aws-sdk-transfer 1.56.0 → 1.57.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -363,11 +363,11 @@ module Aws::Transfer
363
363
 
364
364
  # Used by administrators to choose which groups in the directory should
365
365
  # have access to upload and download files over the enabled protocols
366
- # using Amazon Web Services Transfer Family. For example, a Microsoft
367
- # Active Directory might contain 50,000 users, but only a small fraction
368
- # might need the ability to transfer files to the server. An
369
- # administrator can use `CreateAccess` to limit the access to the
370
- # correct set of users who need this ability.
366
+ # using Transfer Family. For example, a Microsoft Active Directory might
367
+ # contain 50,000 users, but only a small fraction might need the ability
368
+ # to transfer files to the server. An administrator can use
369
+ # `CreateAccess` to limit the access to the correct set of users who
370
+ # need this ability.
371
371
  #
372
372
  # @option params [String] :home_directory
373
373
  # The landing directory (folder) for a user when they log in to the
@@ -376,12 +376,13 @@ module Aws::Transfer
376
376
  # A `HomeDirectory` example is `/bucket_name/home/mydirectory`.
377
377
  #
378
378
  # @option params [String] :home_directory_type
379
- # The type of landing directory (folder) you want your users' home
380
- # directory to be when they log into the server. If you set it to
379
+ # The type of landing directory (folder) that you want your users' home
380
+ # directory to be when they log in to the server. If you set it to
381
381
  # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
382
382
  # as is in their file transfer protocol clients. If you set it
383
383
  # `LOGICAL`, you need to provide mappings in the `HomeDirectoryMappings`
384
- # for how you want to make Amazon S3 or EFS paths visible to your users.
384
+ # for how you want to make Amazon S3 or Amazon EFS paths visible to your
385
+ # users.
385
386
  #
386
387
  # @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
387
388
  # Logical directory mappings that specify what Amazon S3 or Amazon EFS
@@ -389,10 +390,9 @@ module Aws::Transfer
389
390
  # them visible. You must specify the `Entry` and `Target` pair, where
390
391
  # `Entry` shows how the path is made visible and `Target` is the actual
391
392
  # Amazon S3 or Amazon EFS path. If you only specify a target, it is
392
- # displayed as is. You also must ensure that your Amazon Web Services
393
- # Identity and Access Management (IAM) role provides access to paths in
394
- # `Target`. This value can only be set when `HomeDirectoryType` is set
395
- # to *LOGICAL*.
393
+ # displayed as is. You also must ensure that your Identity and Access
394
+ # Management (IAM) role provides access to paths in `Target`. This value
395
+ # can be set only when `HomeDirectoryType` is set to *LOGICAL*.
396
396
  #
397
397
  # The following is an `Entry` and `Target` pair example.
398
398
  #
@@ -409,24 +409,24 @@ module Aws::Transfer
409
409
  # `[ \{ "Entry": "/", "Target": "/bucket_name/home/mydirectory" \} ]`
410
410
  #
411
411
  # @option params [String] :policy
412
- # A session policy for your user so that you can use the same IAM role
413
- # across multiple users. This policy scopes down user access to portions
414
- # of their Amazon S3 bucket. Variables that you can use inside this
415
- # policy include `$\{Transfer:UserName\}`,
416
- # `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
412
+ # A session policy for your user so that you can use the same Identity
413
+ # and Access Management (IAM) role across multiple users. This policy
414
+ # scopes down a user's access to portions of their Amazon S3 bucket.
415
+ # Variables that you can use inside this policy include
416
+ # `$\{Transfer:UserName\}`, `$\{Transfer:HomeDirectory\}`, and
417
+ # `$\{Transfer:HomeBucket\}`.
417
418
  #
418
- # <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not
419
- # use session policies.
419
+ # <note markdown="1"> This policy applies only when the domain of `ServerId` is Amazon S3.
420
+ # Amazon EFS does not use session policies.
420
421
  #
421
- # For session policies, Amazon Web Services Transfer Family stores the
422
- # policy as a JSON blob, instead of the Amazon Resource Name (ARN) of
423
- # the policy. You save the policy as a JSON blob and pass it in the
424
- # `Policy` argument.
422
+ # For session policies, Transfer Family stores the policy as a JSON
423
+ # blob, instead of the Amazon Resource Name (ARN) of the policy. You
424
+ # save the policy as a JSON blob and pass it in the `Policy` argument.
425
425
  #
426
426
  # For an example of a session policy, see [Example session policy][1].
427
427
  #
428
- # For more information, see [AssumeRole][2] in the *Amazon Web Services
429
- # Security Token Service API Reference*.
428
+ # For more information, see [AssumeRole][2] in the *Security Token
429
+ # Service API Reference*.
430
430
  #
431
431
  # </note>
432
432
  #
@@ -444,13 +444,14 @@ module Aws::Transfer
444
444
  # out of your Amazon EFS file systems.
445
445
  #
446
446
  # @option params [required, String] :role
447
- # Specifies the Amazon Resource Name (ARN) of the IAM role that controls
448
- # your users' access to your Amazon S3 bucket or EFS file system. The
449
- # policies attached to this role determine the level of access that you
450
- # want to provide your users when transferring files into and out of
451
- # your Amazon S3 bucket or EFS file system. The IAM role should also
452
- # contain a trust relationship that allows the server to access your
453
- # resources when servicing your users' transfer requests.
447
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
448
+ # (IAM) role that controls your users' access to your Amazon S3 bucket
449
+ # or Amazon EFS file system. The policies attached to this role
450
+ # determine the level of access that you want to provide your users when
451
+ # transferring files into and out of your Amazon S3 bucket or Amazon EFS
452
+ # file system. The IAM role should also contain a trust relationship
453
+ # that allows the server to access your resources when servicing your
454
+ # users' transfer requests.
454
455
  #
455
456
  # @option params [required, String] :server_id
456
457
  # A system-assigned unique identifier for a server instance. This is the
@@ -460,9 +461,9 @@ module Aws::Transfer
460
461
  # A unique identifier that is required to identify specific groups
461
462
  # within your directory. The users of the group that you associate have
462
463
  # access to your Amazon S3 or Amazon EFS resources over the enabled
463
- # protocols using Amazon Web Services Transfer Family. If you know the
464
- # group name, you can view the SID values by running the following
465
- # command using Windows PowerShell.
464
+ # protocols using Transfer Family. If you know the group name, you can
465
+ # view the SID values by running the following command using Windows
466
+ # PowerShell.
466
467
  #
467
468
  # `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\}
468
469
  # -Properties * | Select SamAccountName,ObjectSid`
@@ -470,10 +471,10 @@ module Aws::Transfer
470
471
  # In that command, replace *YourGroupName* with the name of your Active
471
472
  # Directory group.
472
473
  #
473
- # The regex used to validate this parameter is a string of characters
474
- # consisting of uppercase and lowercase alphanumeric characters with no
475
- # spaces. You can also include underscores or any of the following
476
- # characters: =,.@:/-
474
+ # The regular expression used to validate this parameter is a string of
475
+ # characters consisting of uppercase and lowercase alphanumeric
476
+ # characters with no spaces. You can also include underscores or any of
477
+ # the following characters: =,.@:/-
477
478
  #
478
479
  # @return [Types::CreateAccessResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
479
480
  #
@@ -516,6 +517,214 @@ module Aws::Transfer
516
517
  req.send_request(options)
517
518
  end
518
519
 
520
+ # Creates an agreement. An agreement is a bilateral trading partner
521
+ # agreement, or partnership, between an Transfer Family server and an
522
+ # AS2 process. The agreement defines the file and message transfer
523
+ # relationship between the server and the AS2 process. To define an
524
+ # agreement, Transfer Family combines a server, local profile, partner
525
+ # profile, certificate, and other attributes.
526
+ #
527
+ # The partner is identified with the `PartnerProfileId`, and the AS2
528
+ # process is identified with the `LocalProfileId`.
529
+ #
530
+ # @option params [String] :description
531
+ # A name or short description to identify the agreement.
532
+ #
533
+ # @option params [required, String] :server_id
534
+ # A system-assigned unique identifier for a server instance. This is the
535
+ # specific server that the agreement uses.
536
+ #
537
+ # @option params [required, String] :local_profile_id
538
+ # A unique identifier for the AS2 local profile.
539
+ #
540
+ # @option params [required, String] :partner_profile_id
541
+ # A unique identifier for the partner profile used in the agreement.
542
+ #
543
+ # @option params [required, String] :base_directory
544
+ # The landing directory (folder) for files transferred by using the AS2
545
+ # protocol.
546
+ #
547
+ # A `BaseDirectory` example is `/DOC-EXAMPLE-BUCKET/home/mydirectory `.
548
+ #
549
+ # @option params [required, String] :access_role
550
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
551
+ # (IAM) role that grants access to at least the `HomeDirectory` of your
552
+ # users' Amazon S3 buckets.
553
+ #
554
+ # @option params [String] :status
555
+ # The status of the agreement. The agreement can be either `ACTIVE` or
556
+ # `INACTIVE`.
557
+ #
558
+ # @option params [Array<Types::Tag>] :tags
559
+ # Key-value pairs that can be used to group and search for agreements.
560
+ #
561
+ # @return [Types::CreateAgreementResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
562
+ #
563
+ # * {Types::CreateAgreementResponse#agreement_id #agreement_id} => String
564
+ #
565
+ # @example Request syntax with placeholder values
566
+ #
567
+ # resp = client.create_agreement({
568
+ # description: "Description",
569
+ # server_id: "ServerId", # required
570
+ # local_profile_id: "ProfileId", # required
571
+ # partner_profile_id: "ProfileId", # required
572
+ # base_directory: "HomeDirectory", # required
573
+ # access_role: "Role", # required
574
+ # status: "ACTIVE", # accepts ACTIVE, INACTIVE
575
+ # tags: [
576
+ # {
577
+ # key: "TagKey", # required
578
+ # value: "TagValue", # required
579
+ # },
580
+ # ],
581
+ # })
582
+ #
583
+ # @example Response structure
584
+ #
585
+ # resp.agreement_id #=> String
586
+ #
587
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateAgreement AWS API Documentation
588
+ #
589
+ # @overload create_agreement(params = {})
590
+ # @param [Hash] params ({})
591
+ def create_agreement(params = {}, options = {})
592
+ req = build_request(:create_agreement, params)
593
+ req.send_request(options)
594
+ end
595
+
596
+ # Creates the connector, which captures the parameters for an outbound
597
+ # connection for the AS2 protocol. The connector is required for sending
598
+ # files from a customer's non Amazon Web Services server.
599
+ #
600
+ # @option params [required, String] :url
601
+ # The URL of the partner's AS2 endpoint.
602
+ #
603
+ # @option params [required, Types::As2ConnectorConfig] :as_2_config
604
+ # A structure that contains the parameters for a connector object.
605
+ #
606
+ # @option params [required, String] :access_role
607
+ # With AS2, you can send files by calling `StartFileTransfer` and
608
+ # specifying the file paths in the request parameter, `SendFilePaths`.
609
+ # We use the file’s parent directory (for example, for
610
+ # `--send-file-paths /bucket/dir/file.txt`, parent directory is
611
+ # `/bucket/dir/`) to temporarily store a processed AS2 message file,
612
+ # store the MDN when we receive them from the partner, and write a final
613
+ # JSON file containing relevant metadata of the transmission. So, the
614
+ # `AccessRole` needs to provide read and write access to the parent
615
+ # directory of the file location used in the `StartFileTransfer`
616
+ # request. Additionally, you need to provide read and write access to
617
+ # the parent directory of the files that you intend to send with
618
+ # `StartFileTransfer`.
619
+ #
620
+ # @option params [String] :logging_role
621
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
622
+ # (IAM) role that allows a connector to turn on CloudWatch logging for
623
+ # Amazon S3 events. When set, you can view connector activity in your
624
+ # CloudWatch logs.
625
+ #
626
+ # @option params [Array<Types::Tag>] :tags
627
+ # Key-value pairs that can be used to group and search for connectors.
628
+ # Tags are metadata attached to connectors for any purpose.
