aws-sdk-transfer 1.88.0 → 1.90.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dd44a4b53e27bf567a03377b6a58f62f29ded41ff6d6bdf1f3a1a4805a2cf16c
-  data.tar.gz: 97729ca4b80de16e8f7a8e4654f6ad71f14d965d11d7767e0283ac1cf919ce46
+  metadata.gz: c1d4523b4e4aa78444b5fa34bd608bf355e4f6b2b1412a040b2a7b3b0981b4a9
+  data.tar.gz: 76d1290741d4f01a1e5e86350b135e6e50dbea64dd036761dec8de38c17bda6e
 SHA512:
-  metadata.gz: c9462b63e6130a34bf92b6f7471b279a2ae9b0086c02ebef0ed39c4a3582f4baab0785394a44f92a04c71ec851ab0c84fe8e7ba648132d1dc0d7fb0a2988abde
-  data.tar.gz: 926bfa3897a7c39f19bc01bc12994eb067b95919b505fd04b148c4e5a31ff36a79732d1baf9b973c765b9a9e53b81f5ae7f630a3cf6c4eab6e91d77067763e3d
+  metadata.gz: 2cf907178bcbd44b87a17f3d22155e7db85a493e3d357dcd2dea2c3ca8204538df64b045500db812becceeeadd11cac16b4ca6d8b871e53634ecd353bdf62eee
+  data.tar.gz: 0275a3d8696151a2df1f43489705d5ea718b9ce4c9db7b0aecc35c7674c0977186544c71971346a681ec27f6e5a87559a69bc6224bcfc383c853988c90a22f32

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.90.0 (2024-04-03)
+------------------
+
+* Feature - Add ability to specify Security Policies for SFTP Connectors
+
+1.89.0 (2024-03-08)
+------------------
+
+* Feature - Added DES_EDE3_CBC to the list of supported encryption algorithms for messages sent with an AS2 connector.
+
 1.88.0 (2024-01-26)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.88.0
+1.90.0

