
  :next_token,
2552
- :workflow_id,
2553
- :executions)
3645
+ :profiles)
2554
3646
  SENSITIVE = []
2555
3647
  include Aws::Structure
2556
3648
  end
@@ -2837,33 +3929,33 @@ module Aws::Transfer
2837
3929
  # @return [String]
2838
3930
  #
2839
3931
  # @!attribute [rw] home_directory_type
2840
- # The type of landing directory (folder) you want your users' home
2841
- # directory to be when they log into the server. If you set it to
2842
- # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
2843
- # as is in their file transfer protocol clients. If you set it
3932
+ # The type of landing directory (folder) that you want your users'
3933
+ # home directory to be when they log in to the server. If you set it
3934
+ # to `PATH`, the user will see the absolute Amazon S3 bucket or EFS
3935
+ # paths as is in their file transfer protocol clients. If you set it
2844
3936
  # `LOGICAL`, you need to provide mappings in the
2845
- # `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
2846
- # paths visible to your users.
3937
+ # `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon
3938
+ # EFS paths visible to your users.
2847
3939
  # @return [String]
2848
3940
  #
2849
3941
  # @!attribute [rw] role
2850
- # Specifies the Amazon Resource Name (ARN) of the IAM role that
2851
- # controls your users' access to your Amazon S3 bucket or EFS file
2852
- # system. The policies attached to this role determine the level of
2853
- # access that you want to provide your users when transferring files
2854
- # into and out of your Amazon S3 bucket or EFS file system. The IAM
2855
- # role should also contain a trust relationship that allows the server
2856
- # to access your resources when servicing your users' transfer
2857
- # requests.
3942
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
3943
+ # (IAM) role that controls your users' access to your Amazon S3
3944
+ # bucket or Amazon EFS file system. The policies attached to this role
3945
+ # determine the level of access that you want to provide your users
3946
+ # when transferring files into and out of your Amazon S3 bucket or
3947
+ # Amazon EFS file system. The IAM role should also contain a trust
3948
+ # relationship that allows the server to access your resources when
3949
+ # servicing your users' transfer requests.
2858
3950
  # @return [String]
2859
3951
  #
2860
3952
  # @!attribute [rw] external_id
2861
3953
  # A unique identifier that is required to identify specific groups
2862
3954
  # within your directory. The users of the group that you associate
2863
3955
  # have access to your Amazon S3 or Amazon EFS resources over the
2864
- # enabled protocols using Amazon Web Services Transfer Family. If you
2865
- # know the group name, you can view the SID values by running the
2866
- # following command using Windows PowerShell.
3956
+ # enabled protocols using Transfer Family. If you know the group name,
3957
+ # you can view the SID values by running the following command using
3958
+ # Windows PowerShell.
2867
3959
  #
2868
3960
  # `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\}
2869
3961
  # -Properties * | Select SamAccountName,ObjectSid`
@@ -2871,10 +3963,10 @@ module Aws::Transfer
2871
3963
  # In that command, replace *YourGroupName* with the name of your
2872
3964
  # Active Directory group.
2873
3965
  #
2874
- # The regex used to validate this parameter is a string of characters
2875
- # consisting of uppercase and lowercase alphanumeric characters with
2876
- # no spaces. You can also include underscores or any of the following
2877
- # characters: =,.@:/-
3966
+ # The regular expression used to validate this parameter is a string
3967
+ # of characters consisting of uppercase and lowercase alphanumeric
3968
+ # characters with no spaces. You can also include underscores or any
3969
+ # of the following characters: =,.@:/-
2878
3970
  # @return [String]
2879
3971
  #
2880
3972
  # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListedAccess AWS API Documentation
@@ -2888,6 +3980,134 @@ module Aws::Transfer
2888
3980
  include Aws::Structure
2889
3981
  end
2890
3982
 
3983
+ # Describes the properties of an agreement.
3984
+ #
3985
+ # @!attribute [rw] arn
3986
+ # The Amazon Resource Name (ARN) of the specified agreement.
3987
+ # @return [String]
3988
+ #
3989
+ # @!attribute [rw] agreement_id
3990
+ # A unique identifier for the agreement. This identifier is returned
3991
+ # when you create an agreement.
3992
+ # @return [String]
3993
+ #
3994
+ # @!attribute [rw] description
3995
+ # The current description for the agreement. You can change it by
3996
+ # calling the `UpdateAgreement` operation and providing a new
3997
+ # description.
3998
+ # @return [String]
3999
+ #
4000
+ # @!attribute [rw] status
4001
+ # The agreement can be either `ACTIVE` or `INACTIVE`.
4002
+ # @return [String]
4003
+ #
4004
+ # @!attribute [rw] server_id
4005
+ # The unique identifier for the agreement.
4006
+ # @return [String]
4007
+ #
4008
+ # @!attribute [rw] local_profile_id
4009
+ # A unique identifier for the AS2 process.
4010
+ # @return [String]
4011
+ #
4012
+ # @!attribute [rw] partner_profile_id
4013
+ # A unique identifier for the partner process.
4014
+ # @return [String]
4015
+ #
4016
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListedAgreement AWS API Documentation
4017
+ #
4018
+ class ListedAgreement < Struct.new(
4019
+ :arn,
4020
+ :agreement_id,
4021
+ :description,
4022
+ :status,
4023
+ :server_id,
4024
+ :local_profile_id,
4025
+ :partner_profile_id)
4026
+ SENSITIVE = []
4027
+ include Aws::Structure
4028
+ end
4029
+
4030
+ # Describes the properties of a certificate.
4031
+ #
4032
+ # @!attribute [rw] arn
4033
+ # The Amazon Resource Name (ARN) of the specified certificate.
4034
+ # @return [String]
4035
+ #
4036
+ # @!attribute [rw] certificate_id
4037
+ # An array of identifiers for the imported certificates. You use this
4038
+ # identifier for working with profiles and partner profiles.
4039
+ # @return [String]
4040
+ #
4041
+ # @!attribute [rw] usage
4042
+ # Specifies whether this certificate is used for signing or
4043
+ # encryption.
4044
+ # @return [String]
4045
+ #
4046
+ # @!attribute [rw] status
4047
+ # The certificate can be either `ACTIVE`, `PENDING_ROTATION`, or
4048
+ # `INACTIVE`. `PENDING_ROTATION` means that this certificate will
4049
+ # replace the current certificate when it expires.
4050
+ # @return [String]
4051
+ #
4052
+ # @!attribute [rw] active_date
4053
+ # An optional date that specifies when the certificate becomes active.
4054
+ # @return [Time]
4055
+ #
4056
+ # @!attribute [rw] inactive_date
4057
+ # An optional date that specifies when the certificate becomes
4058
+ # inactive.
4059
+ # @return [Time]
4060
+ #
4061
+ # @!attribute [rw] type
4062
+ # The type for the certificate. If a private key has been specified
4063
+ # for the certificate, its type is `CERTIFICATE_WITH_PRIVATE_KEY`. If
4064
+ # there is no private key, the type is `CERTIFICATE`.
4065
+ # @return [String]
4066
+ #
4067
+ # @!attribute [rw] description
4068
+ # The name or short description that's used to identify the
4069
+ # certificate.