629
+ #
630
+ # @return [Types::CreateConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
631
+ #
632
+ # * {Types::CreateConnectorResponse#connector_id #connector_id} => String
633
+ #
634
+ # @example Request syntax with placeholder values
635
+ #
636
+ # resp = client.create_connector({
637
+ # url: "Url", # required
638
+ # as_2_config: { # required
639
+ # local_profile_id: "ProfileId",
640
+ # partner_profile_id: "ProfileId",
641
+ # message_subject: "MessageSubject",
642
+ # compression: "ZLIB", # accepts ZLIB, DISABLED
643
+ # encryption_algorithm: "AES128_CBC", # accepts AES128_CBC, AES192_CBC, AES256_CBC
644
+ # signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE
645
+ # mdn_signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE, DEFAULT
646
+ # mdn_response: "SYNC", # accepts SYNC, NONE
647
+ # },
648
+ # access_role: "Role", # required
649
+ # logging_role: "Role",
650
+ # tags: [
651
+ # {
652
+ # key: "TagKey", # required
653
+ # value: "TagValue", # required
654
+ # },
655
+ # ],
656
+ # })
657
+ #
658
+ # @example Response structure
659
+ #
660
+ # resp.connector_id #=> String
661
+ #
662
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateConnector AWS API Documentation
663
+ #
664
+ # @overload create_connector(params = {})
665
+ # @param [Hash] params ({})
666
+ def create_connector(params = {}, options = {})
667
+ req = build_request(:create_connector, params)
668
+ req.send_request(options)
669
+ end
670
+
671
+ # Creates the profile for the AS2 process. The agreement is between the
672
+ # partner and the AS2 process.
673
+ #
674
+ # @option params [required, String] :as_2_id
675
+ # The `As2Id` is the *AS2-name*, as defined in the defined in the [RFC
676
+ # 4130][1]. For inbound transfers, this is the `AS2-From` header for the
677
+ # AS2 messages sent from the partner. For outbound connectors, this is
678
+ # the `AS2-To` header for the AS2 messages sent to the partner using the
679
+ # `StartFileTransfer` API operation. This ID cannot include spaces.
680
+ #
681
+ #
682
+ #
683
+ # [1]: https://datatracker.ietf.org/doc/html/rfc4130
684
+ #
685
+ # @option params [required, String] :profile_type
686
+ # Indicates whether to list only `LOCAL` type profiles or only `PARTNER`
687
+ # type profiles. If not supplied in the request, the command lists all
688
+ # types of profiles.
689
+ #
690
+ # @option params [Array<String>] :certificate_ids
691
+ # An array of identifiers for the imported certificates. You use this
692
+ # identifier for working with profiles and partner profiles.
693
+ #
694
+ # @option params [Array<Types::Tag>] :tags
695
+ # Key-value pairs that can be used to group and search for AS2 profiles.
696
+ #
697
+ # @return [Types::CreateProfileResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
698
+ #
699
+ # * {Types::CreateProfileResponse#profile_id #profile_id} => String
700
+ #
701
+ # @example Request syntax with placeholder values
702
+ #
703
+ # resp = client.create_profile({
704
+ # as_2_id: "As2Id", # required
705
+ # profile_type: "LOCAL", # required, accepts LOCAL, PARTNER
706
+ # certificate_ids: ["CertificateId"],
707
+ # tags: [
708
+ # {
709
+ # key: "TagKey", # required
710
+ # value: "TagValue", # required
711
+ # },
712
+ # ],
713
+ # })
714
+ #
715
+ # @example Response structure
716
+ #
717
+ # resp.profile_id #=> String
718
+ #
719
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateProfile AWS API Documentation
720
+ #
721
+ # @overload create_profile(params = {})
722
+ # @param [Hash] params ({})
723
+ def create_profile(params = {}, options = {})
724
+ req = build_request(:create_profile, params)
725
+ req.send_request(options)
726
+ end
727
+
519
728
  # Instantiates an auto-scaling virtual server based on the selected file
520
729
  # transfer protocol in Amazon Web Services. When you make updates to
521
730
  # your file transfer protocol-enabled server or when you work with
@@ -523,20 +732,18 @@ module Aws::Transfer
523
732
  # to the newly created server.
524
733
  #
525
734
  # @option params [String] :certificate
526
- # The Amazon Resource Name (ARN) of the Amazon Web Services Certificate
527
- # Manager (ACM) certificate. Required when `Protocols` is set to `FTPS`.
735
+ # The Amazon Resource Name (ARN) of the Certificate Manager (ACM)
736
+ # certificate. Required when `Protocols` is set to `FTPS`.
528
737
  #
529
738
  # To request a new public certificate, see [Request a public
530
- # certificate][1] in the <i> Amazon Web Services Certificate Manager
531
- # User Guide</i>.
739
+ # certificate][1] in the *Certificate Manager User Guide*.
532
740
  #
533
741
  # To import an existing certificate into ACM, see [Importing
534
- # certificates into ACM][2] in the <i> Amazon Web Services Certificate
535
- # Manager User Guide</i>.
742
+ # certificates into ACM][2] in the *Certificate Manager User Guide*.
536
743
  #
537
744
  # To request a private certificate to use FTPS through private IP
538
- # addresses, see [Request a private certificate][3] in the <i> Amazon
539
- # Web Services Certificate Manager User Guide</i>.
745
+ # addresses, see [Request a private certificate][3] in the *Certificate
746
+ # Manager User Guide*.
540
747
  #
541
748
  # Certificates with the following cryptographic algorithms and key sizes
542
749
  # are supported:
@@ -575,10 +782,10 @@ module Aws::Transfer
575
782
  # @option params [Types::EndpointDetails] :endpoint_details
576
783
  # The virtual private cloud (VPC) endpoint settings that are configured
577
784
  # for your server. When you host your endpoint within your VPC, you can
578
- # make it accessible only to resources within your VPC, or you can
579
- # attach Elastic IP addresses and make it accessible to clients over the
580
- # internet. Your VPC's default security groups are automatically
581
- # assigned to your endpoint.
785
+ # make your endpoint accessible only to resources within your VPC, or
786
+ # you can attach Elastic IP addresses and make your endpoint accessible
787
+ # to clients over the internet. Your VPC's default security groups are
788
+ # automatically assigned to your endpoint.
582
789
  #
583
790
  # @option params [String] :endpoint_type
584
791
  # The type of endpoint that you want your server to use. You can choose
@@ -615,8 +822,8 @@ module Aws::Transfer
615
822
  #
616
823
  # `ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key`.
617
824
  #
618
- # Use a minimum value of 2048 for the `-b` option: you can create a
619
- # stronger key using 3072 or 4096.
825
+ # Use a minimum value of 2048 for the `-b` option. You can create a
826
+ # stronger key by using 3072 or 4096.
620
827
  #
621
828
  # Use the following command to generate an ECDSA 256 bit key with no
622
829
  # passphrase:
@@ -638,7 +845,7 @@ module Aws::Transfer
638
845
  # Accidentally changing a server's host key can be disruptive.
639
846
  #
640
847
  # For more information, see [Change the host key for your SFTP-enabled
641
- # server][1] in the *Amazon Web Services Transfer Family User Guide*.
848
+ # server][1] in the *Transfer Family User Guide*.
642
849
  #
643
850
  #
644
851
  #
@@ -652,34 +859,35 @@ module Aws::Transfer
652
859
  # Not required when `IdentityProviderType` is set to `SERVICE_MANAGED`.
653
860
  #
654
861
  # @option params [String] :identity_provider_type
655
- # Specifies the mode of authentication for a server. The default value
656
- # is `SERVICE_MANAGED`, which allows you to store and access user
657
- # credentials within the Amazon Web Services Transfer Family service.
862
+ # The mode of authentication for a server. The default value is
863
+ # `SERVICE_MANAGED`, which allows you to store and access user
864
+ # credentials within the Transfer Family service.
658
865
  #
659
866
  # Use `AWS_DIRECTORY_SERVICE` to provide access to Active Directory
660
- # groups in Amazon Web Services Managed Active Directory or Microsoft
661
- # Active Directory in your on-premises environment or in Amazon Web
662
- # Services using AD Connectors. This option also requires you to provide
663
- # a Directory ID using the `IdentityProviderDetails` parameter.
867
+ # groups in Directory Service for Microsoft Active Directory or
868
+ # Microsoft Active Directory in your on-premises environment or in
869
+ # Amazon Web Services using AD Connector. This option also requires you
870
+ # to provide a Directory ID by using the `IdentityProviderDetails`
871
+ # parameter.
664
872
  #
665
873
  # Use the `API_GATEWAY` value to integrate with an identity provider of
666
874
  # your choosing. The `API_GATEWAY` setting requires you to provide an
667
- # API Gateway endpoint URL to call for authentication using the
668
- # `IdentityProviderDetails` parameter.
875
+ # Amazon API Gateway endpoint URL to call for authentication by using
876
+ # the `IdentityProviderDetails` parameter.
669
877
  #
670
- # Use the `AWS_LAMBDA` value to directly use a Lambda function as your
878
+ # Use the `AWS_LAMBDA` value to directly use an Lambda function as your
671
879
  # identity provider. If you choose this value, you must specify the ARN
672
- # for the lambda function in the `Function` parameter for the
880
+ # for the Lambda function in the `Function` parameter or the
673
881
  # `IdentityProviderDetails` data type.
674
882
  #
675
883
  # @option params [String] :logging_role
676
- # Specifies the Amazon Resource Name (ARN) of the Amazon Web Services
677
- # Identity and Access Management (IAM) role that allows a server to turn
678
- # on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When
679
- # set, user activity can be viewed in your CloudWatch logs.
884
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
885
+ # (IAM) role that allows a server to turn on Amazon CloudWatch logging
886
+ # for Amazon S3 or Amazon EFSevents. When set, you can view user
887
+ # activity in your CloudWatch logs.
680
888
  #
681
889
  # @option params [String] :post_authentication_login_banner
682
- # Specify a string to display when users connect to a server. This
890
+ # Specifies a string to display when users connect to a server. This
683
891
  # string is displayed after the user authenticates.
684
892
  #
685
893
  # <note markdown="1"> The SFTP protocol does not support post-authentication display
@@ -688,9 +896,9 @@ module Aws::Transfer
688
896
  # </note>
689
897
  #
690
898
  # @option params [String] :pre_authentication_login_banner
691
- # Specify a string to display when users connect to a server. This
899
+ # Specifies a string to display when users connect to a server. This
692
900
  # string is displayed before the user authenticates. For example, the
693
- # following banner displays details about using the system.
901
+ # following banner displays details about using the system:
694
902
  #
695
903
  # `This system is for the use of authorized users only. Individuals
696
904
  # using this computer system without authority, or in excess of their
@@ -710,42 +918,52 @@ module Aws::Transfer
710
918
  #
711
919
  # * `FTP` (File Transfer Protocol): Unencrypted file transfer
712
920
  #
713
- # <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in Amazon
714
- # Web Services Certificate Manager (ACM) which is used to identify your
715
- # server when clients connect to it over FTPS.
921
+ # * `AS2` (Applicability Statement 2): used for transporting structured
922
+ # business-to-business data
716
923
  #
717
- # If `Protocol` includes either `FTP` or `FTPS`, then the `EndpointType`
718
- # must be `VPC` and the `IdentityProviderType` must be
719
- # `AWS_DIRECTORY_SERVICE` or `API_GATEWAY`.
924
+ # <note markdown="1"> * If you select `FTPS`, you must choose a certificate stored in
925
+ # Certificate Manager (ACM) which is used to identify your server when
926
+ # clients connect to it over FTPS.
720
927
  #
721
- # If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
722
- # associated.
928
+ # * If `Protocol` includes either `FTP` or `FTPS`, then the
929
+ # `EndpointType` must be `VPC` and the `IdentityProviderType` must be
930
+ # `AWS_DIRECTORY_SERVICE` or `API_GATEWAY`.
723
931
  #
724
- # If `Protocol` is set only to `SFTP`, the `EndpointType` can be set to
725
- # `PUBLIC` and the `IdentityProviderType` can be set to
726
- # `SERVICE_MANAGED`.
932
+ # * If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be
933
+ # associated.