data/lib/aws-sdk-transfer/client.rb

@@ -678,7 +678,7 @@ module Aws::Transfer
     # sending files to an externally hosted AS2 server. For SFTP, the
     # connector is required when sending files to an SFTP server or
     # receiving files from an SFTP server. For more details about
-    # connectors, see [Create AS2 connectors][1] and [Create SFTP
+    # connectors, see [Configure AS2 connectors][1] and [Create SFTP
     # connectors][2].
     #
     # <note markdown="1"> You must specify exactly one configuration object: either for AS2
@@ -688,7 +688,7 @@ module Aws::Transfer
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/transfer/latest/userguide/create-b2b-server.html#configure-as2-connector
+    # [1]: https://docs.aws.amazon.com/transfer/latest/userguide/configure-as2-connector.html
     # [2]: https://docs.aws.amazon.com/transfer/latest/userguide/configure-sftp-connector.html
     #
     # @option params [required, String] :url
@@ -744,6 +744,9 @@ module Aws::Transfer
     # @option params [Types::SftpConnectorConfig] :sftp_config
     #   A structure that contains the parameters for an SFTP connector object.
     #
+    # @option params [String] :security_policy_name
+    #   Specifies the name of the security policy for the connector.
+    #
     # @return [Types::CreateConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateConnectorResponse#connector_id #connector_id} => String
@@ -757,7 +760,7 @@ module Aws::Transfer
     #       partner_profile_id: "ProfileId",
     #       message_subject: "MessageSubject",
     #       compression: "ZLIB", # accepts ZLIB, DISABLED
-    #       encryption_algorithm: "AES128_CBC", # accepts AES128_CBC, AES192_CBC, AES256_CBC, NONE
+    #       encryption_algorithm: "AES128_CBC", # accepts AES128_CBC, AES192_CBC, AES256_CBC, DES_EDE3_CBC, NONE
     #       signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE
     #       mdn_signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE, DEFAULT
     #       mdn_response: "SYNC", # accepts SYNC, NONE
@@ -775,6 +778,7 @@ module Aws::Transfer
     #       user_secret_id: "SecretId",
     #       trusted_host_keys: ["SftpConnectorTrustedHostKey"],
     #     },
+    #     security_policy_name: "ConnectorSecurityPolicyName",
     #   })
     #
     # @example Response structure
@@ -1096,8 +1100,7 @@ module Aws::Transfer
     #     Currently, only HTTP is supported.
     #
     # @option params [String] :security_policy_name
-    #   Specifies the name of the security policy that is attached to the
-    #   server.
+    #   Specifies the name of the security policy for the server.
     #
     # @option params [Array<Types::Tag>] :tags
     #   Key-value pairs that can be used to group and search for servers.
@@ -2054,7 +2057,7 @@ module Aws::Transfer
     #   resp.connector.as_2_config.partner_profile_id #=> String
     #   resp.connector.as_2_config.message_subject #=> String
     #   resp.connector.as_2_config.compression #=> String, one of "ZLIB", "DISABLED"
-    #   resp.connector.as_2_config.encryption_algorithm #=> String, one of "AES128_CBC", "AES192_CBC", "AES256_CBC", "NONE"
+    #   resp.connector.as_2_config.encryption_algorithm #=> String, one of "AES128_CBC", "AES192_CBC", "AES256_CBC", "DES_EDE3_CBC", "NONE"
     #   resp.connector.as_2_config.signing_algorithm #=> String, one of "SHA256", "SHA384", "SHA512", "SHA1", "NONE"
     #   resp.connector.as_2_config.mdn_signing_algorithm #=> String, one of "SHA256", "SHA384", "SHA512", "SHA1", "NONE", "DEFAULT"
     #   resp.connector.as_2_config.mdn_response #=> String, one of "SYNC", "NONE"
@@ -2069,6 +2072,7 @@ module Aws::Transfer
     #   resp.connector.sftp_config.trusted_host_keys[0] #=> String
     #   resp.connector.service_managed_egress_ip_addresses #=> Array
     #   resp.connector.service_managed_egress_ip_addresses[0] #=> String
+    #   resp.connector.security_policy_name #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeConnector AWS API Documentation
     #
@@ -2228,18 +2232,20 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Describes the security policy that is attached to your file transfer
-    # protocol-enabled server. The response contains a description of the
-    # security policy's properties. For more information about security
-    # policies, see [Working with security policies][1].
+    # Describes the security policy that is attached to your server or SFTP
+    # connector. The response contains a description of the security
+    # policy's properties. For more information about security policies,
+    # see [Working with security policies for servers][1] or [Working with
+    # security policies for SFTP connectors][2].
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html
+    # [2]: https://docs.aws.amazon.com/transfer/latest/userguide/security-policies-connectors.html
     #