4070
+ # @return [String]
4071
+ #
4072
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListedCertificate AWS API Documentation
4073
+ #
4074
+ class ListedCertificate < Struct.new(
4075
+ :arn,
4076
+ :certificate_id,
4077
+ :usage,
4078
+ :status,
4079
+ :active_date,
4080
+ :inactive_date,
4081
+ :type,
4082
+ :description)
4083
+ SENSITIVE = []
4084
+ include Aws::Structure
4085
+ end
4086
+
4087
+ # Returns details of the connector that is specified.
4088
+ #
4089
+ # @!attribute [rw] arn
4090
+ # The Amazon Resource Name (ARN) of the specified connector.
4091
+ # @return [String]
4092
+ #
4093
+ # @!attribute [rw] connector_id
4094
+ # The unique identifier for the connector.
4095
+ # @return [String]
4096
+ #
4097
+ # @!attribute [rw] url
4098
+ # The URL of the partner's AS2 endpoint.
4099
+ # @return [String]
4100
+ #
4101
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListedConnector AWS API Documentation
4102
+ #
4103
+ class ListedConnector < Struct.new(
4104
+ :arn,
4105
+ :connector_id,
4106
+ :url)
4107
+ SENSITIVE = []
4108
+ include Aws::Structure
4109
+ end
4110
+
2891
4111
  # Returns properties of the execution that is specified.
2892
4112
  #
2893
4113
  # @!attribute [rw] execution_id
@@ -2902,8 +4122,8 @@ module Aws::Transfer
2902
4122
  # @return [Types::FileLocation]
2903
4123
  #
2904
4124
  # @!attribute [rw] service_metadata
2905
- # A container object for the session details associated with a
2906
- # workflow.
4125
+ # A container object for the session details that are associated with
4126
+ # a workflow.
2907
4127
  # @return [Types::ServiceMetadata]
2908
4128
  #
2909
4129
  # @!attribute [rw] status
@@ -2922,6 +4142,37 @@ module Aws::Transfer
2922
4142
  include Aws::Structure
2923
4143
  end
2924
4144
 
4145
+ # Returns the properties of the profile that was specified.
4146
+ #
4147
+ # @!attribute [rw] arn
4148
+ # The Amazon Resource Name (ARN) of the specified profile.
4149
+ # @return [String]
4150
+ #
4151
+ # @!attribute [rw] profile_id
4152
+ # A unique identifier for the local or partner AS2 profile.
4153
+ # @return [String]
4154
+ #
4155
+ # @!attribute [rw] as_2_id
4156
+ # The unique identifier for the AS2 process.
4157
+ # @return [String]
4158
+ #
4159
+ # @!attribute [rw] profile_type
4160
+ # Indicates whether to list only `LOCAL` type profiles or only
4161
+ # `PARTNER` type profiles. If not supplied in the request, the command
4162
+ # lists all types of profiles.
4163
+ # @return [String]
4164
+ #
4165
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListedProfile AWS API Documentation
4166
+ #
4167
+ class ListedProfile < Struct.new(
4168
+ :arn,
4169
+ :profile_id,
4170
+ :as_2_id,
4171
+ :profile_type)
4172
+ SENSITIVE = []
4173
+ include Aws::Structure
4174
+ end
4175
+
2925
4176
  # Returns properties of a file transfer protocol-enabled server that was
2926
4177
  # specified.
2927
4178
  #
@@ -2936,25 +4187,25 @@ module Aws::Transfer
2936
4187
  # @return [String]
2937
4188
  #
2938
4189
  # @!attribute [rw] identity_provider_type
2939
- # Specifies the mode of authentication for a server. The default value
2940
- # is `SERVICE_MANAGED`, which allows you to store and access user
2941
- # credentials within the Amazon Web Services Transfer Family service.
4190
+ # The mode of authentication for a server. The default value is
4191
+ # `SERVICE_MANAGED`, which allows you to store and access user
4192
+ # credentials within the Transfer Family service.
2942
4193
  #
2943
4194
  # Use `AWS_DIRECTORY_SERVICE` to provide access to Active Directory
2944
- # groups in Amazon Web Services Managed Active Directory or Microsoft
2945
- # Active Directory in your on-premises environment or in Amazon Web
2946
- # Services using AD Connectors. This option also requires you to
2947
- # provide a Directory ID using the `IdentityProviderDetails`
4195
+ # groups in Directory Service for Microsoft Active Directory or
4196
+ # Microsoft Active Directory in your on-premises environment or in
4197
+ # Amazon Web Services using AD Connector. This option also requires
4198
+ # you to provide a Directory ID by using the `IdentityProviderDetails`
2948
4199
  # parameter.
2949
4200
  #
2950
4201
  # Use the `API_GATEWAY` value to integrate with an identity provider
2951
4202
  # of your choosing. The `API_GATEWAY` setting requires you to provide
2952
- # an API Gateway endpoint URL to call for authentication using the
2953
- # `IdentityProviderDetails` parameter.
4203
+ # an Amazon API Gateway endpoint URL to call for authentication by
4204
+ # using the `IdentityProviderDetails` parameter.
2954
4205
  #
2955
- # Use the `AWS_LAMBDA` value to directly use a Lambda function as your
2956
- # identity provider. If you choose this value, you must specify the
2957
- # ARN for the lambda function in the `Function` parameter for the
4206
+ # Use the `AWS_LAMBDA` value to directly use an Lambda function as
4207
+ # your identity provider. If you choose this value, you must specify
4208
+ # the ARN for the Lambda function in the `Function` parameter or the
2958
4209
  # `IdentityProviderDetails` data type.
2959
4210
  # @return [String]
2960
4211
  #
@@ -2965,11 +4216,10 @@ module Aws::Transfer
2965
4216
  # @return [String]
2966
4217
  #
2967
4218
  # @!attribute [rw] logging_role
2968
- # Specifies the Amazon Resource Name (ARN) of the Amazon Web Services
2969
- # Identity and Access Management (IAM) role that allows a server to
2970
- # turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS
2971
- # events. When set, user activity can be viewed in your CloudWatch
2972
- # logs.
4219
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
4220
+ # (IAM) role that allows a server to turn on Amazon CloudWatch logging
4221
+ # for Amazon S3 or Amazon EFSevents. When set, you can view user
4222
+ # activity in your CloudWatch logs.
2973
4223
  # @return [String]
2974
4224
  #
2975
4225
  # @!attribute [rw] server_id
@@ -2978,10 +4228,10 @@ module Aws::Transfer
2978
4228
  # @return [String]
2979
4229
  #
2980
4230
  # @!attribute [rw] state
2981
- # Specifies the condition of a server for the server that was
2982
- # described. A value of `ONLINE` indicates that the server can accept
2983
- # jobs and transfer files. A `State` value of `OFFLINE` means that the
2984
- # server cannot perform file transfer operations.
4231
+ # The condition of the server that was described. A value of `ONLINE`
4232
+ # indicates that the server can accept jobs and transfer files. A
4233
+ # `State` value of `OFFLINE` means that the server cannot perform file
4234
+ # transfer operations.
2985
4235
  #
2986
4236
  # The states of `STARTING` and `STOPPING` indicate that the server is
2987
4237
  # in an intermediate state, either not fully able to respond, or not
@@ -3024,24 +4274,24 @@ module Aws::Transfer
3024
4274
  # @return [String]
3025
4275
  #
3026
4276
  # @!attribute [rw] home_directory_type
3027
- # The type of landing directory (folder) you want your users' home
3028
- # directory to be when they log into the server. If you set it to
3029
- # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
3030
- # as is in their file transfer protocol clients. If you set it
4277
+ # The type of landing directory (folder) that you want your users'
4278
+ # home directory to be when they log in to the server. If you set it
4279
+ # to `PATH`, the user will see the absolute Amazon S3 bucket or EFS
4280
+ # paths as is in their file transfer protocol clients. If you set it
3031
4281
  # `LOGICAL`, you need to provide mappings in the
3032
- # `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
3033
- # paths visible to your users.