934
+ #
935
+ # * If `Protocol` is set only to `SFTP`, the `EndpointType` can be set
936
+ # to `PUBLIC` and the `IdentityProviderType` can be set to
937
+ # `SERVICE_MANAGED`.
938
+ #
939
+ # * If `Protocol` includes `AS2`, then the `EndpointType` must be `VPC`,
940
+ # and domain must be Amazon S3.
727
941
  #
728
942
  # </note>
729
943
  #
730
944
  # @option params [Types::ProtocolDetails] :protocol_details
731
945
  # The protocol settings that are configured for your server.
732
946
  #
733
- # * Use the `PassiveIp` parameter to indicate passive mode (for FTP and
734
- # FTPS protocols). Enter a single dotted-quad IPv4 address, such as
735
- # the external IP address of a firewall, router, or load balancer.
947
+ # * To indicate passive mode (for FTP and FTPS protocols), use the
948
+ # `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such
949
+ # as the external IP address of a firewall, router, or load balancer.
736
950
  #
737
- # * Use the `SetStatOption` to ignore the error that is generated when
738
- # the client attempts to use SETSTAT on a file you are uploading to an
739
- # S3 bucket. Set the value to `ENABLE_NO_OP` to have the Transfer
740
- # Family server ignore the SETSTAT command, and upload files without
741
- # needing to make any changes to your SFTP client. Note that with
742
- # `SetStatOption` set to `ENABLE_NO_OP`, Transfer generates a log
743
- # entry to CloudWatch Logs, so you can determine when the client is
744
- # making a SETSTAT call.
951
+ # * To ignore the error that is generated when the client attempts to
952
+ # use the `SETSTAT` command on a file that you are uploading to an
953
+ # Amazon S3 bucket, use the `SetStatOption` parameter. To have the
954
+ # Transfer Family server ignore the `SETSTAT` command and upload files
955
+ # without needing to make any changes to your SFTP client, set the
956
+ # value to `ENABLE_NO_OP`. If you set the `SetStatOption` parameter to
957
+ # `ENABLE_NO_OP`, Transfer Family generates a log entry to Amazon
958
+ # CloudWatch Logs, so that you can determine when the client is making
959
+ # a `SETSTAT` call.
745
960
  #
746
- # * Use the `TlsSessionResumptionMode` parameter to determine whether or
747
- # not your Transfer server resumes recent, negotiated sessions through
748
- # a unique session ID.
961
+ # * To determine whether your Transfer Family server resumes recent,
962
+ # negotiated sessions through a unique session ID, use the
963
+ # `TlsSessionResumptionMode` parameter.
964
+ #
965
+ # * `As2Transports` indicates the transport method for the AS2 messages.
966
+ # Currently, only HTTP is supported.
749
967
  #
750
968
  # @option params [String] :security_policy_name
751
969
  # Specifies the name of the security policy that is attached to the
@@ -756,7 +974,7 @@ module Aws::Transfer
756
974
  #
757
975
  # @option params [Types::WorkflowDetails] :workflow_details
758
976
  # Specifies the workflow ID for the workflow to assign and the execution
759
- # role used for executing the workflow.
977
+ # role that's used for executing the workflow.
760
978
  #
761
979
  # @return [Types::CreateServerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
762
980
  #
@@ -786,11 +1004,12 @@ module Aws::Transfer
786
1004
  # logging_role: "Role",
787
1005
  # post_authentication_login_banner: "PostAuthenticationLoginBanner",
788
1006
  # pre_authentication_login_banner: "PreAuthenticationLoginBanner",
789
- # protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
1007
+ # protocols: ["SFTP"], # accepts SFTP, FTP, FTPS, AS2
790
1008
  # protocol_details: {
791
1009
  # passive_ip: "PassiveIp",
792
1010
  # tls_session_resumption_mode: "DISABLED", # accepts DISABLED, ENABLED, ENFORCED
793
1011
  # set_stat_option: "DEFAULT", # accepts DEFAULT, ENABLE_NO_OP
1012
+ # as_2_transports: ["HTTP"], # accepts HTTP
794
1013
  # },
795
1014
  # security_policy_name: "SecurityPolicyName",
796
1015
  # tags: [
@@ -827,9 +1046,9 @@ module Aws::Transfer
827
1046
  # servers that have the `IdentityProviderType` set to `SERVICE_MANAGED`.
828
1047
  # Using parameters for `CreateUser`, you can specify the user name, set
829
1048
  # the home directory, store the user's public key, and assign the
830
- # user's Amazon Web Services Identity and Access Management (IAM) role.
831
- # You can also optionally add a session policy, and assign metadata with
832
- # tags that can be used to group and search for users.
1049
+ # user's Identity and Access Management (IAM) role. You can also
1050
+ # optionally add a session policy, and assign metadata with tags that
1051
+ # can be used to group and search for users.
833
1052
  #
834
1053
  # @option params [String] :home_directory
835
1054
  # The landing directory (folder) for a user when they log in to the
@@ -838,12 +1057,13 @@ module Aws::Transfer
838
1057
  # A `HomeDirectory` example is `/bucket_name/home/mydirectory`.
839
1058
  #
840
1059
  # @option params [String] :home_directory_type
841
- # The type of landing directory (folder) you want your users' home
842
- # directory to be when they log into the server. If you set it to
1060
+ # The type of landing directory (folder) that you want your users' home
1061
+ # directory to be when they log in to the server. If you set it to
843
1062
  # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
844
1063
  # as is in their file transfer protocol clients. If you set it
845
1064
  # `LOGICAL`, you need to provide mappings in the `HomeDirectoryMappings`
846
- # for how you want to make Amazon S3 or EFS paths visible to your users.
1065
+ # for how you want to make Amazon S3 or Amazon EFS paths visible to your
1066
+ # users.
847
1067
  #
848
1068
  # @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
849
1069
  # Logical directory mappings that specify what Amazon S3 or Amazon EFS
@@ -851,10 +1071,9 @@ module Aws::Transfer
851
1071
  # them visible. You must specify the `Entry` and `Target` pair, where
852
1072
  # `Entry` shows how the path is made visible and `Target` is the actual
853
1073
  # Amazon S3 or Amazon EFS path. If you only specify a target, it is
854
- # displayed as is. You also must ensure that your Amazon Web Services
855
- # Identity and Access Management (IAM) role provides access to paths in
856
- # `Target`. This value can only be set when `HomeDirectoryType` is set
857
- # to *LOGICAL*.
1074
+ # displayed as is. You also must ensure that your Identity and Access
1075
+ # Management (IAM) role provides access to paths in `Target`. This value
1076
+ # can be set only when `HomeDirectoryType` is set to *LOGICAL*.
858
1077
  #
859
1078
  # The following is an `Entry` and `Target` pair example.
860
1079
  #
@@ -871,19 +1090,19 @@ module Aws::Transfer
871
1090
  # `[ \{ "Entry": "/", "Target": "/bucket_name/home/mydirectory" \} ]`
872
1091
  #
873
1092
  # @option params [String] :policy
874
- # A session policy for your user so that you can use the same IAM role
875
- # across multiple users. This policy scopes down user access to portions
876
- # of their Amazon S3 bucket. Variables that you can use inside this
877
- # policy include `$\{Transfer:UserName\}`,
878
- # `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
1093
+ # A session policy for your user so that you can use the same Identity
1094
+ # and Access Management (IAM) role across multiple users. This policy
1095
+ # scopes down a user's access to portions of their Amazon S3 bucket.
1096
+ # Variables that you can use inside this policy include
1097
+ # `$\{Transfer:UserName\}`, `$\{Transfer:HomeDirectory\}`, and
1098
+ # `$\{Transfer:HomeBucket\}`.
879
1099
  #
880
- # <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not
881
- # use session policies.
1100
+ # <note markdown="1"> This policy applies only when the domain of `ServerId` is Amazon S3.
1101
+ # Amazon EFS does not use session policies.
882
1102
  #
883
- # For session policies, Amazon Web Services Transfer Family stores the
884
- # policy as a JSON blob, instead of the Amazon Resource Name (ARN) of
885
- # the policy. You save the policy as a JSON blob and pass it in the
886
- # `Policy` argument.
1103
+ # For session policies, Transfer Family stores the policy as a JSON
1104
+ # blob, instead of the Amazon Resource Name (ARN) of the policy. You
1105
+ # save the policy as a JSON blob and pass it in the `Policy` argument.
887
1106
  #
888
1107
  # For an example of a session policy, see [Example session policy][1].
889
1108
  #
@@ -906,13 +1125,14 @@ module Aws::Transfer
906
1125
  # into and out of your Amazon EFS file systems.
907
1126
  #
908
1127
  # @option params [required, String] :role
909
- # Specifies the Amazon Resource Name (ARN) of the IAM role that controls
910
- # your users' access to your Amazon S3 bucket or EFS file system. The
911
- # policies attached to this role determine the level of access that you
912
- # want to provide your users when transferring files into and out of
913
- # your Amazon S3 bucket or EFS file system. The IAM role should also
914
- # contain a trust relationship that allows the server to access your
915
- # resources when servicing your users' transfer requests.
1128
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
1129
+ # (IAM) role that controls your users' access to your Amazon S3 bucket
1130
+ # or Amazon EFS file system. The policies attached to this role
1131
+ # determine the level of access that you want to provide your users when
1132
+ # transferring files into and out of your Amazon S3 bucket or Amazon EFS
1133
+ # file system. The IAM role should also contain a trust relationship
1134
+ # that allows the server to access your resources when servicing your
1135
+ # users' transfer requests.
916
1136
  #
917
1137
  # @option params [required, String] :server_id
918
1138
  # A system-assigned unique identifier for a server instance. This is the
@@ -999,20 +1219,20 @@ module Aws::Transfer
999
1219
  # The `TYPE` specifies which of the following actions is being taken for
1000
1220
  # this step.
1001
1221
  #
1002
- # * *COPY*\: copy the file to another location
1222
+ # * *COPY*\: Copy the file to another location.
1003
1223
  #
1004
- # * *CUSTOM*\: custom step with a lambda target
1224
+ # * *CUSTOM*\: Perform a custom step with an Lambda function target.
1005
1225
  #
1006
- # * *DELETE*\: delete the file
1226
+ # * *DELETE*\: Delete the file.
1007
1227
  #
1008
- # * *TAG*\: add a tag to the file
1228
+ # * *TAG*\: Add a tag to the file.
1009
1229
  #
1010
1230
  # <note markdown="1"> Currently, copying and tagging are supported only on S3.
1011
1231
  #
1012
1232
  # </note>
1013
1233
  #
1014
1234
  # For file location, you specify either the S3 bucket and key, or the
1015
- # EFS filesystem ID and path.
1235
+ # EFS file system ID and path.
1016
1236
  #
1017
1237
  # @option params [Array<Types::WorkflowStep>] :on_exception_steps
1018
1238
  # Specifies the steps (actions) to take if errors are encountered during
@@ -1149,9 +1369,9 @@ module Aws::Transfer
1149
1369
  # A unique identifier that is required to identify specific groups
1150
1370
  # within your directory. The users of the group that you associate have
1151
1371
  # access to your Amazon S3 or Amazon EFS resources over the enabled
1152
- # protocols using Amazon Web Services Transfer Family. If you know the
1153
- # group name, you can view the SID values by running the following
1154
- # command using Windows PowerShell.
1372
+ # protocols using Transfer Family. If you know the group name, you can
1373
+ # view the SID values by running the following command using Windows
1374
+ # PowerShell.
1155
1375
  #
1156
1376
  # `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\}
1157
1377
  # -Properties * | Select SamAccountName,ObjectSid`
@@ -1159,10 +1379,10 @@ module Aws::Transfer
1159
1379
  # In that command, replace *YourGroupName* with the name of your Active
1160
1380
  # Directory group.
1161
1381
  #
1162
- # The regex used to validate this parameter is a string of characters
1163
- # consisting of uppercase and lowercase alphanumeric characters with no
1164
- # spaces. You can also include underscores or any of the following
1165
- # characters: =,.@:/-
1382
+ # The regular expression used to validate this parameter is a string of
1383
+ # characters consisting of uppercase and lowercase alphanumeric
1384
+ # characters with no spaces. You can also include underscores or any of
1385
+ # the following characters: =,.@:/-
1166
1386
  #
1167
1387
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1168
1388
  #
@@ -1182,6 +1402,100 @@ module Aws::Transfer
1182
1402
  req.send_request(options)
1183
1403
  end
1184
1404
 
1405
+ # Delete the agreement that's specified in the provided `AgreementId`.