     # @option params [required, String] :security_policy_name
-    #   Specifies the name of the security policy that is attached to the
-    #   server.
+    #   Specify the text name of the security policy for which you want the
+    #   details.
     #
     # @return [Types::DescribeSecurityPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2263,6 +2269,11 @@ module Aws::Transfer
     #   resp.security_policy.ssh_macs[0] #=> String
     #   resp.security_policy.tls_ciphers #=> Array
     #   resp.security_policy.tls_ciphers[0] #=> String
+    #   resp.security_policy.ssh_host_key_algorithms #=> Array
+    #   resp.security_policy.ssh_host_key_algorithms[0] #=> String
+    #   resp.security_policy.type #=> String, one of "SERVER", "CONNECTOR"
+    #   resp.security_policy.protocols #=> Array
+    #   resp.security_policy.protocols[0] #=> String, one of "SFTP", "FTPS"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeSecurityPolicy AWS API Documentation
     #
@@ -3058,8 +3069,15 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Lists the security policies that are attached to your file transfer
-    # protocol-enabled servers.
+    # Lists the security policies that are attached to your servers and SFTP
+    # connectors. For more information about security policies, see [Working
+    # with security policies for servers][1] or [Working with security
+    # policies for SFTP connectors][2].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html
+    # [2]: https://docs.aws.amazon.com/transfer/latest/userguide/security-policies-connectors.html
     #
     # @option params [Integer] :max_results
     #   Specifies the number of security policies to return as a response to
@@ -4046,6 +4064,9 @@ module Aws::Transfer
     # @option params [Types::SftpConnectorConfig] :sftp_config
     #   A structure that contains the parameters for an SFTP connector object.
     #
+    # @option params [String] :security_policy_name
+    #   Specifies the name of the security policy for the connector.
+    #
     # @return [Types::UpdateConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateConnectorResponse#connector_id #connector_id} => String
@@ -4060,7 +4081,7 @@ module Aws::Transfer
     #       partner_profile_id: "ProfileId",
     #       message_subject: "MessageSubject",
     #       compression: "ZLIB", # accepts ZLIB, DISABLED
-    #       encryption_algorithm: "AES128_CBC", # accepts AES128_CBC, AES192_CBC, AES256_CBC, NONE
+    #       encryption_algorithm: "AES128_CBC", # accepts AES128_CBC, AES192_CBC, AES256_CBC, DES_EDE3_CBC, NONE
     #       signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE
     #       mdn_signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE, DEFAULT
     #       mdn_response: "SYNC", # accepts SYNC, NONE
@@ -4072,6 +4093,7 @@ module Aws::Transfer
     #       user_secret_id: "SecretId",
     #       trusted_host_keys: ["SftpConnectorTrustedHostKey"],
     #     },
+    #     security_policy_name: "ConnectorSecurityPolicyName",
     #   })
     #
     # @example Response structure
@@ -4373,8 +4395,7 @@ module Aws::Transfer
     #    </note>
     #
     # @option params [String] :security_policy_name
-    #   Specifies the name of the security policy that is attached to the
-    #   server.
+    #   Specifies the name of the security policy for the server.
     #
     # @option params [required, String] :server_id
     #   A system-assigned unique identifier for a server instance that the
@@ -4500,6 +4521,21 @@ module Aws::Transfer
     # The response returns the `ServerId` and the `UserName` for the updated
     # user.
     #
+    # In the console, you can select *Restricted* when you create or update
+    # a user. This ensures that the user can't access anything outside of
+    # their home directory. The programmatic way to configure this behavior
+    # is to update the user. Set their `HomeDirectoryType` to `LOGICAL`, and
+    # specify `HomeDirectoryMappings` with `Entry` as root (`/`) and
+    # `Target` as their home directory.
+    #
+    # For example, if the user's home directory is `/test/admin-user`, the
+    # following command updates the user so that their configuration in the
+    # console shows the *Restricted* flag as selected.
+    #
+    # ` aws transfer update-user --server-id <server-id> --user-name
+    # admin-user --home-directory-type LOGICAL --home-directory-mappings
+    # "[\{"Entry":"/", "Target":"/test/admin-user"\}]"`
+    #
     # @option params [String] :home_directory
     #   The landing directory (folder) for a user when they log in to the
     #   server using the client.
@@ -4665,7 +4701,7 @@ module Aws::Transfer
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-transfer'
-      context[:gem_version] = '1.88.0'
+      context[:gem_version] = '1.90.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-transfer/client_api.rb