4282
+ # `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon
4283
+ # EFS paths visible to your users.
3034
4284
  # @return [String]
3035
4285
  #
3036
4286
  # @!attribute [rw] role
3037
- # Specifies the Amazon Resource Name (ARN) of the IAM role that
3038
- # controls your users' access to your Amazon S3 bucket or EFS file
3039
- # system. The policies attached to this role determine the level of
3040
- # access that you want to provide your users when transferring files
3041
- # into and out of your Amazon S3 bucket or EFS file system. The IAM
3042
- # role should also contain a trust relationship that allows the server
3043
- # to access your resources when servicing your users' transfer
3044
- # requests.
4287
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
4288
+ # (IAM) role that controls your users' access to your Amazon S3
4289
+ # bucket or Amazon EFS file system. The policies attached to this role
4290
+ # determine the level of access that you want to provide your users
4291
+ # when transferring files into and out of your Amazon S3 bucket or
4292
+ # Amazon EFS file system. The IAM role should also contain a trust
4293
+ # relationship that allows the server to access your resources when
4294
+ # servicing your users' transfer requests.
3045
4295
  #
3046
4296
  # <note markdown="1"> The IAM role that controls your users' access to your Amazon S3
3047
4297
  # bucket for servers with `Domain=S3`, or your EFS file system for
@@ -3105,16 +4355,15 @@ module Aws::Transfer
3105
4355
  # Consists of the logging role and the log group name.
3106
4356
  #
3107
4357
  # @!attribute [rw] logging_role
3108
- # Specifies the Amazon Resource Name (ARN) of the Amazon Web Services
3109
- # Identity and Access Management (IAM) role that allows a server to
3110
- # turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS
3111
- # events. When set, user activity can be viewed in your CloudWatch
3112
- # logs.
4358
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
4359
+ # (IAM) role that allows a server to turn on Amazon CloudWatch logging
4360
+ # for Amazon S3 or Amazon EFSevents. When set, you can view user
4361
+ # activity in your CloudWatch logs.
3113
4362
  # @return [String]
3114
4363
  #
3115
4364
  # @!attribute [rw] log_group_name
3116
- # The name of the CloudWatch logging group for the Amazon Web Services
3117
- # Transfer server to which this workflow belongs.
4365
+ # The name of the CloudWatch logging group for the Transfer Family
4366
+ # server to which this workflow belongs.
3118
4367
  # @return [String]
3119
4368
  #
3120
4369
  # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/LoggingConfiguration AWS API Documentation
@@ -3173,12 +4422,14 @@ module Aws::Transfer
3173
4422
  # {
3174
4423
  # passive_ip: "PassiveIp",
3175
4424
  # tls_session_resumption_mode: "DISABLED", # accepts DISABLED, ENABLED, ENFORCED
4425
+ # set_stat_option: "DEFAULT", # accepts DEFAULT, ENABLE_NO_OP
4426
+ # as_2_transports: ["HTTP"], # accepts HTTP
3176
4427
  # }
3177
4428
  #
3178
4429
  # @!attribute [rw] passive_ip
3179
4430
  # Indicates passive mode, for FTP and FTPS protocols. Enter a single
3180
- # dotted-quad IPv4 address, such as the external IP address of a
3181
- # firewall, router, or load balancer. For example:
4431
+ # IPv4 address, such as the public IP address of a firewall, router,
4432
+ # or load balancer. For example:
3182
4433
  #
3183
4434
  # ` aws transfer update-server --protocol-details PassiveIp=0.0.0.0 `
3184
4435
  #
@@ -3186,10 +4437,10 @@ module Aws::Transfer
3186
4437
  # you want to use.
3187
4438
  #
3188
4439
  # <note markdown="1"> If you change the `PassiveIp` value, you must stop and then restart
3189
- # your Transfer server for the change to take effect. For details on
3190
- # using Passive IP (PASV) in a NAT environment, see [Configuring your
3191
- # FTPS server behind a firewall or NAT with Amazon Web Services
3192
- # Transfer Family][1].
4440
+ # your Transfer Family server for the change to take effect. For
4441
+ # details on using passive mode (PASV) in a NAT environment, see
4442
+ # [Configuring your FTPS server behind a firewall or NAT with Transfer
4443
+ # Family][1].
3193
4444
  #
3194
4445
  # </note>
3195
4446
  #
@@ -3199,14 +4450,15 @@ module Aws::Transfer
3199
4450
  # @return [String]
3200
4451
  #
3201
4452
  # @!attribute [rw] tls_session_resumption_mode
3202
- # A property used with Transfer servers that use the FTPS protocol.
3203
- # TLS Session Resumption provides a mechanism to resume or share a
3204
- # negotiated secret key between the control and data connection for an
3205
- # FTPS session. `TlsSessionResumptionMode` determines whether or not
3206
- # the server resumes recent, negotiated sessions through a unique
3207
- # session ID. This property is available during `CreateServer` and
3208
- # `UpdateServer` calls. If a `TlsSessionResumptionMode` value is not
3209
- # specified during CreateServer, it is set to `ENFORCED` by default.
4453
+ # A property used with Transfer Family servers that use the FTPS
4454
+ # protocol. TLS Session Resumption provides a mechanism to resume or
4455
+ # share a negotiated secret key between the control and data
4456
+ # connection for an FTPS session. `TlsSessionResumptionMode`
4457
+ # determines whether or not the server resumes recent, negotiated
4458
+ # sessions through a unique session ID. This property is available
4459
+ # during `CreateServer` and `UpdateServer` calls. If a
4460
+ # `TlsSessionResumptionMode` value is not specified during
4461
+ # `CreateServer`, it is set to `ENFORCED` by default.
3210
4462
  #
3211
4463
  # * `DISABLED`\: the server does not process TLS session resumption
3212
4464
  # client requests and creates a new TLS session for each request.
@@ -3231,11 +4483,45 @@ module Aws::Transfer
3231
4483
  # </note>
3232
4484
  # @return [String]
3233
4485
  #
4486
+ # @!attribute [rw] set_stat_option
4487
+ # Use the `SetStatOption` to ignore the error that is generated when
4488
+ # the client attempts to use `SETSTAT` on a file you are uploading to
4489
+ # an S3 bucket.
4490
+ #
4491
+ # Some SFTP file transfer clients can attempt to change the attributes
4492
+ # of remote files, including timestamp and permissions, using
4493
+ # commands, such as `SETSTAT` when uploading the file. However, these
4494
+ # commands are not compatible with object storage systems, such as
4495
+ # Amazon S3. Due to this incompatibility, file uploads from these
4496
+ # clients can result in errors even when the file is otherwise
4497
+ # successfully uploaded.
4498
+ #
4499
+ # Set the value to `ENABLE_NO_OP` to have the Transfer Family server
4500
+ # ignore the `SETSTAT` command, and upload files without needing to
4501
+ # make any changes to your SFTP client. While the `SetStatOption`
4502
+ # `ENABLE_NO_OP` setting ignores the error, it does generate a log
4503
+ # entry in Amazon CloudWatch Logs, so you can determine when the
4504
+ # client is making a `SETSTAT` call.