1406
+ #
1407
+ # @option params [required, String] :agreement_id
1408
+ # A unique identifier for the agreement. This identifier is returned
1409
+ # when you create an agreement.
1410
+ #
1411
+ # @option params [required, String] :server_id
1412
+ # The server ID associated with the agreement that you are deleting.
1413
+ #
1414
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1415
+ #
1416
+ # @example Request syntax with placeholder values
1417
+ #
1418
+ # resp = client.delete_agreement({
1419
+ # agreement_id: "AgreementId", # required
1420
+ # server_id: "ServerId", # required
1421
+ # })
1422
+ #
1423
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteAgreement AWS API Documentation
1424
+ #
1425
+ # @overload delete_agreement(params = {})
1426
+ # @param [Hash] params ({})
1427
+ def delete_agreement(params = {}, options = {})
1428
+ req = build_request(:delete_agreement, params)
1429
+ req.send_request(options)
1430
+ end
1431
+
1432
+ # Deletes the certificate that's specified in the `CertificateId`
1433
+ # parameter.
1434
+ #
1435
+ # @option params [required, String] :certificate_id
1436
+ # The ID of the certificate object that you are deleting.
1437
+ #
1438
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1439
+ #
1440
+ # @example Request syntax with placeholder values
1441
+ #
1442
+ # resp = client.delete_certificate({
1443
+ # certificate_id: "CertificateId", # required
1444
+ # })
1445
+ #
1446
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteCertificate AWS API Documentation
1447
+ #
1448
+ # @overload delete_certificate(params = {})
1449
+ # @param [Hash] params ({})
1450
+ def delete_certificate(params = {}, options = {})
1451
+ req = build_request(:delete_certificate, params)
1452
+ req.send_request(options)
1453
+ end
1454
+
1455
+ # Deletes the agreement that's specified in the provided `ConnectorId`.
1456
+ #
1457
+ # @option params [required, String] :connector_id
1458
+ # The unique identifier for the connector.
1459
+ #
1460
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1461
+ #
1462
+ # @example Request syntax with placeholder values
1463
+ #
1464
+ # resp = client.delete_connector({
1465
+ # connector_id: "ConnectorId", # required
1466
+ # })
1467
+ #
1468
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteConnector AWS API Documentation
1469
+ #
1470
+ # @overload delete_connector(params = {})
1471
+ # @param [Hash] params ({})
1472
+ def delete_connector(params = {}, options = {})
1473
+ req = build_request(:delete_connector, params)
1474
+ req.send_request(options)
1475
+ end
1476
+
1477
+ # Deletes the profile that's specified in the `ProfileId` parameter.
1478
+ #
1479
+ # @option params [required, String] :profile_id
1480
+ # The ID of the profile that you are deleting.
1481
+ #
1482
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1483
+ #
1484
+ # @example Request syntax with placeholder values
1485
+ #
1486
+ # resp = client.delete_profile({
1487
+ # profile_id: "ProfileId", # required
1488
+ # })
1489
+ #
1490
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteProfile AWS API Documentation
1491
+ #
1492
+ # @overload delete_profile(params = {})
1493
+ # @param [Hash] params ({})
1494
+ def delete_profile(params = {}, options = {})
1495
+ req = build_request(:delete_profile, params)
1496
+ req.send_request(options)
1497
+ end
1498
+
1185
1499
  # Deletes the file transfer protocol-enabled server that you specify.
1186
1500
  #
1187
1501
  # No response returns from this operation.
@@ -1297,7 +1611,7 @@ module Aws::Transfer
1297
1611
 
1298
1612
  # Describes the access that is assigned to the specific file transfer
1299
1613
  # protocol-enabled server, as identified by its `ServerId` property and
1300
- # its `ExternalID`.
1614
+ # its `ExternalId`.
1301
1615
  #
1302
1616
  # The response from this call returns the properties of the access that
1303
1617
  # is associated with the `ServerId` value that was specified.
@@ -1310,9 +1624,9 @@ module Aws::Transfer
1310
1624
  # A unique identifier that is required to identify specific groups
1311
1625
  # within your directory. The users of the group that you associate have
1312
1626
  # access to your Amazon S3 or Amazon EFS resources over the enabled
1313
- # protocols using Amazon Web Services Transfer Family. If you know the
1314
- # group name, you can view the SID values by running the following
1315
- # command using Windows PowerShell.
1627
+ # protocols using Transfer Family. If you know the group name, you can
1628
+ # view the SID values by running the following command using Windows
1629
+ # PowerShell.
1316
1630
  #
1317
1631
  # `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\}
1318
1632
  # -Properties * | Select SamAccountName,ObjectSid`
@@ -1320,10 +1634,10 @@ module Aws::Transfer
1320
1634
  # In that command, replace *YourGroupName* with the name of your Active
1321
1635
  # Directory group.
1322
1636
  #
1323
- # The regex used to validate this parameter is a string of characters
1324
- # consisting of uppercase and lowercase alphanumeric characters with no
1325
- # spaces. You can also include underscores or any of the following
1326
- # characters: =,.@:/-
1637
+ # The regular expression used to validate this parameter is a string of
1638
+ # characters consisting of uppercase and lowercase alphanumeric
1639
+ # characters with no spaces. You can also include underscores or any of
1640
+ # the following characters: =,.@:/-
1327
1641
  #
1328
1642
  # @return [Types::DescribeAccessResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1329
1643
  #
@@ -1362,6 +1676,137 @@ module Aws::Transfer
1362
1676
  req.send_request(options)
1363
1677
  end
1364
1678
 
1679
+ # Describes the agreement that's identified by the `AgreementId`.
1680
+ #
1681
+ # @option params [required, String] :agreement_id
1682
+ # A unique identifier for the agreement. This identifier is returned
1683
+ # when you create an agreement.
1684
+ #
1685
+ # @option params [required, String] :server_id
1686
+ # The server ID that's associated with the agreement.
1687
+ #
1688
+ # @return [Types::DescribeAgreementResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1689
+ #
1690
+ # * {Types::DescribeAgreementResponse#agreement #agreement} => Types::DescribedAgreement
1691
+ #
1692
+ # @example Request syntax with placeholder values
1693
+ #
1694
+ # resp = client.describe_agreement({
1695
+ # agreement_id: "AgreementId", # required
1696
+ # server_id: "ServerId", # required
1697
+ # })
1698
+ #
1699
+ # @example Response structure
1700
+ #
1701
+ # resp.agreement.arn #=> String
1702
+ # resp.agreement.agreement_id #=> String
1703
+ # resp.agreement.description #=> String
1704
+ # resp.agreement.status #=> String, one of "ACTIVE", "INACTIVE"
1705
+ # resp.agreement.server_id #=> String
1706
+ # resp.agreement.local_profile_id #=> String
1707
+ # resp.agreement.partner_profile_id #=> String
1708
+ # resp.agreement.base_directory #=> String
1709
+ # resp.agreement.access_role #=> String
1710
+ # resp.agreement.tags #=> Array
1711
+ # resp.agreement.tags[0].key #=> String
1712
+ # resp.agreement.tags[0].value #=> String
1713
+ #
1714
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeAgreement AWS API Documentation
1715
+ #
1716
+ # @overload describe_agreement(params = {})
1717
+ # @param [Hash] params ({})
1718
+ def describe_agreement(params = {}, options = {})
1719
+ req = build_request(:describe_agreement, params)
1720
+ req.send_request(options)
1721
+ end
1722
+
1723
+ # Describes the certificate that's identified by the `CertificateId`.
1724
+ #
1725
+ # @option params [required, String] :certificate_id
1726
+ # An array of identifiers for the imported certificates. You use this
1727
+ # identifier for working with profiles and partner profiles.
1728
+ #
1729
+ # @return [Types::DescribeCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1730
+ #
1731
+ # * {Types::DescribeCertificateResponse#certificate #certificate} => Types::DescribedCertificate
1732
+ #
1733
+ # @example Request syntax with placeholder values
1734
+ #
1735
+ # resp = client.describe_certificate({
1736
+ # certificate_id: "CertificateId", # required
1737
+ # })
1738
+ #
1739
+ # @example Response structure
1740
+ #
1741
+ # resp.certificate.arn #=> String
1742
+ # resp.certificate.certificate_id #=> String
1743
+ # resp.certificate.usage #=> String, one of "SIGNING", "ENCRYPTION"
1744
+ # resp.certificate.status #=> String, one of "ACTIVE", "PENDING_ROTATION", "INACTIVE"
1745
+ # resp.certificate.certificate #=> String
1746
+ # resp.certificate.certificate_chain #=> String
1747
+ # resp.certificate.active_date #=> Time
1748
+ # resp.certificate.inactive_date #=> Time
1749
+ # resp.certificate.serial #=> String
1750
+ # resp.certificate.not_before_date #=> Time
1751
+ # resp.certificate.not_after_date #=> Time
1752
+ # resp.certificate.type #=> String, one of "CERTIFICATE", "CERTIFICATE_WITH_PRIVATE_KEY"
1753
+ # resp.certificate.description #=> String
1754
+ # resp.certificate.tags #=> Array
1755
+ # resp.certificate.tags[0].key #=> String
1756
+ # resp.certificate.tags[0].value #=> String
1757
+ #
1758
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeCertificate AWS API Documentation
1759
+ #
1760
+ # @overload describe_certificate(params = {})
1761
+ # @param [Hash] params ({})
1762
+ def describe_certificate(params = {}, options = {})
1763
+ req = build_request(:describe_certificate, params)
1764
+ req.send_request(options)
1765
+ end
1766
+
1767
+ # Describes the connector that's identified by the `ConnectorId.`
1768
+ #
1769
+ # @option params [required, String] :connector_id
1770
+ # The unique identifier for the connector.
1771
+ #
1772
+ # @return [Types::DescribeConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1773
+ #
1774
+ # * {Types::DescribeConnectorResponse#connector #connector} => Types::DescribedConnector
1775
+ #
1776
+ # @example Request syntax with placeholder values
1777
+ #
1778
+ # resp = client.describe_connector({
1779
+ # connector_id: "ConnectorId", # required
1780
+ # })
1781
+ #
1782
+ # @example Response structure
1783
+ #
1784
+ # resp.connector.arn #=> String
1785
+ # resp.connector.connector_id #=> String
1786
+ # resp.connector.url #=> String
1787
+ # resp.connector.as_2_config.local_profile_id #=> String
1788
+ # resp.connector.as_2_config.partner_profile_id #=> String
1789
+ # resp.connector.as_2_config.message_subject #=> String
1790
+ # resp.connector.as_2_config.compression #=> String, one of "ZLIB", "DISABLED"
1791
+ # resp.connector.as_2_config.encryption_algorithm #=> String, one of "AES128_CBC", "AES192_CBC", "AES256_CBC"
1792
+ # resp.connector.as_2_config.signing_algorithm #=> String, one of "SHA256", "SHA384", "SHA512", "SHA1", "NONE"
1793
+ # resp.connector.as_2_config.mdn_signing_algorithm #=> String, one of "SHA256", "SHA384", "SHA512", "SHA1", "NONE", "DEFAULT"
1794
+ # resp.connector.as_2_config.mdn_response #=> String, one of "SYNC", "NONE"
1795
+ # resp.connector.access_role #=> String
1796
+ # resp.connector.logging_role #=> String
1797
+ # resp.connector.tags #=> Array
1798
+ # resp.connector.tags[0].key #=> String
1799
+ # resp.connector.tags[0].value #=> String
1800
+ #
1801
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeConnector AWS API Documentation
1802
+ #
1803
+ # @overload describe_connector(params = {})
1804
+ # @param [Hash] params ({})
1805
+ def describe_connector(params = {}, options = {})
1806
+ req = build_request(:describe_connector, params)
1807
+ req.send_request(options)
1808
+ end
1809
+
1365
1810
  # You can use `DescribeExecution` to check the details of the execution
1366
1811
  # of the specified workflow.
1367
1812
  #
@@ -1424,6 +1869,43 @@ module Aws::Transfer
1424
1869
  req.send_request(options)
1425
1870
  end
1426
1871
 
1872
+ # Returns the details of the profile that's specified by the
1873
+ # `ProfileId`.