@@ -38,6 +38,7 @@ module Aws::Transfer
     CompressionEnum = Shapes::StringShape.new(name: 'CompressionEnum')
     ConflictException = Shapes::StructureShape.new(name: 'ConflictException')
     ConnectorId = Shapes::StringShape.new(name: 'ConnectorId')
+    ConnectorSecurityPolicyName = Shapes::StringShape.new(name: 'ConnectorSecurityPolicyName')
     CopyStepDetails = Shapes::StructureShape.new(name: 'CopyStepDetails')
     CreateAccessRequest = Shapes::StructureShape.new(name: 'CreateAccessRequest')
     CreateAccessResponse = Shapes::StructureShape.new(name: 'CreateAccessResponse')
@@ -246,6 +247,9 @@ module Aws::Transfer
     SecurityPolicyNames = Shapes::ListShape.new(name: 'SecurityPolicyNames')
     SecurityPolicyOption = Shapes::StringShape.new(name: 'SecurityPolicyOption')
     SecurityPolicyOptions = Shapes::ListShape.new(name: 'SecurityPolicyOptions')
+    SecurityPolicyProtocol = Shapes::StringShape.new(name: 'SecurityPolicyProtocol')
+    SecurityPolicyProtocols = Shapes::ListShape.new(name: 'SecurityPolicyProtocols')
+    SecurityPolicyResourceType = Shapes::StringShape.new(name: 'SecurityPolicyResourceType')
     SendWorkflowStepStateRequest = Shapes::StructureShape.new(name: 'SendWorkflowStepStateRequest')
     SendWorkflowStepStateResponse = Shapes::StructureShape.new(name: 'SendWorkflowStepStateResponse')
     ServerId = Shapes::StringShape.new(name: 'ServerId')
@@ -388,6 +392,7 @@ module Aws::Transfer
     CreateConnectorRequest.add_member(:logging_role, Shapes::ShapeRef.new(shape: Role, location_name: "LoggingRole"))
     CreateConnectorRequest.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "Tags"))
     CreateConnectorRequest.add_member(:sftp_config, Shapes::ShapeRef.new(shape: SftpConnectorConfig, location_name: "SftpConfig"))
+    CreateConnectorRequest.add_member(:security_policy_name, Shapes::ShapeRef.new(shape: ConnectorSecurityPolicyName, location_name: "SecurityPolicyName"))
     CreateConnectorRequest.struct_class = Types::CreateConnectorRequest
 