4505
+ #
4506
+ # <note markdown="1"> If you want to preserve the original timestamp for your file, and
4507
+ # modify other file attributes using `SETSTAT`, you can use Amazon EFS
4508
+ # as backend storage with Transfer Family.
4509
+ #
4510
+ # </note>
4511
+ # @return [String]
4512
+ #
4513
+ # @!attribute [rw] as_2_transports
4514
+ # Indicates the transport method for the AS2 messages. Currently, only
4515
+ # HTTP is supported.
4516
+ # @return [Array<String>]
4517
+ #
3234
4518
  # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ProtocolDetails AWS API Documentation
3235
4519
  #
3236
4520
  class ProtocolDetails < Struct.new(
3237
4521
  :passive_ip,
3238
- :tls_session_resumption_mode)
4522
+ :tls_session_resumption_mode,
4523
+ :set_stat_option,
4524
+ :as_2_transports)
3239
4525
  SENSITIVE = []
3240
4526
  include Aws::Structure
3241
4527
  end
@@ -3283,16 +4569,16 @@ module Aws::Transfer
3283
4569
  include Aws::Structure
3284
4570
  end
3285
4571
 
3286
- # Specifies the details for the file location for the file being used in
3287
- # the workflow. Only applicable if you are using S3 storage.
4572
+ # Specifies the details for the file location for the file that's being
4573
+ # used in the workflow. Only applicable if you are using S3 storage.
3288
4574
  #
3289
4575
  # @!attribute [rw] bucket
3290
4576
  # Specifies the S3 bucket that contains the file being used.
3291
4577
  # @return [String]
3292
4578
  #
3293
4579
  # @!attribute [rw] key
3294
- # The name assigned to the file when it was created in S3. You use the
3295
- # object key to retrieve the object.
4580
+ # The name assigned to the file when it was created in Amazon S3. You
4581
+ # use the object key to retrieve the object.
3296
4582
  # @return [String]
3297
4583
  #
3298
4584
  # @!attribute [rw] version_id
@@ -3346,8 +4632,8 @@ module Aws::Transfer
3346
4632
  # @return [String]
3347
4633
  #
3348
4634
  # @!attribute [rw] key
3349
- # The name assigned to the file when it was created in S3. You use the
3350
- # object key to retrieve the object.
4635
+ # The name assigned to the file when it was created in Amazon S3. You
4636
+ # use the object key to retrieve the object.
3351
4637
  # @return [String]
3352
4638
  #
3353
4639
  # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/S3InputFileLocation AWS API Documentation
@@ -3429,7 +4715,8 @@ module Aws::Transfer
3429
4715
  #
3430
4716
  class SendWorkflowStepStateResponse < Aws::EmptyStructure; end
3431
4717
 
3432
- # A container object for the session details associated with a workflow.
4718
+ # A container object for the session details that are associated with a
4719
+ # workflow.
3433
4720
  #
3434
4721
  # @!attribute [rw] user_details
3435
4722
  # The Server ID (`ServerId`), Session ID (`SessionId`) and user
@@ -3473,6 +4760,8 @@ module Aws::Transfer
3473
4760
  # @!attribute [rw] ssh_public_key_body
3474
4761
  # Specifies the content of the SSH public key as specified by the
3475
4762
  # `PublicKeyId`.
4763
+ #
4764
+ # Transfer Family accepts RSA, ECDSA, and ED25519 keys.
3476
4765
  # @return [String]
3477
4766
  #
3478
4767
  # @!attribute [rw] ssh_public_key_id
@@ -3490,6 +4779,45 @@ module Aws::Transfer
3490
4779
  include Aws::Structure
3491
4780
  end
3492
4781
 
4782
+ # @note When making an API call, you may pass StartFileTransferRequest
4783
+ # data as a hash:
4784
+ #
4785
+ # {
4786
+ # connector_id: "ConnectorId", # required
4787
+ # send_file_paths: ["FilePath"], # required
4788
+ # }
4789
+ #
4790
+ # @!attribute [rw] connector_id
4791
+ # The unique identifier for the connector.
4792
+ # @return [String]
4793
+ #
4794
+ # @!attribute [rw] send_file_paths
4795
+ # An array of strings. Each string represents the absolute path for
4796
+ # one outbound file transfer. For example, `
4797
+ # DOC-EXAMPLE-BUCKET/myfile.txt `.
4798
+ # @return [Array<String>]
4799
+ #
4800
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/StartFileTransferRequest AWS API Documentation
4801
+ #
4802
+ class StartFileTransferRequest < Struct.new(
4803
+ :connector_id,
4804
+ :send_file_paths)
4805
+ SENSITIVE = []
4806
+ include Aws::Structure
4807
+ end
4808
+
4809
+ # @!attribute [rw] transfer_id
4810
+ # Returns the unique identifier for this file transfer.
4811
+ # @return [String]
4812
+ #
4813
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/StartFileTransferResponse AWS API Documentation
4814
+ #
4815
+ class StartFileTransferResponse < Struct.new(
4816
+ :transfer_id)
4817
+ SENSITIVE = []
4818
+ include Aws::Structure
4819
+ end
4820
+
3493
4821
  # @note When making an API call, you may pass StartServerRequest
3494
4822
  # data as a hash:
3495
4823
  #
@@ -3649,7 +4977,7 @@ module Aws::Transfer
3649
4977
  #
3650
4978
  # {
3651
4979
  # server_id: "ServerId", # required
3652
- # server_protocol: "SFTP", # accepts SFTP, FTP, FTPS
4980
+ # server_protocol: "SFTP", # accepts SFTP, FTP, FTPS, AS2
3653
4981
  # source_ip: "SourceIp",
3654
4982
  # user_name: "UserName", # required
3655
4983
  # user_password: "UserPassword",
@@ -3730,8 +5058,6 @@ module Aws::Transfer
3730
5058
 
3731
5059
  # The request was denied due to request throttling.
3732
5060
  #
3733
- # HTTP Status Code: 400
3734
- #
3735
5061
  # @!attribute [rw] retry_after_seconds
3736
5062
  # @return [String]
3737
5063
  #
@@ -3803,13 +5129,13 @@ module Aws::Transfer
3803
5129
  # @return [String]
3804
5130
  #
3805
5131
  # @!attribute [rw] home_directory_type
3806
- # The type of landing directory (folder) you want your users' home
3807
- # directory to be when they log into the server. If you set it to
3808
- # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
3809
- # as is in their file transfer protocol clients. If you set it
5132
+ # The type of landing directory (folder) that you want your users'
5133
+ # home directory to be when they log in to the server. If you set it
5134
+ # to `PATH`, the user will see the absolute Amazon S3 bucket or EFS
5135
+ # paths as is in their file transfer protocol clients. If you set it
3810
5136
  # `LOGICAL`, you need to provide mappings in the
3811
- # `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
3812
- # paths visible to your users.
5137
+ # `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon
5138
+ # EFS paths visible to your users.
3813
5139
  # @return [String]
3814
5140
  #
3815
5141
  # @!attribute [rw] home_directory_mappings
@@ -3818,10 +5144,10 @@ module Aws::Transfer
3818
5144
  # make them visible. You must specify the `Entry` and `Target` pair,
3819
5145
  # where `Entry` shows how the path is made visible and `Target` is the
3820
5146
  # actual Amazon S3 or Amazon EFS path. If you only specify a target,
3821
- # it is displayed as is. You also must ensure that your Amazon Web
3822
- # Services Identity and Access Management (IAM) role provides access
3823
- # to paths in `Target`. This value can only be set when
3824
- # `HomeDirectoryType` is set to *LOGICAL*.