1874
+ #
1875
+ # @option params [required, String] :profile_id
1876
+ # The identifier of the profile that you want described.
1877
+ #
1878
+ # @return [Types::DescribeProfileResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1879
+ #
1880
+ # * {Types::DescribeProfileResponse#profile #profile} => Types::DescribedProfile
1881
+ #
1882
+ # @example Request syntax with placeholder values
1883
+ #
1884
+ # resp = client.describe_profile({
1885
+ # profile_id: "ProfileId", # required
1886
+ # })
1887
+ #
1888
+ # @example Response structure
1889
+ #
1890
+ # resp.profile.arn #=> String
1891
+ # resp.profile.profile_id #=> String
1892
+ # resp.profile.profile_type #=> String, one of "LOCAL", "PARTNER"
1893
+ # resp.profile.as_2_id #=> String
1894
+ # resp.profile.certificate_ids #=> Array
1895
+ # resp.profile.certificate_ids[0] #=> String
1896
+ # resp.profile.tags #=> Array
1897
+ # resp.profile.tags[0].key #=> String
1898
+ # resp.profile.tags[0].value #=> String
1899
+ #
1900
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeProfile AWS API Documentation
1901
+ #
1902
+ # @overload describe_profile(params = {})
1903
+ # @param [Hash] params ({})
1904
+ def describe_profile(params = {}, options = {})
1905
+ req = build_request(:describe_profile, params)
1906
+ req.send_request(options)
1907
+ end
1908
+
1427
1909
  # Describes the security policy that is attached to your file transfer
1428
1910
  # protocol-enabled server. The response contains a description of the
1429
1911
  # security policy's properties. For more information about security
@@ -1496,6 +1978,8 @@ module Aws::Transfer
1496
1978
  # resp.server.protocol_details.passive_ip #=> String
1497
1979
  # resp.server.protocol_details.tls_session_resumption_mode #=> String, one of "DISABLED", "ENABLED", "ENFORCED"
1498
1980
  # resp.server.protocol_details.set_stat_option #=> String, one of "DEFAULT", "ENABLE_NO_OP"
1981
+ # resp.server.protocol_details.as_2_transports #=> Array
1982
+ # resp.server.protocol_details.as_2_transports[0] #=> String, one of "HTTP"
1499
1983
  # resp.server.domain #=> String, one of "S3", "EFS"
1500
1984
  # resp.server.endpoint_details.address_allocation_ids #=> Array
1501
1985
  # resp.server.endpoint_details.address_allocation_ids[0] #=> String
@@ -1516,7 +2000,7 @@ module Aws::Transfer
1516
2000
  # resp.server.post_authentication_login_banner #=> String
1517
2001
  # resp.server.pre_authentication_login_banner #=> String
1518
2002
  # resp.server.protocols #=> Array
1519
- # resp.server.protocols[0] #=> String, one of "SFTP", "FTP", "FTPS"
2003
+ # resp.server.protocols[0] #=> String, one of "SFTP", "FTP", "FTPS", "AS2"
1520
2004
  # resp.server.security_policy_name #=> String
1521
2005
  # resp.server.server_id #=> String
1522
2006
  # resp.server.state #=> String, one of "OFFLINE", "ONLINE", "STARTING", "STOPPING", "START_FAILED", "STOP_FAILED"
@@ -1555,8 +2039,8 @@ module Aws::Transfer
1555
2039
  #
1556
2040
  # @option params [required, String] :user_name
1557
2041
  # The name of the user assigned to one or more servers. User names are
1558
- # part of the sign-in credentials to use the Amazon Web Services
1559
- # Transfer Family service and perform file transfer tasks.
2042
+ # part of the sign-in credentials to use the Transfer Family service and
2043
+ # perform file transfer tasks.
1560
2044
  #
1561
2045
  # @return [Types::DescribeUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1562
2046
  #
@@ -1676,6 +2160,70 @@ module Aws::Transfer
1676
2160
  req.send_request(options)
1677
2161
  end
1678
2162
 
2163
+ # Imports the signing and encryption certificates that you need to
2164
+ # create local (AS2) profiles and partner profiles.
2165
+ #
2166
+ # @option params [required, String] :usage
2167
+ # Specifies whether this certificate is used for signing or encryption.
2168
+ #
2169
+ # @option params [required, String] :certificate
2170
+ # The file that contains the certificate to import.
2171
+ #
2172
+ # @option params [String] :certificate_chain
2173
+ # An optional list of certificates that make up the chain for the
2174
+ # certificate that's being imported.
2175
+ #
2176
+ # @option params [String] :private_key
2177
+ # The file that contains the private key for the certificate that's
2178
+ # being imported.
2179
+ #
2180
+ # @option params [Time,DateTime,Date,Integer,String] :active_date
2181
+ # An optional date that specifies when the certificate becomes active.
2182
+ #
2183
+ # @option params [Time,DateTime,Date,Integer,String] :inactive_date
2184
+ # An optional date that specifies when the certificate becomes inactive.
2185
+ #
2186
+ # @option params [String] :description
2187
+ # A short description that helps identify the certificate.
2188
+ #
2189
+ # @option params [Array<Types::Tag>] :tags
2190
+ # Key-value pairs that can be used to group and search for certificates.
2191
+ #
2192
+ # @return [Types::ImportCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2193
+ #
2194
+ # * {Types::ImportCertificateResponse#certificate_id #certificate_id} => String
2195
+ #
2196
+ # @example Request syntax with placeholder values
2197
+ #
2198
+ # resp = client.import_certificate({
2199
+ # usage: "SIGNING", # required, accepts SIGNING, ENCRYPTION
2200
+ # certificate: "CertificateBodyType", # required
2201
+ # certificate_chain: "CertificateChainType",
2202
+ # private_key: "PrivateKeyType",
2203
+ # active_date: Time.now,
2204
+ # inactive_date: Time.now,
2205
+ # description: "Description",
2206
+ # tags: [
2207
+ # {
2208
+ # key: "TagKey", # required
2209
+ # value: "TagValue", # required
2210
+ # },
2211
+ # ],
2212
+ # })
2213
+ #
2214
+ # @example Response structure
2215
+ #
2216
+ # resp.certificate_id #=> String
2217
+ #
2218
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ImportCertificate AWS API Documentation
2219
+ #
2220
+ # @overload import_certificate(params = {})
2221
+ # @param [Hash] params ({})
2222
+ def import_certificate(params = {}, options = {})
2223
+ req = build_request(:import_certificate, params)
2224
+ req.send_request(options)
2225
+ end
2226
+
1679
2227
  # Adds a Secure Shell (SSH) public key to a user account identified by a
1680
2228
  # `UserName` value assigned to the specific file transfer
1681
2229
  # protocol-enabled server, identified by `ServerId`.
@@ -1773,10 +2321,159 @@ module Aws::Transfer
1773
2321
  req.send_request(options)
1774
2322
  end
1775
2323
 
2324
+ # Returns a list of the agreements for the server that's identified by
2325
+ # the `ServerId` that you supply. If you want to limit the results to a
2326
+ # certain number, supply a value for the `MaxResults` parameter. If you
2327
+ # ran the command previously and received a value for `NextToken`, you
2328
+ # can supply that value to continue listing agreements from where you
2329
+ # left off.
2330
+ #
2331
+ # @option params [Integer] :max_results
2332
+ # The maximum number of agreements to return.
2333
+ #
2334
+ # @option params [String] :next_token
2335
+ # When you can get additional results from the `ListAgreements` call, a
2336
+ # `NextToken` parameter is returned in the output. You can then pass in
2337
+ # a subsequent command to the `NextToken` parameter to continue listing
2338
+ # additional agreements.
2339
+ #
2340
+ # @option params [required, String] :server_id
2341
+ # The identifier of the server for which you want a list of agreements.
2342
+ #
2343
+ # @return [Types::ListAgreementsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2344
+ #
2345
+ # * {Types::ListAgreementsResponse#next_token #next_token} => String
2346
+ # * {Types::ListAgreementsResponse#agreements #agreements} => Array&lt;Types::ListedAgreement&gt;
2347
+ #
2348
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
2349
+ #
2350
+ # @example Request syntax with placeholder values
2351
+ #
2352
+ # resp = client.list_agreements({
2353
+ # max_results: 1,
2354
+ # next_token: "NextToken",
2355
+ # server_id: "ServerId", # required
2356
+ # })
2357
+ #
2358
+ # @example Response structure
2359
+ #
2360
+ # resp.next_token #=> String
2361
+ # resp.agreements #=> Array
2362
+ # resp.agreements[0].arn #=> String
2363
+ # resp.agreements[0].agreement_id #=> String
2364
+ # resp.agreements[0].description #=> String
2365
+ # resp.agreements[0].status #=> String, one of "ACTIVE", "INACTIVE"
2366
+ # resp.agreements[0].server_id #=> String
2367
+ # resp.agreements[0].local_profile_id #=> String
2368
+ # resp.agreements[0].partner_profile_id #=> String
2369
+ #
2370
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListAgreements AWS API Documentation
2371
+ #
2372
+ # @overload list_agreements(params = {})
2373
+ # @param [Hash] params ({})
2374
+ def list_agreements(params = {}, options = {})
2375
+ req = build_request(:list_agreements, params)
2376
+ req.send_request(options)
2377
+ end
2378
+
2379
+ # Returns a list of the current certificates that have been imported
2380
+ # into Transfer Family. If you want to limit the results to a certain
2381
+ # number, supply a value for the `MaxResults` parameter. If you ran the
2382
+ # command previously and received a value for the `NextToken` parameter,
2383
+ # you can supply that value to continue listing certificates from where
2384
+ # you left off.
2385
+ #
2386
+ # @option params [Integer] :max_results
2387
+ # The maximum number of certificates to return.
2388
+ #
2389
+ # @option params [String] :next_token
2390
+ # When you can get additional results from the `ListCertificates` call,
2391
+ # a `NextToken` parameter is returned in the output. You can then pass
2392
+ # in a subsequent command to the `NextToken` parameter to continue
2393
+ # listing additional certificates.
2394
+ #
2395
+ # @return [Types::ListCertificatesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2396
+ #
2397
+ # * {Types::ListCertificatesResponse#next_token #next_token} => String
2398
+ # * {Types::ListCertificatesResponse#certificates #certificates} => Array&lt;Types::ListedCertificate&gt;
2399
+ #
2400
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
2401
+ #
2402
+ # @example Request syntax with placeholder values
2403
+ #
2404
+ # resp = client.list_certificates({
2405
+ # max_results: 1,
2406
+ # next_token: "NextToken",
2407
+ # })
2408
+ #
2409
+ # @example Response structure
2410
+ #
2411
+ # resp.next_token #=> String
2412
+ # resp.certificates #=> Array
2413
+ # resp.certificates[0].arn #=> String
2414
+ # resp.certificates[0].certificate_id #=> String
2415
+ # resp.certificates[0].usage #=> String, one of "SIGNING", "ENCRYPTION"
2416
+ # resp.certificates[0].status #=> String, one of "ACTIVE", "PENDING_ROTATION", "INACTIVE"
2417
+ # resp.certificates[0].active_date #=> Time
2418
+ # resp.certificates[0].inactive_date #=> Time
2419
+ # resp.certificates[0].type #=> String, one of "CERTIFICATE", "CERTIFICATE_WITH_PRIVATE_KEY"
2420
+ # resp.certificates[0].description #=> String
2421
+ #
2422
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListCertificates AWS API Documentation
2423
+ #
2424
+ # @overload list_certificates(params = {})
2425
+ # @param [Hash] params ({})
2426
+ def list_certificates(params = {}, options = {})
2427
+ req = build_request(:list_certificates, params)
2428
+ req.send_request(options)
2429
+ end
2430
+
2431
+ # Lists the connectors for the specified Region.
2432
+ #
2433
+ # @option params [Integer] :max_results
2434
+ # The maximum number of connectors to return.