     CreateConnectorResponse.add_member(:connector_id, Shapes::ShapeRef.new(shape: ConnectorId, required: true, location_name: "ConnectorId"))
@@ -622,6 +627,7 @@ module Aws::Transfer
     DescribedConnector.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "Tags"))
     DescribedConnector.add_member(:sftp_config, Shapes::ShapeRef.new(shape: SftpConnectorConfig, location_name: "SftpConfig"))
     DescribedConnector.add_member(:service_managed_egress_ip_addresses, Shapes::ShapeRef.new(shape: ServiceManagedEgressIpAddresses, location_name: "ServiceManagedEgressIpAddresses"))
+    DescribedConnector.add_member(:security_policy_name, Shapes::ShapeRef.new(shape: ConnectorSecurityPolicyName, location_name: "SecurityPolicyName"))
     DescribedConnector.struct_class = Types::DescribedConnector
 
     DescribedExecution.add_member(:execution_id, Shapes::ShapeRef.new(shape: ExecutionId, location_name: "ExecutionId"))
@@ -657,6 +663,9 @@ module Aws::Transfer
     DescribedSecurityPolicy.add_member(:ssh_kexs, Shapes::ShapeRef.new(shape: SecurityPolicyOptions, location_name: "SshKexs"))
     DescribedSecurityPolicy.add_member(:ssh_macs, Shapes::ShapeRef.new(shape: SecurityPolicyOptions, location_name: "SshMacs"))
     DescribedSecurityPolicy.add_member(:tls_ciphers, Shapes::ShapeRef.new(shape: SecurityPolicyOptions, location_name: "TlsCiphers"))
+    DescribedSecurityPolicy.add_member(:ssh_host_key_algorithms, Shapes::ShapeRef.new(shape: SecurityPolicyOptions, location_name: "SshHostKeyAlgorithms"))
+    DescribedSecurityPolicy.add_member(:type, Shapes::ShapeRef.new(shape: SecurityPolicyResourceType, location_name: "Type"))
+    DescribedSecurityPolicy.add_member(:protocols, Shapes::ShapeRef.new(shape: SecurityPolicyProtocols, location_name: "Protocols"))
     DescribedSecurityPolicy.struct_class = Types::DescribedSecurityPolicy
 
     DescribedServer.add_member(:arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "Arn"))
@@ -1054,6 +1063,8 @@ module Aws::Transfer
 
     SecurityPolicyOptions.member = Shapes::ShapeRef.new(shape: SecurityPolicyOption)
 