5147
+ # it is displayed as is. You also must ensure that your Identity and
5148
+ # Access Management (IAM) role provides access to paths in `Target`.
5149
+ # This value can be set only when `HomeDirectoryType` is set to
5150
+ # *LOGICAL*.
3825
5151
  #
3826
5152
  # The following is an `Entry` and `Target` pair example.
3827
5153
  #
@@ -3839,19 +5165,19 @@ module Aws::Transfer
3839
5165
  # @return [Array<Types::HomeDirectoryMapEntry>]
3840
5166
  #
3841
5167
  # @!attribute [rw] policy
3842
- # A session policy for your user so that you can use the same IAM role
3843
- # across multiple users. This policy scopes down user access to
3844
- # portions of their Amazon S3 bucket. Variables that you can use
3845
- # inside this policy include `$\{Transfer:UserName\}`,
3846
- # `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
5168
+ # A session policy for your user so that you can use the same Identity
5169
+ # and Access Management (IAM) role across multiple users. This policy
5170
+ # scopes down a user's access to portions of their Amazon S3 bucket.
5171
+ # Variables that you can use inside this policy include
5172
+ # `$\{Transfer:UserName\}`, `$\{Transfer:HomeDirectory\}`, and
5173
+ # `$\{Transfer:HomeBucket\}`.
3847
5174
  #
3848
- # <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not
3849
- # use session policies.
5175
+ # <note markdown="1"> This policy applies only when the domain of `ServerId` is Amazon S3.
5176
+ # Amazon EFS does not use session policies.
3850
5177
  #
3851
- # For session policies, Amazon Web Services Transfer Family stores the
3852
- # policy as a JSON blob, instead of the Amazon Resource Name (ARN) of
3853
- # the policy. You save the policy as a JSON blob and pass it in the
3854
- # `Policy` argument.
5178
+ # For session policies, Transfer Family stores the policy as a JSON
5179
+ # blob, instead of the Amazon Resource Name (ARN) of the policy. You
5180
+ # save the policy as a JSON blob and pass it in the `Policy` argument.
3855
5181
  #
3856
5182
  # For an example of a session policy, see [Example session policy][1].
3857
5183
  #
@@ -3876,14 +5202,14 @@ module Aws::Transfer
3876
5202
  # @return [Types::PosixProfile]
3877
5203
  #
3878
5204
  # @!attribute [rw] role
3879
- # Specifies the Amazon Resource Name (ARN) of the IAM role that
3880
- # controls your users' access to your Amazon S3 bucket or EFS file
3881
- # system. The policies attached to this role determine the level of
3882
- # access that you want to provide your users when transferring files
3883
- # into and out of your Amazon S3 bucket or EFS file system. The IAM
3884
- # role should also contain a trust relationship that allows the server
3885
- # to access your resources when servicing your users' transfer
3886
- # requests.
5205
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
5206
+ # (IAM) role that controls your users' access to your Amazon S3
5207
+ # bucket or Amazon EFS file system. The policies attached to this role
5208
+ # determine the level of access that you want to provide your users
5209
+ # when transferring files into and out of your Amazon S3 bucket or
5210
+ # Amazon EFS file system. The IAM role should also contain a trust
5211
+ # relationship that allows the server to access your resources when
5212
+ # servicing your users' transfer requests.
3887
5213
  # @return [String]
3888
5214
  #
3889
5215
  # @!attribute [rw] server_id
@@ -3895,9 +5221,9 @@ module Aws::Transfer
3895
5221
  # A unique identifier that is required to identify specific groups
3896
5222
  # within your directory. The users of the group that you associate
3897
5223
  # have access to your Amazon S3 or Amazon EFS resources over the
3898
- # enabled protocols using Amazon Web Services Transfer Family. If you
3899
- # know the group name, you can view the SID values by running the
3900
- # following command using Windows PowerShell.
5224
+ # enabled protocols using Transfer Family. If you know the group name,
5225
+ # you can view the SID values by running the following command using
5226
+ # Windows PowerShell.
3901
5227
  #
3902
5228
  # `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\}
3903
5229
  # -Properties * | Select SamAccountName,ObjectSid`
@@ -3905,10 +5231,10 @@ module Aws::Transfer
3905
5231
  # In that command, replace *YourGroupName* with the name of your
3906
5232
  # Active Directory group.
3907
5233
  #
3908
- # The regex used to validate this parameter is a string of characters
3909
- # consisting of uppercase and lowercase alphanumeric characters with
3910
- # no spaces. You can also include underscores or any of the following
3911
- # characters: =,.@:/-
5234
+ # The regular expression used to validate this parameter is a string
5235
+ # of characters consisting of uppercase and lowercase alphanumeric
5236
+ # characters with no spaces. You can also include underscores or any
5237
+ # of the following characters: =,.@:/-
3912
5238
  # @return [String]
3913
5239
  #
3914
5240
  # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateAccessRequest AWS API Documentation
@@ -3945,6 +5271,256 @@ module Aws::Transfer
3945
5271
  include Aws::Structure
3946
5272
  end
3947
5273
 
5274
+ # @note When making an API call, you may pass UpdateAgreementRequest
5275
+ # data as a hash:
5276
+ #
5277
+ # {
5278
+ # agreement_id: "AgreementId", # required
5279
+ # server_id: "ServerId", # required
5280
+ # description: "Description",
5281
+ # status: "ACTIVE", # accepts ACTIVE, INACTIVE
5282
+ # local_profile_id: "ProfileId",
5283
+ # partner_profile_id: "ProfileId",
5284
+ # base_directory: "HomeDirectory",
5285
+ # access_role: "Role",
5286
+ # }
5287
+ #
5288
+ # @!attribute [rw] agreement_id
5289
+ # A unique identifier for the agreement. This identifier is returned
5290
+ # when you create an agreement.
5291
+ # @return [String]
5292
+ #
5293
+ # @!attribute [rw] server_id
5294
+ # A system-assigned unique identifier for a server instance. This is
5295
+ # the specific server that the agreement uses.
5296
+ # @return [String]
5297
+ #
5298
+ # @!attribute [rw] description
5299
+ # To replace the existing description, provide a short description for
5300
+ # the agreement.
5301
+ # @return [String]
5302
+ #
5303
+ # @!attribute [rw] status
5304
+ # You can update the status for the agreement, either activating an
5305
+ # inactive agreement or the reverse.
5306
+ # @return [String]
5307
+ #
5308
+ # @!attribute [rw] local_profile_id
5309
+ # To change the local profile identifier, provide a new value here.
5310
+ # @return [String]
5311
+ #
5312
+ # @!attribute [rw] partner_profile_id
5313
+ # To change the partner profile identifier, provide a new value here.
5314
+ # @return [String]
5315
+ #
5316
+ # @!attribute [rw] base_directory
5317
+ # To change the landing directory (folder) for files that are
5318
+ # transferred, provide the bucket folder that you want to use; for
5319
+ # example, `/DOC-EXAMPLE-BUCKET/home/mydirectory `.
5320
+ # @return [String]
5321
+ #
5322
+ # @!attribute [rw] access_role
5323
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
5324
+ # (IAM) role that grants access to at least the `HomeDirectory` of
5325
+ # your users' Amazon S3 buckets.