2435
+ #
2436
+ # @option params [String] :next_token
2437
+ # When you can get additional results from the `ListConnectors` call, a
2438
+ # `NextToken` parameter is returned in the output. You can then pass in
2439
+ # a subsequent command to the `NextToken` parameter to continue listing
2440
+ # additional connectors.
2441
+ #
2442
+ # @return [Types::ListConnectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2443
+ #
2444
+ # * {Types::ListConnectorsResponse#next_token #next_token} => String
2445
+ # * {Types::ListConnectorsResponse#connectors #connectors} => Array&lt;Types::ListedConnector&gt;
2446
+ #
2447
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
2448
+ #
2449
+ # @example Request syntax with placeholder values
2450
+ #
2451
+ # resp = client.list_connectors({
2452
+ # max_results: 1,
2453
+ # next_token: "NextToken",
2454
+ # })
2455
+ #
2456
+ # @example Response structure
2457
+ #
2458
+ # resp.next_token #=> String
2459
+ # resp.connectors #=> Array
2460
+ # resp.connectors[0].arn #=> String
2461
+ # resp.connectors[0].connector_id #=> String
2462
+ # resp.connectors[0].url #=> String
2463
+ #
2464
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListConnectors AWS API Documentation
2465
+ #
2466
+ # @overload list_connectors(params = {})
2467
+ # @param [Hash] params ({})
2468
+ def list_connectors(params = {}, options = {})
2469
+ req = build_request(:list_connectors, params)
2470
+ req.send_request(options)
2471
+ end
2472
+
1776
2473
  # Lists all executions for the specified workflow.
1777
2474
  #
1778
2475
  # @option params [Integer] :max_results
1779
- # Specifies the aximum number of executions to return.
2476
+ # Specifies the maximum number of executions to return.
1780
2477
  #
1781
2478
  # @option params [String] :next_token
1782
2479
  # `ListExecutions` returns the `NextToken` parameter in the output. You
@@ -1785,13 +2482,13 @@ module Aws::Transfer
1785
2482
  #
1786
2483
  # This is useful for pagination, for instance. If you have 100
1787
2484
  # executions for a workflow, you might only want to list first 10. If
1788
- # so, callthe API by specifing the `max-results`\:
2485
+ # so, call the API by specifying the `max-results`\:
1789
2486
  #
1790
2487
  # `aws transfer list-executions --max-results 10`
1791
2488
  #
1792
2489
  # This returns details for the first 10 executions, as well as the
1793
2490
  # pointer (`NextToken`) to the eleventh execution. You can now call the
1794
- # API again, suppling the `NextToken` value you received:
2491
+ # API again, supplying the `NextToken` value you received:
1795
2492
  #
1796
2493
  # `aws transfer list-executions --max-results 10 --next-token
1797
2494
  # $somePointerReturnedFromPreviousListResult`
@@ -1845,6 +2542,58 @@ module Aws::Transfer
1845
2542
  req.send_request(options)
1846
2543
  end
1847
2544
 
2545
+ # Returns a list of the profiles for your system. If you want to limit
2546
+ # the results to a certain number, supply a value for the `MaxResults`
2547
+ # parameter. If you ran the command previously and received a value for
2548
+ # `NextToken`, you can supply that value to continue listing profiles
2549
+ # from where you left off.
2550
+ #
2551
+ # @option params [Integer] :max_results
2552
+ # The maximum number of profiles to return.
2553
+ #
2554
+ # @option params [String] :next_token
2555
+ # When there are additional results that were not returned, a
2556
+ # `NextToken` parameter is returned. You can use that value for a
2557
+ # subsequent call to `ListProfiles` to continue listing results.
2558
+ #
2559
+ # @option params [String] :profile_type
2560
+ # Indicates whether to list only `LOCAL` type profiles or only `PARTNER`
2561
+ # type profiles. If not supplied in the request, the command lists all
2562
+ # types of profiles.
2563
+ #
2564
+ # @return [Types::ListProfilesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2565
+ #
2566
+ # * {Types::ListProfilesResponse#next_token #next_token} => String
2567
+ # * {Types::ListProfilesResponse#profiles #profiles} => Array&lt;Types::ListedProfile&gt;
2568
+ #
2569
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
2570
+ #
2571
+ # @example Request syntax with placeholder values
2572
+ #
2573
+ # resp = client.list_profiles({
2574
+ # max_results: 1,
2575
+ # next_token: "NextToken",
2576
+ # profile_type: "LOCAL", # accepts LOCAL, PARTNER
2577
+ # })
2578
+ #
2579
+ # @example Response structure
2580
+ #
2581
+ # resp.next_token #=> String
2582
+ # resp.profiles #=> Array
2583
+ # resp.profiles[0].arn #=> String
2584
+ # resp.profiles[0].profile_id #=> String
2585
+ # resp.profiles[0].as_2_id #=> String
2586
+ # resp.profiles[0].profile_type #=> String, one of "LOCAL", "PARTNER"
2587
+ #
2588
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListProfiles AWS API Documentation
2589
+ #
2590
+ # @overload list_profiles(params = {})
2591
+ # @param [Hash] params ({})
2592
+ def list_profiles(params = {}, options = {})
2593
+ req = build_request(:list_profiles, params)
2594
+ req.send_request(options)
2595
+ end
2596
+
1848
2597
  # Lists the security policies that are attached to your file transfer
1849
2598
  # protocol-enabled servers.
1850
2599
  #
@@ -2121,6 +2870,41 @@ module Aws::Transfer
2121
2870
  req.send_request(options)
2122
2871
  end
2123
2872
 
2873
+ # Begins an outbound file transfer. You specify the `ConnectorId` and
2874
+ # the file paths for where to send the files.
2875
+ #
2876
+ # @option params [required, String] :connector_id
2877
+ # The unique identifier for the connector.
2878
+ #
2879
+ # @option params [required, Array<String>] :send_file_paths
2880
+ # An array of strings. Each string represents the absolute path for one
2881
+ # outbound file transfer. For example, ` DOC-EXAMPLE-BUCKET/myfile.txt
2882
+ # `.
2883
+ #
2884
+ # @return [Types::StartFileTransferResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2885
+ #
2886
+ # * {Types::StartFileTransferResponse#transfer_id #transfer_id} => String
2887
+ #
2888
+ # @example Request syntax with placeholder values
2889
+ #
2890
+ # resp = client.start_file_transfer({
2891
+ # connector_id: "ConnectorId", # required
2892
+ # send_file_paths: ["FilePath"], # required
2893
+ # })
2894
+ #
2895
+ # @example Response structure
2896
+ #
2897
+ # resp.transfer_id #=> String
2898
+ #
2899
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/StartFileTransfer AWS API Documentation
2900
+ #
2901
+ # @overload start_file_transfer(params = {})
2902
+ # @param [Hash] params ({})
2903
+ def start_file_transfer(params = {}, options = {})
2904
+ req = build_request(:start_file_transfer, params)
2905
+ req.send_request(options)
2906
+ end
2907
+
2124
2908
  # Changes the state of a file transfer protocol-enabled server from
2125
2909
  # `OFFLINE` to `ONLINE`. It has no impact on a server that is already
2126
2910
  # `ONLINE`. An `ONLINE` server can accept and process file transfer
@@ -2157,7 +2941,7 @@ module Aws::Transfer
2157
2941
  # file transfer jobs. Information tied to your server, such as server
2158
2942
  # and user properties, are not affected by stopping your server.
2159
2943
  #
2160
- # <note markdown="1"> Stopping the server will not reduce or impact your file transfer
2944
+ # <note markdown="1"> Stopping the server does not reduce or impact your file transfer
2161
2945
  # protocol endpoint billing; you must delete the server to stop being
2162
2946
  # billed.
2163
2947
  #
@@ -2295,7 +3079,7 @@ module Aws::Transfer
2295
3079
  #
2296
3080
  # resp = client.test_identity_provider({
2297
3081
  # server_id: "ServerId", # required
2298
- # server_protocol: "SFTP", # accepts SFTP, FTP, FTPS
3082
+ # server_protocol: "SFTP", # accepts SFTP, FTP, FTPS, AS2
2299
3083
  # source_ip: "SourceIp",
2300
3084
  # user_name: "UserName", # required
2301
3085
  # user_password: "UserPassword",
@@ -2361,12 +3145,13 @@ module Aws::Transfer
2361
3145
  # A `HomeDirectory` example is `/bucket_name/home/mydirectory`.
2362
3146
  #
2363
3147
  # @option params [String] :home_directory_type
2364
- # The type of landing directory (folder) you want your users' home
2365
- # directory to be when they log into the server. If you set it to
3148
+ # The type of landing directory (folder) that you want your users' home
3149
+ # directory to be when they log in to the server. If you set it to
2366
3150
  # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
2367
3151
  # as is in their file transfer protocol clients. If you set it
2368
3152
  # `LOGICAL`, you need to provide mappings in the `HomeDirectoryMappings`
2369
- # for how you want to make Amazon S3 or EFS paths visible to your users.
3153
+ # for how you want to make Amazon S3 or Amazon EFS paths visible to your
3154
+ # users.
2370
3155
  #
2371
3156
  # @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
2372
3157
  # Logical directory mappings that specify what Amazon S3 or Amazon EFS
@@ -2374,10 +3159,9 @@ module Aws::Transfer
2374
3159
  # them visible. You must specify the `Entry` and `Target` pair, where
2375
3160
  # `Entry` shows how the path is made visible and `Target` is the actual
2376
3161
  # Amazon S3 or Amazon EFS path. If you only specify a target, it is
2377
- # displayed as is. You also must ensure that your Amazon Web Services
2378
- # Identity and Access Management (IAM) role provides access to paths in
2379
- # `Target`. This value can only be set when `HomeDirectoryType` is set
2380
- # to *LOGICAL*.
3162
+ # displayed as is. You also must ensure that your Identity and Access
3163
+ # Management (IAM) role provides access to paths in `Target`. This value
3164
+ # can be set only when `HomeDirectoryType` is set to *LOGICAL*.
2381
3165
  #
2382
3166
  # The following is an `Entry` and `Target` pair example.
2383
3167
  #
@@ -2394,19 +3178,19 @@ module Aws::Transfer
2394
3178
  # `[ \{ "Entry": "/", "Target": "/bucket_name/home/mydirectory" \} ]`
2395
3179
  #
2396
3180
  # @option params [String] :policy
2397
- # A session policy for your user so that you can use the same IAM role
2398
- # across multiple users. This policy scopes down user access to portions
2399
- # of their Amazon S3 bucket. Variables that you can use inside this
2400
- # policy include `$\{Transfer:UserName\}`,
2401
- # `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
3181
+ # A session policy for your user so that you can use the same Identity
3182
+ # and Access Management (IAM) role across multiple users. This policy
3183
+ # scopes down a user's access to portions of their Amazon S3 bucket.
3184
+ # Variables that you can use inside this policy include
3185
+ # `$\{Transfer:UserName\}`, `$\{Transfer:HomeDirectory\}`, and
3186
+ # `$\{Transfer:HomeBucket\}`.
2402
3187
  #
2403
- # <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not
2404
- # use session policies.
3188
+ # <note markdown="1"> This policy applies only when the domain of `ServerId` is Amazon S3.
3189
+ # Amazon EFS does not use session policies.
2405
3190
  #
2406
- # For session policies, Amazon Web Services Transfer Family stores the
2407
- # policy as a JSON blob, instead of the Amazon Resource Name (ARN) of
2408
- # the policy. You save the policy as a JSON blob and pass it in the
2409
- # `Policy` argument.
3191
+ # For session policies, Transfer Family stores the policy as a JSON
3192
+ # blob, instead of the Amazon Resource Name (ARN) of the policy. You
3193
+ # save the policy as a JSON blob and pass it in the `Policy` argument.
2410
3194
  #
2411
3195
  # For an example of a session policy, see [Example session policy][1].
2412
3196
  #
@@ -2429,13 +3213,14 @@ module Aws::Transfer
2429
3213
  # out of your Amazon EFS file systems.
2430
3214
  #
2431
3215
  # @option params [String] :role
2432
- # Specifies the Amazon Resource Name (ARN) of the IAM role that controls
2433
- # your users' access to your Amazon S3 bucket or EFS file system. The
2434
- # policies attached to this role determine the level of access that you
2435
- # want to provide your users when transferring files into and out of
2436
- # your Amazon S3 bucket or EFS file system. The IAM role should also
2437
- # contain a trust relationship that allows the server to access your
2438
- # resources when servicing your users' transfer requests.