+    SecurityPolicyProtocols.member = Shapes::ShapeRef.new(shape: SecurityPolicyProtocol)
+
     SendWorkflowStepStateRequest.add_member(:workflow_id, Shapes::ShapeRef.new(shape: WorkflowId, required: true, location_name: "WorkflowId"))
     SendWorkflowStepStateRequest.add_member(:execution_id, Shapes::ShapeRef.new(shape: ExecutionId, required: true, location_name: "ExecutionId"))
     SendWorkflowStepStateRequest.add_member(:token, Shapes::ShapeRef.new(shape: CallbackToken, required: true, location_name: "Token"))
@@ -1190,6 +1201,7 @@ module Aws::Transfer
     UpdateConnectorRequest.add_member(:access_role, Shapes::ShapeRef.new(shape: Role, location_name: "AccessRole"))
     UpdateConnectorRequest.add_member(:logging_role, Shapes::ShapeRef.new(shape: Role, location_name: "LoggingRole"))
     UpdateConnectorRequest.add_member(:sftp_config, Shapes::ShapeRef.new(shape: SftpConnectorConfig, location_name: "SftpConfig"))
+    UpdateConnectorRequest.add_member(:security_policy_name, Shapes::ShapeRef.new(shape: ConnectorSecurityPolicyName, location_name: "SecurityPolicyName"))
     UpdateConnectorRequest.struct_class = Types::UpdateConnectorRequest
 
     UpdateConnectorResponse.add_member(:connector_id, Shapes::ShapeRef.new(shape: ConnectorId, required: true, location_name: "ConnectorId"))

data/lib/aws-sdk-transfer/types.rb

@@ -47,10 +47,14 @@ module Aws::Transfer
     # @!attribute [rw] encryption_algorithm
     #   The algorithm that is used to encrypt the file.
     #
-    #   <note markdown="1"> You can only specify `NONE` if the URL for your connector uses
-    #   HTTPS. This ensures that no traffic is sent in clear text.
+    #   Note the following:
     #
-    #    </note>
+    #   * Do not use the `DES_EDE3_CBC` algorithm unless you must support a
+    #     legacy client that requires it, as it is a weak encryption
+    #     algorithm.
+    #
+    #   * You can only specify `NONE` if the URL for your connector uses
+    #     HTTPS. Using HTTPS ensures that no traffic is sent in clear text.
     #   @return [String]
     #
     # @!attribute [rw] signing_algorithm
@@ -533,6 +537,10 @@ module Aws::Transfer
     #   object.
     #   @return [Types::SftpConnectorConfig]
     #
+    # @!attribute [rw] security_policy_name
+    #   Specifies the name of the security policy for the connector.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateConnectorRequest AWS API Documentation
     #
     class CreateConnectorRequest < Struct.new(
@@ -541,7 +549,8 @@ module Aws::Transfer
       :access_role,
       :logging_role,
       :tags,
-      :sftp_config)
+      :sftp_config,
+      :security_policy_name)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -869,8 +878,7 @@ module Aws::Transfer
     #   @return [Types::ProtocolDetails]
     #
     # @!attribute [rw] security_policy_name
-    #   Specifies the name of the security policy that is attached to the
-    #   server.
+    #   Specifies the name of the security policy for the server.
     #   @return [String]
     #
     # @!attribute [rw] tags
@@ -1732,8 +1740,8 @@ module Aws::Transfer
     end
 
     # @!attribute [rw] security_policy_name
-    #   Specifies the name of the security policy that is attached to the
-    #   server.
+    #   Specify the text name of the security policy for which you want the
+    #   details.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeSecurityPolicyRequest AWS API Documentation
@@ -2215,6 +2223,10 @@ module Aws::Transfer
     #   addresses are assigned automatically when you create the connector.
     #   @return [Array<String>]
     #
+    # @!attribute [rw] security_policy_name
+    #   The text name of the security policy for the specified connector.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedConnector AWS API Documentation
     #
     class DescribedConnector < Struct.new(
@@ -2226,7 +2238,8 @@ module Aws::Transfer
       :logging_role,
       :tags,
       :sftp_config,
-      :service_managed_egress_ip_addresses)
+      :service_managed_egress_ip_addresses,
+      :security_policy_name)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -2398,44 +2411,72 @@ module Aws::Transfer
       include Aws::Structure
     end
 