5326
+ # @return [String]
5327
+ #
5328
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateAgreementRequest AWS API Documentation
5329
+ #
5330
+ class UpdateAgreementRequest < Struct.new(
5331
+ :agreement_id,
5332
+ :server_id,
5333
+ :description,
5334
+ :status,
5335
+ :local_profile_id,
5336
+ :partner_profile_id,
5337
+ :base_directory,
5338
+ :access_role)
5339
+ SENSITIVE = []
5340
+ include Aws::Structure
5341
+ end
5342
+
5343
+ # @!attribute [rw] agreement_id
5344
+ # A unique identifier for the agreement. This identifier is returned
5345
+ # when you create an agreement.
5346
+ # @return [String]
5347
+ #
5348
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateAgreementResponse AWS API Documentation
5349
+ #
5350
+ class UpdateAgreementResponse < Struct.new(
5351
+ :agreement_id)
5352
+ SENSITIVE = []
5353
+ include Aws::Structure
5354
+ end
5355
+
5356
+ # @note When making an API call, you may pass UpdateCertificateRequest
5357
+ # data as a hash:
5358
+ #
5359
+ # {
5360
+ # certificate_id: "CertificateId", # required
5361
+ # active_date: Time.now,
5362
+ # inactive_date: Time.now,
5363
+ # description: "Description",
5364
+ # }
5365
+ #
5366
+ # @!attribute [rw] certificate_id
5367
+ # The identifier of the certificate object that you are updating.
5368
+ # @return [String]
5369
+ #
5370
+ # @!attribute [rw] active_date
5371
+ # An optional date that specifies when the certificate becomes active.
5372
+ # @return [Time]
5373
+ #
5374
+ # @!attribute [rw] inactive_date
5375
+ # An optional date that specifies when the certificate becomes
5376
+ # inactive.
5377
+ # @return [Time]
5378
+ #
5379
+ # @!attribute [rw] description
5380
+ # A short description to help identify the certificate.
5381
+ # @return [String]
5382
+ #
5383
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateCertificateRequest AWS API Documentation
5384
+ #
5385
+ class UpdateCertificateRequest < Struct.new(
5386
+ :certificate_id,
5387
+ :active_date,
5388
+ :inactive_date,
5389
+ :description)
5390
+ SENSITIVE = []
5391
+ include Aws::Structure
5392
+ end
5393
+
5394
+ # @!attribute [rw] certificate_id
5395
+ # Returns the identifier of the certificate object that you are
5396
+ # updating.
5397
+ # @return [String]
5398
+ #
5399
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateCertificateResponse AWS API Documentation
5400
+ #
5401
+ class UpdateCertificateResponse < Struct.new(
5402
+ :certificate_id)
5403
+ SENSITIVE = []
5404
+ include Aws::Structure
5405
+ end
5406
+
5407
+ # @note When making an API call, you may pass UpdateConnectorRequest
5408
+ # data as a hash:
5409
+ #
5410
+ # {
5411
+ # connector_id: "ConnectorId", # required
5412
+ # url: "Url",
5413
+ # as_2_config: {
5414
+ # local_profile_id: "ProfileId",
5415
+ # partner_profile_id: "ProfileId",
5416
+ # message_subject: "MessageSubject",
5417
+ # compression: "ZLIB", # accepts ZLIB, DISABLED
5418
+ # encryption_algorithm: "AES128_CBC", # accepts AES128_CBC, AES192_CBC, AES256_CBC
5419
+ # signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE
5420
+ # mdn_signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE, DEFAULT
5421
+ # mdn_response: "SYNC", # accepts SYNC, NONE
5422
+ # },
5423
+ # access_role: "Role",
5424
+ # logging_role: "Role",
5425
+ # }
5426
+ #
5427
+ # @!attribute [rw] connector_id
5428
+ # The unique identifier for the connector.
5429
+ # @return [String]
5430
+ #
5431
+ # @!attribute [rw] url
5432
+ # The URL of the partner's AS2 endpoint.
5433
+ # @return [String]
5434
+ #
5435
+ # @!attribute [rw] as_2_config
5436
+ # A structure that contains the parameters for a connector object.
5437
+ # @return [Types::As2ConnectorConfig]
5438
+ #
5439
+ # @!attribute [rw] access_role
5440
+ # With AS2, you can send files by calling `StartFileTransfer` and
5441
+ # specifying the file paths in the request parameter, `SendFilePaths`.
5442
+ # We use the file’s parent directory (for example, for
5443
+ # `--send-file-paths /bucket/dir/file.txt`, parent directory is
5444
+ # `/bucket/dir/`) to temporarily store a processed AS2 message file,
5445
+ # store the MDN when we receive them from the partner, and write a
5446
+ # final JSON file containing relevant metadata of the transmission.
5447
+ # So, the `AccessRole` needs to provide read and write access to the
5448
+ # parent directory of the file location used in the
5449
+ # `StartFileTransfer` request. Additionally, you need to provide read
5450
+ # and write access to the parent directory of the files that you
5451
+ # intend to send with `StartFileTransfer`.
5452
+ # @return [String]
5453
+ #
5454
+ # @!attribute [rw] logging_role
5455
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
5456
+ # (IAM) role that allows a connector to turn on CloudWatch logging for
5457
+ # Amazon S3 events. When set, you can view connector activity in your
5458
+ # CloudWatch logs.
5459
+ # @return [String]
5460
+ #
5461
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateConnectorRequest AWS API Documentation
5462
+ #
5463
+ class UpdateConnectorRequest < Struct.new(
5464
+ :connector_id,
5465
+ :url,
5466
+ :as_2_config,
5467
+ :access_role,
5468
+ :logging_role)
5469
+ SENSITIVE = []
5470
+ include Aws::Structure
5471
+ end
5472
+
5473
+ # @!attribute [rw] connector_id
5474
+ # Returns the identifier of the connector object that you are
5475
+ # updating.
5476
+ # @return [String]
5477
+ #
5478
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateConnectorResponse AWS API Documentation
5479
+ #
5480
+ class UpdateConnectorResponse < Struct.new(
5481
+ :connector_id)
5482
+ SENSITIVE = []
5483
+ include Aws::Structure
5484
+ end
5485
+
5486
+ # @note When making an API call, you may pass UpdateProfileRequest
5487
+ # data as a hash:
5488
+ #
5489
+ # {
5490
+ # profile_id: "ProfileId", # required
5491
+ # certificate_ids: ["CertificateId"],
5492
+ # }
5493
+ #
5494
+ # @!attribute [rw] profile_id
5495
+ # The identifier of the profile object that you are updating.
5496
+ # @return [String]
5497
+ #
5498
+ # @!attribute [rw] certificate_ids
5499
+ # An array of identifiers for the imported certificates. You use this
5500
+ # identifier for working with profiles and partner profiles.
5501
+ # @return [Array<String>]
5502
+ #
5503
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateProfileRequest AWS API Documentation
5504
+ #
5505
+ class UpdateProfileRequest < Struct.new(
5506
+ :profile_id,
5507
+ :certificate_ids)
5508
+ SENSITIVE = []
5509
+ include Aws::Structure
5510
+ end
5511
+
5512
+ # @!attribute [rw] profile_id
5513
+ # Returns the identifier for the profile that's being updated.