3216
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
3217
+ # (IAM) role that controls your users' access to your Amazon S3 bucket
3218
+ # or Amazon EFS file system. The policies attached to this role
3219
+ # determine the level of access that you want to provide your users when
3220
+ # transferring files into and out of your Amazon S3 bucket or Amazon EFS
3221
+ # file system. The IAM role should also contain a trust relationship
3222
+ # that allows the server to access your resources when servicing your
3223
+ # users' transfer requests.
2439
3224
  #
2440
3225
  # @option params [required, String] :server_id
2441
3226
  # A system-assigned unique identifier for a server instance. This is the
@@ -2445,9 +3230,9 @@ module Aws::Transfer
2445
3230
  # A unique identifier that is required to identify specific groups
2446
3231
  # within your directory. The users of the group that you associate have
2447
3232
  # access to your Amazon S3 or Amazon EFS resources over the enabled
2448
- # protocols using Amazon Web Services Transfer Family. If you know the
2449
- # group name, you can view the SID values by running the following
2450
- # command using Windows PowerShell.
3233
+ # protocols using Transfer Family. If you know the group name, you can
3234
+ # view the SID values by running the following command using Windows
3235
+ # PowerShell.
2451
3236
  #
2452
3237
  # `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\}
2453
3238
  # -Properties * | Select SamAccountName,ObjectSid`
@@ -2455,10 +3240,10 @@ module Aws::Transfer
2455
3240
  # In that command, replace *YourGroupName* with the name of your Active
2456
3241
  # Directory group.
2457
3242
  #
2458
- # The regex used to validate this parameter is a string of characters
2459
- # consisting of uppercase and lowercase alphanumeric characters with no
2460
- # spaces. You can also include underscores or any of the following
2461
- # characters: =,.@:/-
3243
+ # The regular expression used to validate this parameter is a string of
3244
+ # characters consisting of uppercase and lowercase alphanumeric
3245
+ # characters with no spaces. You can also include underscores or any of
3246
+ # the following characters: =,.@:/-
2462
3247
  #
2463
3248
  # @return [Types::UpdateAccessResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2464
3249
  #
@@ -2501,6 +3286,216 @@ module Aws::Transfer
2501
3286
  req.send_request(options)
2502
3287
  end
2503
3288
 
3289
+ # Updates some of the parameters for an existing agreement. Provide the
3290
+ # `AgreementId` and the `ServerId` for the agreement that you want to
3291
+ # update, along with the new values for the parameters to update.
3292
+ #
3293
+ # @option params [required, String] :agreement_id
3294
+ # A unique identifier for the agreement. This identifier is returned
3295
+ # when you create an agreement.
3296
+ #
3297
+ # @option params [required, String] :server_id
3298
+ # A system-assigned unique identifier for a server instance. This is the
3299
+ # specific server that the agreement uses.
3300
+ #
3301
+ # @option params [String] :description
3302
+ # To replace the existing description, provide a short description for
3303
+ # the agreement.
3304
+ #
3305
+ # @option params [String] :status
3306
+ # You can update the status for the agreement, either activating an
3307
+ # inactive agreement or the reverse.
3308
+ #
3309
+ # @option params [String] :local_profile_id
3310
+ # To change the local profile identifier, provide a new value here.
3311
+ #
3312
+ # @option params [String] :partner_profile_id
3313
+ # To change the partner profile identifier, provide a new value here.
3314
+ #
3315
+ # @option params [String] :base_directory
3316
+ # To change the landing directory (folder) for files that are
3317
+ # transferred, provide the bucket folder that you want to use; for
3318
+ # example, `/DOC-EXAMPLE-BUCKET/home/mydirectory `.
3319
+ #
3320
+ # @option params [String] :access_role
3321
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
3322
+ # (IAM) role that grants access to at least the `HomeDirectory` of your
3323
+ # users' Amazon S3 buckets.
3324
+ #
3325
+ # @return [Types::UpdateAgreementResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3326
+ #
3327
+ # * {Types::UpdateAgreementResponse#agreement_id #agreement_id} => String
3328
+ #
3329
+ # @example Request syntax with placeholder values
3330
+ #
3331
+ # resp = client.update_agreement({
3332
+ # agreement_id: "AgreementId", # required
3333
+ # server_id: "ServerId", # required
3334
+ # description: "Description",
3335
+ # status: "ACTIVE", # accepts ACTIVE, INACTIVE
3336
+ # local_profile_id: "ProfileId",
3337
+ # partner_profile_id: "ProfileId",
3338
+ # base_directory: "HomeDirectory",
3339
+ # access_role: "Role",
3340
+ # })
3341
+ #
3342
+ # @example Response structure
3343
+ #
3344
+ # resp.agreement_id #=> String
3345
+ #
3346
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateAgreement AWS API Documentation
3347
+ #
3348
+ # @overload update_agreement(params = {})
3349
+ # @param [Hash] params ({})
3350
+ def update_agreement(params = {}, options = {})
3351
+ req = build_request(:update_agreement, params)
3352
+ req.send_request(options)
3353
+ end
3354
+
3355
+ # Updates the active and inactive dates for a certificate.
3356
+ #
3357
+ # @option params [required, String] :certificate_id
3358
+ # The identifier of the certificate object that you are updating.
3359
+ #
3360
+ # @option params [Time,DateTime,Date,Integer,String] :active_date
3361
+ # An optional date that specifies when the certificate becomes active.
3362
+ #
3363
+ # @option params [Time,DateTime,Date,Integer,String] :inactive_date
3364
+ # An optional date that specifies when the certificate becomes inactive.
3365
+ #
3366
+ # @option params [String] :description
3367
+ # A short description to help identify the certificate.
3368
+ #
3369
+ # @return [Types::UpdateCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3370
+ #
3371
+ # * {Types::UpdateCertificateResponse#certificate_id #certificate_id} => String
3372
+ #
3373
+ # @example Request syntax with placeholder values
3374
+ #
3375
+ # resp = client.update_certificate({
3376
+ # certificate_id: "CertificateId", # required
3377
+ # active_date: Time.now,
3378
+ # inactive_date: Time.now,
3379
+ # description: "Description",
3380
+ # })
3381
+ #
3382
+ # @example Response structure
3383
+ #
3384
+ # resp.certificate_id #=> String
3385
+ #
3386
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateCertificate AWS API Documentation
3387
+ #
3388
+ # @overload update_certificate(params = {})
3389
+ # @param [Hash] params ({})
3390
+ def update_certificate(params = {}, options = {})
3391
+ req = build_request(:update_certificate, params)
3392
+ req.send_request(options)
3393
+ end
3394
+
3395
+ # Updates some of the parameters for an existing connector. Provide the
3396
+ # `ConnectorId` for the connector that you want to update, along with
3397
+ # the new values for the parameters to update.
3398
+ #
3399
+ # @option params [required, String] :connector_id
3400
+ # The unique identifier for the connector.
3401
+ #
3402
+ # @option params [String] :url
3403
+ # The URL of the partner's AS2 endpoint.
3404
+ #
3405
+ # @option params [Types::As2ConnectorConfig] :as_2_config
3406
+ # A structure that contains the parameters for a connector object.
3407
+ #
3408
+ # @option params [String] :access_role
3409
+ # With AS2, you can send files by calling `StartFileTransfer` and
3410
+ # specifying the file paths in the request parameter, `SendFilePaths`.
3411
+ # We use the file’s parent directory (for example, for
3412
+ # `--send-file-paths /bucket/dir/file.txt`, parent directory is
3413
+ # `/bucket/dir/`) to temporarily store a processed AS2 message file,
3414
+ # store the MDN when we receive them from the partner, and write a final
3415
+ # JSON file containing relevant metadata of the transmission. So, the
3416
+ # `AccessRole` needs to provide read and write access to the parent
3417
+ # directory of the file location used in the `StartFileTransfer`
3418
+ # request. Additionally, you need to provide read and write access to
3419
+ # the parent directory of the files that you intend to send with
3420
+ # `StartFileTransfer`.
3421
+ #
3422
+ # @option params [String] :logging_role
3423
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
3424
+ # (IAM) role that allows a connector to turn on CloudWatch logging for
3425
+ # Amazon S3 events. When set, you can view connector activity in your
3426
+ # CloudWatch logs.
3427
+ #
3428
+ # @return [Types::UpdateConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3429
+ #
3430
+ # * {Types::UpdateConnectorResponse#connector_id #connector_id} => String
3431
+ #
3432
+ # @example Request syntax with placeholder values
3433
+ #
3434
+ # resp = client.update_connector({
3435
+ # connector_id: "ConnectorId", # required
3436
+ # url: "Url",
3437
+ # as_2_config: {
3438
+ # local_profile_id: "ProfileId",
3439
+ # partner_profile_id: "ProfileId",
3440
+ # message_subject: "MessageSubject",
3441
+ # compression: "ZLIB", # accepts ZLIB, DISABLED
3442
+ # encryption_algorithm: "AES128_CBC", # accepts AES128_CBC, AES192_CBC, AES256_CBC
3443
+ # signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE
3444
+ # mdn_signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE, DEFAULT
3445
+ # mdn_response: "SYNC", # accepts SYNC, NONE
3446
+ # },
3447
+ # access_role: "Role",
3448
+ # logging_role: "Role",
3449
+ # })
3450
+ #
3451
+ # @example Response structure
3452
+ #
3453
+ # resp.connector_id #=> String
3454
+ #
3455
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateConnector AWS API Documentation
3456
+ #
3457
+ # @overload update_connector(params = {})
3458
+ # @param [Hash] params ({})
3459
+ def update_connector(params = {}, options = {})
3460
+ req = build_request(:update_connector, params)
3461
+ req.send_request(options)
3462
+ end
3463
+
3464
+ # Updates some of the parameters for an existing profile. Provide the
3465
+ # `ProfileId` for the profile that you want to update, along with the
3466
+ # new values for the parameters to update.
3467
+ #
3468
+ # @option params [required, String] :profile_id
3469
+ # The identifier of the profile object that you are updating.
3470
+ #
3471
+ # @option params [Array<String>] :certificate_ids
3472
+ # An array of identifiers for the imported certificates. You use this
3473
+ # identifier for working with profiles and partner profiles.
3474
+ #
3475
+ # @return [Types::UpdateProfileResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3476
+ #
3477
+ # * {Types::UpdateProfileResponse#profile_id #profile_id} => String
3478
+ #
3479
+ # @example Request syntax with placeholder values
3480
+ #
3481
+ # resp = client.update_profile({
3482
+ # profile_id: "ProfileId", # required
3483
+ # certificate_ids: ["CertificateId"],
3484
+ # })
3485
+ #
3486
+ # @example Response structure
3487
+ #
3488
+ # resp.profile_id #=> String
3489
+ #
3490
+ # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateProfile AWS API Documentation
3491
+ #
3492
+ # @overload update_profile(params = {})
3493
+ # @param [Hash] params ({})
3494
+ def update_profile(params = {}, options = {})
3495
+ req = build_request(:update_profile, params)
3496
+ req.send_request(options)
3497
+ end
3498
+
2504
3499
  # Updates the file transfer protocol-enabled server's properties after
2505
3500
  # that server has been created.
2506
3501
  #
@@ -2550,30 +3545,34 @@ module Aws::Transfer
2550
3545
  # @option params [Types::ProtocolDetails] :protocol_details
2551
3546
  # The protocol settings that are configured for your server.
2552
3547
  #
2553
- # * Use the `PassiveIp` parameter to indicate passive mode (for FTP and
2554
- # FTPS protocols). Enter a single dotted-quad IPv4 address, such as
2555
- # the external IP address of a firewall, router, or load balancer.
3548
+ # * To indicate passive mode (for FTP and FTPS protocols), use the
3549
+ # `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such
3550
+ # as the external IP address of a firewall, router, or load balancer.