-    # Describes the properties of a security policy that was specified. For
+    # Describes the properties of a security policy that you specify. For
     # more information about security policies, see [Working with security
-    # policies][1].
+    # policies for servers][1] or [Working with security policies for SFTP
+    # connectors][2].
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html
+    # [2]: https://docs.aws.amazon.com/transfer/latest/userguide/security-policies-connectors.html
     #
     # @!attribute [rw] fips
     #   Specifies whether this policy enables Federal Information Processing
-    #   Standards (FIPS).
+    #   Standards (FIPS). This parameter applies to both server and
+    #   connector security policies.
     #   @return [Boolean]
     #
     # @!attribute [rw] security_policy_name
-    #   Specifies the name of the security policy that is attached to the
-    #   server.
+    #   The text name of the specified security policy.
     #   @return [String]
     #
     # @!attribute [rw] ssh_ciphers
-    #   Specifies the enabled Secure Shell (SSH) cipher encryption
-    #   algorithms in the security policy that is attached to the server.
+    #   Lists the enabled Secure Shell (SSH) cipher encryption algorithms in
+    #   the security policy that is attached to the server or connector.
+    #   This parameter applies to both server and connector security
+    #   policies.
     #   @return [Array<String>]
     #
     # @!attribute [rw] ssh_kexs
-    #   Specifies the enabled SSH key exchange (KEX) encryption algorithms
-    #   in the security policy that is attached to the server.
+    #   Lists the enabled SSH key exchange (KEX) encryption algorithms in
+    #   the security policy that is attached to the server or connector.
+    #   This parameter applies to both server and connector security
+    #   policies.
     #   @return [Array<String>]
     #
     # @!attribute [rw] ssh_macs
-    #   Specifies the enabled SSH message authentication code (MAC)
-    #   encryption algorithms in the security policy that is attached to the
-    #   server.
+    #   Lists the enabled SSH message authentication code (MAC) encryption
+    #   algorithms in the security policy that is attached to the server or
+    #   connector. This parameter applies to both server and connector
+    #   security policies.
     #   @return [Array<String>]
     #
     # @!attribute [rw] tls_ciphers
-    #   Specifies the enabled Transport Layer Security (TLS) cipher
-    #   encryption algorithms in the security policy that is attached to the
-    #   server.
+    #   Lists the enabled Transport Layer Security (TLS) cipher encryption
+    #   algorithms in the security policy that is attached to the server.
+    #
+    #   <note markdown="1"> This parameter only applies to security policies for servers.
+    #
+    #    </note>
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] ssh_host_key_algorithms
+    #   Lists the host key algorithms for the security policy.
+    #
+    #   <note markdown="1"> This parameter only applies to security policies for connectors.
+    #
+    #    </note>
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] type
+    #   The resource type to which the security policy applies, either
+    #   server or connector.
+    #   @return [String]
+    #
+    # @!attribute [rw] protocols
+    #   Lists the file transfer protocols that the security policy applies
+    #   to.
     #   @return [Array<String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedSecurityPolicy AWS API Documentation
@@ -2446,7 +2487,10 @@ module Aws::Transfer
       :ssh_ciphers,
       :ssh_kexs,
       :ssh_macs,
-      :tls_ciphers)
+      :tls_ciphers,
+      :ssh_host_key_algorithms,
+      :type,
+      :protocols)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -2611,8 +2655,7 @@ module Aws::Transfer
     #   @return [Array<String>]
     #
     # @!attribute [rw] security_policy_name
-    #   Specifies the name of the security policy that is attached to the
-    #   server.
+    #   Specifies the name of the security policy for the server.
     #   @return [String]
     #
     # @!attribute [rw] server_id
@@ -2924,10 +2967,41 @@ module Aws::Transfer
     #   A list of address allocation IDs that are required to attach an
     #   Elastic IP address to your server's endpoint.
     #
-    #   <note markdown="1"> This property can only be set when `EndpointType` is set to `VPC`
-    #   and it is only valid in the `UpdateServer` API.
+    #   An address allocation ID corresponds to the allocation ID of an
+    #   Elastic IP address. This value can be retrieved from the
+    #   `allocationId` field from the Amazon EC2 [Address][1] data type. One
+    #   way to retrieve this value is by calling the EC2
+    #   [DescribeAddresses][2] API.
+    #
+    #   This parameter is optional. Set this parameter if you want to make
+    #   your VPC endpoint public-facing. For details, see [Create an
+    #   internet-facing endpoint for your server][3].
+    #
+    #   <note markdown="1"> This property can only be set as follows:
+    #
+    #    * `EndpointType` must be set to `VPC`
+    #
+    #   * The Transfer Family server must be offline.
+    #
+    #   * You cannot set this parameter for Transfer Family servers that use
+    #     the FTP protocol.
+    #
+    #   * The server must already have `SubnetIds` populated (`SubnetIds`
+    #     and `AddressAllocationIds` cannot be updated simultaneously).
+    #
+    #   * `AddressAllocationIds` can't contain duplicates, and must be
+    #     equal in length to `SubnetIds`. For example, if you have three
+    #     subnet IDs, you must also specify three address allocation IDs.
+    #
+    #   * Call the `UpdateServer` API to set or change this parameter.
     #
     #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Address.html
+    #   [2]: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html
+    #   [3]: https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#create-internet-facing-endpoint
     #   @return [Array<String>]
     #
     # @!attribute [rw] subnet_ids
@@ -4929,6 +5003,15 @@ module Aws::Transfer
     # object is used for transferring files to and from a partner's SFTP
     # server.
     #
+    # <note markdown="1"> Because the `SftpConnectorConfig` data type is used for both creating
+    # and updating SFTP connectors, its parameters, `TrustedHostKeys` and
+    # `UserSecretId` are marked as not required. This is a bit misleading,
+    # as they are not required when you are updating an existing SFTP
+    # connector, but *are required* when you are creating a new SFTP
+    # connector.
+    #
+    #  </note>
+    #
     # @!attribute [rw] user_secret_id
     #   The identifier for the secret (in Amazon Web Services Secrets
     #   Manager) that contains the SFTP user's private key, password, or
@@ -4956,6 +5039,19 @@ module Aws::Transfer
     #     `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, or
     #     `ecdsa-sha2-nistp521`, depending on the size of the key you
     #     generated.
+    #
+    #   Run this command to retrieve the SFTP server host key, where your
+    #   SFTP server name is `ftp.host.com`.
+    #
+    #   `ssh-keyscan ftp.host.com`
+    #
+    #   This prints the public host key to standard output.
+    #
+    #   `ftp.host.com ssh-rsa AAAAB3Nza...<long-string-for-public-key`
+    #
+    #   Copy and paste this string into the `TrustedHostKeys` field for the
+    #   `create-connector` command or into the **Trusted host keys** field
+    #   in the console.
     #   @return [Array<String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/SftpConnectorConfig AWS API Documentation
@@ -5689,6 +5785,10 @@ module Aws::Transfer
     #   object.
     #   @return [Types::SftpConnectorConfig]
     #
+    # @!attribute [rw] security_policy_name
+    #   Specifies the name of the security policy for the connector.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateConnectorRequest AWS API Documentation
     #
     class UpdateConnectorRequest < Struct.new(
@@ -5697,7 +5797,8 @@ module Aws::Transfer
       :as_2_config,
       :access_role,
       :logging_role,
-      :sftp_config)
+      :sftp_config,
+      :security_policy_name)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -6003,8 +6104,7 @@ module Aws::Transfer
     #   @return [Array<String>]
     #
     # @!attribute [rw] security_policy_name
-    #   Specifies the name of the security policy that is attached to the
-    #   server.
+    #   Specifies the name of the security policy for the server.
     #   @return [String]
     #
     # @!attribute [rw] server_id