5514
+ # @return [String]
5515
+ #
5516
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateProfileResponse AWS API Documentation
5517
+ #
5518
+ class UpdateProfileResponse < Struct.new(
5519
+ :profile_id)
5520
+ SENSITIVE = []
5521
+ include Aws::Structure
5522
+ end
5523
+
3948
5524
  # @note When making an API call, you may pass UpdateServerRequest
3949
5525
  # data as a hash:
3950
5526
  #
@@ -3953,6 +5529,8 @@ module Aws::Transfer
3953
5529
  # protocol_details: {
3954
5530
  # passive_ip: "PassiveIp",
3955
5531
  # tls_session_resumption_mode: "DISABLED", # accepts DISABLED, ENABLED, ENFORCED
5532
+ # set_stat_option: "DEFAULT", # accepts DEFAULT, ENABLE_NO_OP
5533
+ # as_2_transports: ["HTTP"], # accepts HTTP
3956
5534
  # },
3957
5535
  # endpoint_details: {
3958
5536
  # address_allocation_ids: ["AddressAllocationId"],
@@ -3972,7 +5550,7 @@ module Aws::Transfer
3972
5550
  # logging_role: "NullableRole",
3973
5551
  # post_authentication_login_banner: "PostAuthenticationLoginBanner",
3974
5552
  # pre_authentication_login_banner: "PreAuthenticationLoginBanner",
3975
- # protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
5553
+ # protocols: ["SFTP"], # accepts SFTP, FTP, FTPS, AS2
3976
5554
  # security_policy_name: "SecurityPolicyName",
3977
5555
  # server_id: "ServerId", # required
3978
5556
  # workflow_details: {
@@ -4030,22 +5608,36 @@ module Aws::Transfer
4030
5608
  # @!attribute [rw] protocol_details
4031
5609
  # The protocol settings that are configured for your server.
4032
5610
  #
4033
- # Use the `PassiveIp` parameter to indicate passive mode (for FTP and
4034
- # FTPS protocols). Enter a single dotted-quad IPv4 address, such as
4035
- # the external IP address of a firewall, router, or load balancer.
4036
- #
4037
- # Use the `TlsSessionResumptionMode` parameter to determine whether or
4038
- # not your Transfer server resumes recent, negotiated sessions through
4039
- # a unique session ID.
5611
+ # * To indicate passive mode (for FTP and FTPS protocols), use the
5612
+ # `PassiveIp` parameter. Enter a single dotted-quad IPv4 address,
5613
+ # such as the external IP address of a firewall, router, or load
5614
+ # balancer.
5615
+ #
5616
+ # * To ignore the error that is generated when the client attempts to
5617
+ # use the `SETSTAT` command on a file that you are uploading to an
5618
+ # Amazon S3 bucket, use the `SetStatOption` parameter. To have the
5619
+ # Transfer Family server ignore the `SETSTAT` command and upload
5620
+ # files without needing to make any changes to your SFTP client, set
5621
+ # the value to `ENABLE_NO_OP`. If you set the `SetStatOption`
5622
+ # parameter to `ENABLE_NO_OP`, Transfer Family generates a log entry
5623
+ # to Amazon CloudWatch Logs, so that you can determine when the
5624
+ # client is making a `SETSTAT` call.
5625
+ #
5626
+ # * To determine whether your Transfer Family server resumes recent,
5627
+ # negotiated sessions through a unique session ID, use the
5628
+ # `TlsSessionResumptionMode` parameter.
5629
+ #
5630
+ # * `As2Transports` indicates the transport method for the AS2
5631
+ # messages. Currently, only HTTP is supported.
4040
5632
  # @return [Types::ProtocolDetails]
4041
5633
  #
4042
5634
  # @!attribute [rw] endpoint_details
4043
5635
  # The virtual private cloud (VPC) endpoint settings that are
4044
5636
  # configured for your server. When you host your endpoint within your
4045
- # VPC, you can make it accessible only to resources within your VPC,
4046
- # or you can attach Elastic IP addresses and make it accessible to
4047
- # clients over the internet. Your VPC's default security groups are
4048
- # automatically assigned to your endpoint.
5637
+ # VPC, you can make your endpoint accessible only to resources within
5638
+ # your VPC, or you can attach Elastic IP addresses and make your
5639
+ # endpoint accessible to clients over the internet. Your VPC's
5640
+ # default security groups are automatically assigned to your endpoint.
4049
5641
  # @return [Types::EndpointDetails]
4050
5642
  #
4051
5643
  # @!attribute [rw] endpoint_type
@@ -4077,15 +5669,15 @@ module Aws::Transfer
4077
5669
  # @return [String]
4078
5670
  #
4079
5671
  # @!attribute [rw] host_key
4080
- # The RSA or ECDSA private key to use for your server.
5672
+ # The RSA, ECDSA, or ED25519 private key to use for your server.
4081
5673
  #
4082
5674
  # Use the following command to generate an RSA 2048 bit key with no
4083
5675
  # passphrase:
4084
5676
  #
4085
5677
  # `ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key`.
4086
5678
  #
4087
- # Use a minimum value of 2048 for the `-b` option: you can create a
4088
- # stronger key using 3072 or 4096.
5679
+ # Use a minimum value of 2048 for the `-b` option. You can create a
5680
+ # stronger key by using 3072 or 4096.
4089
5681
  #
4090
5682
  # Use the following command to generate an ECDSA 256 bit key with no
4091
5683
  # passphrase:
@@ -4094,7 +5686,12 @@ module Aws::Transfer
4094
5686
  #
4095
5687
  # Valid values for the `-b` option for ECDSA are 256, 384, and 521.
4096
5688
  #
4097
- # For both of these commands, you can replace *my-new-server-key* with
5689
+ # Use the following command to generate an ED25519 key with no
5690
+ # passphrase:
5691
+ #
5692
+ # `ssh-keygen -t ed25519 -N "" -f my-new-server-key`.
5693
+ #
5694
+ # For all of these commands, you can replace *my-new-server-key* with
4098
5695
  # a string of your choice.
4099
5696
  #
4100
5697
  # If you aren't planning to migrate existing users from an existing
@@ -4102,7 +5699,7 @@ module Aws::Transfer
4102
5699
  # Accidentally changing a server's host key can be disruptive.
4103
5700
  #
4104
5701
  # For more information, see [Change the host key for your SFTP-enabled
4105
- # server][1] in the *Amazon Web Services Transfer Family User Guide*.
5702
+ # server][1] in the *Transfer Family User Guide*.
4106
5703
  #
4107
5704
  #
4108
5705
  #
@@ -4115,15 +5712,14 @@ module Aws::Transfer
4115
5712
  # @return [Types::IdentityProviderDetails]
4116
5713
  #
4117
5714
  # @!attribute [rw] logging_role
4118
- # Specifies the Amazon Resource Name (ARN) of the Amazon Web Services
4119
- # Identity and Access Management (IAM) role that allows a server to
4120
- # turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS
4121
- # events. When set, user activity can be viewed in your CloudWatch
4122
- # logs.
5715
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
5716
+ # (IAM) role that allows a server to turn on Amazon CloudWatch logging
5717
+ # for Amazon S3 or Amazon EFSevents. When set, you can view user
5718
+ # activity in your CloudWatch logs.