3551
+ #
3552
+ # * To ignore the error that is generated when the client attempts to
3553
+ # use the `SETSTAT` command on a file that you are uploading to an
3554
+ # Amazon S3 bucket, use the `SetStatOption` parameter. To have the
3555
+ # Transfer Family server ignore the `SETSTAT` command and upload files
3556
+ # without needing to make any changes to your SFTP client, set the
3557
+ # value to `ENABLE_NO_OP`. If you set the `SetStatOption` parameter to
3558
+ # `ENABLE_NO_OP`, Transfer Family generates a log entry to Amazon
3559
+ # CloudWatch Logs, so that you can determine when the client is making
3560
+ # a `SETSTAT` call.
2556
3561
  #
2557
- # * Use the `SetStatOption` to ignore the error that is generated when
2558
- # the client attempts to use SETSTAT on a file you are uploading to an
2559
- # S3 bucket. Set the value to `ENABLE_NO_OP` to have the Transfer
2560
- # Family server ignore the SETSTAT command, and upload files without
2561
- # needing to make any changes to your SFTP client. Note that with
2562
- # `SetStatOption` set to `ENABLE_NO_OP`, Transfer generates a log
2563
- # entry to CloudWatch Logs, so you can determine when the client is
2564
- # making a SETSTAT call.
3562
+ # * To determine whether your Transfer Family server resumes recent,
3563
+ # negotiated sessions through a unique session ID, use the
3564
+ # `TlsSessionResumptionMode` parameter.
2565
3565
  #
2566
- # * Use the `TlsSessionResumptionMode` parameter to determine whether or
2567
- # not your Transfer server resumes recent, negotiated sessions through
2568
- # a unique session ID.
3566
+ # * `As2Transports` indicates the transport method for the AS2 messages.
3567
+ # Currently, only HTTP is supported.
2569
3568
  #
2570
3569
  # @option params [Types::EndpointDetails] :endpoint_details
2571
3570
  # The virtual private cloud (VPC) endpoint settings that are configured
2572
3571
  # for your server. When you host your endpoint within your VPC, you can
2573
- # make it accessible only to resources within your VPC, or you can
2574
- # attach Elastic IP addresses and make it accessible to clients over the
2575
- # internet. Your VPC's default security groups are automatically
2576
- # assigned to your endpoint.
3572
+ # make your endpoint accessible only to resources within your VPC, or
3573
+ # you can attach Elastic IP addresses and make your endpoint accessible
3574
+ # to clients over the internet. Your VPC's default security groups are
3575
+ # automatically assigned to your endpoint.
2577
3576
  #
2578
3577
  # @option params [String] :endpoint_type
2579
3578
  # The type of endpoint that you want your server to use. You can choose
@@ -2610,8 +3609,8 @@ module Aws::Transfer
2610
3609
  #
2611
3610
  # `ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key`.
2612
3611
  #
2613
- # Use a minimum value of 2048 for the `-b` option: you can create a
2614
- # stronger key using 3072 or 4096.
3612
+ # Use a minimum value of 2048 for the `-b` option. You can create a
3613
+ # stronger key by using 3072 or 4096.
2615
3614
  #
2616
3615
  # Use the following command to generate an ECDSA 256 bit key with no
2617
3616
  # passphrase:
@@ -2633,7 +3632,7 @@ module Aws::Transfer
2633
3632
  # Accidentally changing a server's host key can be disruptive.
2634
3633
  #
2635
3634
  # For more information, see [Change the host key for your SFTP-enabled
2636
- # server][1] in the *Amazon Web Services Transfer Family User Guide*.
3635
+ # server][1] in the *Transfer Family User Guide*.
2637
3636
  #
2638
3637
  #
2639
3638
  #
@@ -2644,13 +3643,13 @@ module Aws::Transfer
2644
3643
  # customer's authentication API method.
2645
3644
  #
2646
3645
  # @option params [String] :logging_role
2647
- # Specifies the Amazon Resource Name (ARN) of the Amazon Web Services
2648
- # Identity and Access Management (IAM) role that allows a server to turn
2649
- # on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When
2650
- # set, user activity can be viewed in your CloudWatch logs.
3646
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
3647
+ # (IAM) role that allows a server to turn on Amazon CloudWatch logging
3648
+ # for Amazon S3 or Amazon EFSevents. When set, you can view user
3649
+ # activity in your CloudWatch logs.
2651
3650
  #
2652
3651
  # @option params [String] :post_authentication_login_banner
2653
- # Specify a string to display when users connect to a server. This
3652
+ # Specifies a string to display when users connect to a server. This
2654
3653
  # string is displayed after the user authenticates.
2655
3654
  #
2656
3655
  # <note markdown="1"> The SFTP protocol does not support post-authentication display
@@ -2659,9 +3658,9 @@ module Aws::Transfer
2659
3658
  # </note>
2660
3659
  #
2661
3660
  # @option params [String] :pre_authentication_login_banner
2662
- # Specify a string to display when users connect to a server. This
3661
+ # Specifies a string to display when users connect to a server. This
2663
3662
  # string is displayed before the user authenticates. For example, the
2664
- # following banner displays details about using the system.
3663
+ # following banner displays details about using the system:
2665
3664
  #
2666
3665
  # `This system is for the use of authorized users only. Individuals
2667
3666
  # using this computer system without authority, or in excess of their
@@ -2708,7 +3707,7 @@ module Aws::Transfer
2708
3707
  #
2709
3708
  # @option params [Types::WorkflowDetails] :workflow_details
2710
3709
  # Specifies the workflow ID for the workflow to assign and the execution
2711
- # role used for executing the workflow.
3710
+ # role that's used for executing the workflow.
2712
3711
  #
2713
3712
  # To remove an associated workflow from a server, you can provide an
2714
3713
  # empty `OnUpload` object, as in the following example.
@@ -2728,6 +3727,7 @@ module Aws::Transfer
2728
3727
  # passive_ip: "PassiveIp",
2729
3728
  # tls_session_resumption_mode: "DISABLED", # accepts DISABLED, ENABLED, ENFORCED
2730
3729
  # set_stat_option: "DEFAULT", # accepts DEFAULT, ENABLE_NO_OP
3730
+ # as_2_transports: ["HTTP"], # accepts HTTP
2731
3731
  # },
2732
3732
  # endpoint_details: {
2733
3733
  # address_allocation_ids: ["AddressAllocationId"],
@@ -2747,7 +3747,7 @@ module Aws::Transfer
2747
3747
  # logging_role: "NullableRole",
2748
3748
  # post_authentication_login_banner: "PostAuthenticationLoginBanner",
2749
3749
  # pre_authentication_login_banner: "PreAuthenticationLoginBanner",
2750
- # protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
3750
+ # protocols: ["SFTP"], # accepts SFTP, FTP, FTPS, AS2
2751
3751
  # security_policy_name: "SecurityPolicyName",
2752
3752
  # server_id: "ServerId", # required
2753
3753
  # workflow_details: {
@@ -2787,12 +3787,13 @@ module Aws::Transfer
2787
3787
  # A `HomeDirectory` example is `/bucket_name/home/mydirectory`.
2788
3788
  #
2789
3789
  # @option params [String] :home_directory_type
2790
- # The type of landing directory (folder) you want your users' home
2791
- # directory to be when they log into the server. If you set it to
3790
+ # The type of landing directory (folder) that you want your users' home
3791
+ # directory to be when they log in to the server. If you set it to
2792
3792
  # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths
2793
3793
  # as is in their file transfer protocol clients. If you set it
2794
3794
  # `LOGICAL`, you need to provide mappings in the `HomeDirectoryMappings`
2795
- # for how you want to make Amazon S3 or EFS paths visible to your users.
3795
+ # for how you want to make Amazon S3 or Amazon EFS paths visible to your
3796
+ # users.
2796
3797
  #
2797
3798
  # @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings
2798
3799
  # Logical directory mappings that specify what Amazon S3 or Amazon EFS
@@ -2800,10 +3801,9 @@ module Aws::Transfer
2800
3801
  # them visible. You must specify the `Entry` and `Target` pair, where
2801
3802
  # `Entry` shows how the path is made visible and `Target` is the actual
2802
3803
  # Amazon S3 or Amazon EFS path. If you only specify a target, it is
2803
- # displayed as is. You also must ensure that your Amazon Web Services
2804
- # Identity and Access Management (IAM) role provides access to paths in
2805
- # `Target`. This value can only be set when `HomeDirectoryType` is set
2806
- # to *LOGICAL*.
3804
+ # displayed as is. You also must ensure that your Identity and Access
3805
+ # Management (IAM) role provides access to paths in `Target`. This value
3806
+ # can be set only when `HomeDirectoryType` is set to *LOGICAL*.
2807
3807
  #
2808
3808
  # The following is an `Entry` and `Target` pair example.
2809
3809
  #
@@ -2820,19 +3820,19 @@ module Aws::Transfer
2820
3820
  # `[ \{ "Entry": "/", "Target": "/bucket_name/home/mydirectory" \} ]`
2821
3821
  #
2822
3822
  # @option params [String] :policy
2823
- # A session policy for your user so that you can use the same IAM role
2824
- # across multiple users. This policy scopes down user access to portions
2825
- # of their Amazon S3 bucket. Variables that you can use inside this
2826
- # policy include `$\{Transfer:UserName\}`,
2827
- # `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`.
3823
+ # A session policy for your user so that you can use the same Identity
3824
+ # and Access Management (IAM) role across multiple users. This policy
3825
+ # scopes down a user's access to portions of their Amazon S3 bucket.
3826
+ # Variables that you can use inside this policy include
3827
+ # `$\{Transfer:UserName\}`, `$\{Transfer:HomeDirectory\}`, and
3828
+ # `$\{Transfer:HomeBucket\}`.
2828
3829
  #
2829
- # <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not
2830
- # use session policies.
3830
+ # <note markdown="1"> This policy applies only when the domain of `ServerId` is Amazon S3.
3831
+ # Amazon EFS does not use session policies.
2831
3832
  #
2832
- # For session policies, Amazon Web Services Transfer Family stores the
2833
- # policy as a JSON blob, instead of the Amazon Resource Name (ARN) of
2834
- # the policy. You save the policy as a JSON blob and pass it in the
2835
- # `Policy` argument.
3833
+ # For session policies, Transfer Family stores the policy as a JSON
3834
+ # blob, instead of the Amazon Resource Name (ARN) of the policy. You
3835
+ # save the policy as a JSON blob and pass it in the `Policy` argument.
2836
3836
  #
2837
3837
  # For an example of a session policy, see [Creating a session
2838
3838
  # policy][1].
@@ -2856,13 +3856,14 @@ module Aws::Transfer
2856
3856
  # transferring files into and out of your Amazon EFS file systems.
2857
3857
  #
2858
3858
  # @option params [String] :role
2859
- # Specifies the Amazon Resource Name (ARN) of the IAM role that controls
2860
- # your users' access to your Amazon S3 bucket or EFS file system. The
2861
- # policies attached to this role determine the level of access that you
2862
- # want to provide your users when transferring files into and out of
2863
- # your Amazon S3 bucket or EFS file system. The IAM role should also
2864
- # contain a trust relationship that allows the server to access your
2865
- # resources when servicing your users' transfer requests.
3859
+ # The Amazon Resource Name (ARN) of the Identity and Access Management
3860
+ # (IAM) role that controls your users' access to your Amazon S3 bucket
3861
+ # or Amazon EFS file system. The policies attached to this role
3862
+ # determine the level of access that you want to provide your users when
3863
+ # transferring files into and out of your Amazon S3 bucket or Amazon EFS
3864
+ # file system. The IAM role should also contain a trust relationship
3865
+ # that allows the server to access your resources when servicing your
3866
+ # users' transfer requests.
2866
3867
  #
2867
3868
  # @option params [required, String] :server_id
2868
3869
  # A system-assigned unique identifier for a server instance that the
@@ -2930,7 +3931,7 @@ module Aws::Transfer
2930
3931
  params: params,
2931
3932
  config: config)
2932
3933
  context[:gem_name] = 'aws-sdk-transfer'
2933
- context[:gem_version] = '1.56.0'
3934
+ context[:gem_version] = '1.57.0'
2934
3935
  Seahorse::Client::Request.new(handlers, context)
2935
3936
  end
2936
3937