4123
5719
  # @return [String]
4124
5720
  #
4125
5721
  # @!attribute [rw] post_authentication_login_banner
4126
- # Specify a string to display when users connect to a server. This
5722
+ # Specifies a string to display when users connect to a server. This
4127
5723
  # string is displayed after the user authenticates.
4128
5724
  #
4129
5725
  # <note markdown="1"> The SFTP protocol does not support post-authentication display
@@ -4133,9 +5729,9 @@ module Aws::Transfer
4133
5729
  # @return [String]
4134
5730
  #
4135
5731
  # @!attribute [rw] pre_authentication_login_banner
4136
- # Specify a string to display when users connect to a server. This
5732
+ # Specifies a string to display when users connect to a server. This
4137
5733
  # string is displayed before the user authenticates. For example, the
4138
- # following banner displays details about using the system.
5734
+ # following banner displays details about using the system:
4139
5735
  #
4140
5736
  # `This system is for the use of authorized users only. Individuals
4141
5737
  # using this computer system without authority, or in excess of their
@@ -4186,7 +5782,7 @@ module Aws::Transfer
4186
5782
  #
4187
5783
  # @!attribute [rw] workflow_details
4188
5784
  # Specifies the workflow ID for the workflow to assign and the
4189
- # execution role used for executing the workflow.
5785
+ # execution role that's used for executing the workflow.
4190
5786
  #
4191
5787
  # To remove an associated workflow from a server, you can provide an
4192
5788
  # empty `OnUpload` object, as in the following example.
@@ -4259,13 +5855,13 @@ module Aws::Transfer
4259
5855
  # @return [String]
4260
5856
  #
4261
5857
  # @!attribute [rw] home_directory_type
4262
- # The type of landing directory (folder) you want your users' home
4263
- # directory to be when they log into the server. If you set it to
4264
- # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
4265
- # as is in their file transfer protocol clients. If you set it
5858
+ # The type of landing directory (folder) that you want your users'
5859
+ # home directory to be when they log in to the server. If you set it
5860
+ # to `PATH`, the user will see the absolute Amazon S3 bucket or EFS
5861
+ # paths as is in their file transfer protocol clients. If you set it
4266
5862
  # `LOGICAL`, you need to provide mappings in the
4267
- # `HomeDirectoryMappings` for how you want to make Amazon S3 or EFS
4268
- # paths visible to your users.
5863
+ # `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon
5864
+ # EFS paths visible to your users.
4269
5865
  # @return [String]
4270
5866
  #
4271
5867
  # @!attribute [rw] home_directory_mappings
@@ -4274,10 +5870,10 @@ module Aws::Transfer
4274
5870
  # make them visible. You must specify the `Entry` and `Target` pair,
4275
5871
  # where `Entry` shows how the path is made visible and `Target` is the
4276
5872
  # actual Amazon S3 or Amazon EFS path. If you only specify a target,
4277
- # it is displayed as is. You also must ensure that your Amazon Web
4278
- # Services Identity and Access Management (IAM) role provides access
4279
- # to paths in `Target`. This value can only be set when
4280
- # `HomeDirectoryType` is set to *LOGICAL*.
5873
+ # it is displayed as is. You also must ensure that your Identity and
5874
+ # Access Management (IAM) role provides access to paths in `Target`.
5875
+ # This value can be set only when `HomeDirectoryType` is set to
5876
+ # *LOGICAL*.
4281
5877
  #
4282
5878
  # The following is an `Entry` and `Target` pair example.
4283
5879
  #
@@ -4295,19 +5891,19 @@ module Aws::Transfer
4295
5891
  # @return [Array<Types::HomeDirectoryMapEntry>]
4296
5892
  #
4297
5893
  # @!attribute [rw] policy
4298
- # A session policy for your user so that you can use the same IAM role
4299
- # across multiple users. This policy scopes down user access to
4300
- # portions of their Amazon S3 bucket. Variables that you can use
4301
- # inside this policy include `$\{Transfer:UserName\}`,
4302
- # `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
5894
+ # A session policy for your user so that you can use the same Identity
5895
+ # and Access Management (IAM) role across multiple users. This policy
5896
+ # scopes down a user's access to portions of their Amazon S3 bucket.
5897
+ # Variables that you can use inside this policy include
5898
+ # `$\{Transfer:UserName\}`, `$\{Transfer:HomeDirectory\}`, and
5899
+ # `$\{Transfer:HomeBucket\}`.
4303
5900
  #
4304
- # <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not
4305
- # use session policies.
5901
+ # <note markdown="1"> This policy applies only when the domain of `ServerId` is Amazon S3.
5902
+ # Amazon EFS does not use session policies.
4306
5903
  #
4307
- # For session policies, Amazon Web Services Transfer Family stores the
4308
- # policy as a JSON blob, instead of the Amazon Resource Name (ARN) of
4309
- # the policy. You save the policy as a JSON blob and pass it in the
4310
- # `Policy` argument.
5904
+ # For session policies, Transfer Family stores the policy as a JSON
5905
+ # blob, instead of the Amazon Resource Name (ARN) of the policy. You
5906
+ # save the policy as a JSON blob and pass it in the `Policy` argument.
4311
5907
  #
4312
5908
  # For an example of a session policy, see [Creating a session
4313
5909
  # policy][1].
@@ -4334,14 +5930,14 @@ module Aws::Transfer
4334
5930
  # @return [Types::PosixProfile]
4335
5931
  #
4336
5932
  # @!attribute [rw] role
4337
- # Specifies the Amazon Resource Name (ARN) of the IAM role that
4338
- # controls your users' access to your Amazon S3 bucket or EFS file
4339
- # system. The policies attached to this role determine the level of
4340
- # access that you want to provide your users when transferring files
4341
- # into and out of your Amazon S3 bucket or EFS file system. The IAM
4342
- # role should also contain a trust relationship that allows the server
4343
- # to access your resources when servicing your users' transfer
4344
- # requests.
5933
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
5934
+ # (IAM) role that controls your users' access to your Amazon S3
5935
+ # bucket or Amazon EFS file system. The policies attached to this role
5936
+ # determine the level of access that you want to provide your users
5937
+ # when transferring files into and out of your Amazon S3 bucket or
5938
+ # Amazon EFS file system. The IAM role should also contain a trust
5939
+ # relationship that allows the server to access your resources when
5940
+ # servicing your users' transfer requests.
4345
5941
  # @return [String]
4346
5942
  #
4347
5943
  # @!attribute [rw] server_id
@@ -4423,7 +6019,7 @@ module Aws::Transfer
4423
6019
  end
4424
6020
 
4425
6021
  # Specifies the workflow ID for the workflow to assign and the execution
4426
- # role used for executing the workflow.
6022
+ # role that's used for executing the workflow.
4427
6023
  #
4428
6024
  # @note When making an API call, you may pass WorkflowDetail
4429
6025
  # data as a hash:
@@ -4533,13 +6129,13 @@ module Aws::Transfer
4533
6129
  # @!attribute [rw] type
4534
6130
  # Currently, the following step types are supported.
4535
6131
  #
4536
- # * *COPY*\: copy the file to another location
6132
+ # * *COPY*\: Copy the file to another location.
4537
6133
  #
4538
- # * *CUSTOM*\: custom step with a lambda target
6134
+ # * *CUSTOM*\: Perform a custom step with an Lambda function target.
4539
6135
  #
4540
- # * *DELETE*\: delete the file
6136
+ # * *DELETE*\: Delete the file.
4541
6137
  #
4542
- # * *TAG*\: add a tag to the file
6138
+ # * *TAG*\: Add a tag to the file.
4543
6139
  # @return [String]
4544
6140
  #
4545
6141
  # @!attribute [rw] copy_step_details