data/lib/aws-sdk-transfer.rb

@@ -53,6 +53,6 @@ require_relative 'aws-sdk-transfer/customizations'
 # @!group service
 module Aws::Transfer
 
-  GEM_VERSION = '1.88.0'
+  GEM_VERSION = '1.90.0'
 
 end

data/sig/client.rbs

@@ -135,7 +135,7 @@ module Aws
                                 partner_profile_id: ::String?,
                                 message_subject: ::String?,
                                 compression: ("ZLIB" | "DISABLED")?,
-                                encryption_algorithm: ("AES128_CBC" | "AES192_CBC" | "AES256_CBC" | "NONE")?,
+                                encryption_algorithm: ("AES128_CBC" | "AES192_CBC" | "AES256_CBC" | "DES_EDE3_CBC" | "NONE")?,
                                 signing_algorithm: ("SHA256" | "SHA384" | "SHA512" | "SHA1" | "NONE")?,
                                 mdn_signing_algorithm: ("SHA256" | "SHA384" | "SHA512" | "SHA1" | "NONE" | "DEFAULT")?,
                                 mdn_response: ("SYNC" | "NONE")?,
@@ -152,7 +152,8 @@ module Aws
                               ?sftp_config: {
                                 user_secret_id: ::String?,
                                 trusted_host_keys: Array[::String]?
-                              }
+                              },
+                              ?security_policy_name: ::String
                             ) -> _CreateConnectorResponseSuccess
                           | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _CreateConnectorResponseSuccess
 
@@ -952,7 +953,7 @@ module Aws
                                 partner_profile_id: ::String?,
                                 message_subject: ::String?,
                                 compression: ("ZLIB" | "DISABLED")?,
-                                encryption_algorithm: ("AES128_CBC" | "AES192_CBC" | "AES256_CBC" | "NONE")?,
+                                encryption_algorithm: ("AES128_CBC" | "AES192_CBC" | "AES256_CBC" | "DES_EDE3_CBC" | "NONE")?,
                                 signing_algorithm: ("SHA256" | "SHA384" | "SHA512" | "SHA1" | "NONE")?,
                                 mdn_signing_algorithm: ("SHA256" | "SHA384" | "SHA512" | "SHA1" | "NONE" | "DEFAULT")?,
                                 mdn_response: ("SYNC" | "NONE")?,
@@ -963,7 +964,8 @@ module Aws
                               ?sftp_config: {
                                 user_secret_id: ::String?,
                                 trusted_host_keys: Array[::String]?
-                              }
+                              },
+                              ?security_policy_name: ::String
                             ) -> _UpdateConnectorResponseSuccess
                           | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _UpdateConnectorResponseSuccess
 

data/sig/types.rbs

@@ -18,7 +18,7 @@ module Aws::Transfer
       attr_accessor partner_profile_id: ::String
       attr_accessor message_subject: ::String
       attr_accessor compression: ("ZLIB" | "DISABLED")
-      attr_accessor encryption_algorithm: ("AES128_CBC" | "AES192_CBC" | "AES256_CBC" | "NONE")
+      attr_accessor encryption_algorithm: ("AES128_CBC" | "AES192_CBC" | "AES256_CBC" | "DES_EDE3_CBC" | "NONE")
       attr_accessor signing_algorithm: ("SHA256" | "SHA384" | "SHA512" | "SHA1" | "NONE")
       attr_accessor mdn_signing_algorithm: ("SHA256" | "SHA384" | "SHA512" | "SHA1" | "NONE" | "DEFAULT")
       attr_accessor mdn_response: ("SYNC" | "NONE")
@@ -81,6 +81,7 @@ module Aws::Transfer
       attr_accessor logging_role: ::String
       attr_accessor tags: ::Array[Types::Tag]
       attr_accessor sftp_config: Types::SftpConnectorConfig
+      attr_accessor security_policy_name: ::String
       SENSITIVE: []
     end
 
@@ -411,6 +412,7 @@ module Aws::Transfer
       attr_accessor tags: ::Array[Types::Tag]
       attr_accessor sftp_config: Types::SftpConnectorConfig
       attr_accessor service_managed_egress_ip_addresses: ::Array[::String]
+      attr_accessor security_policy_name: ::String
       SENSITIVE: []
     end
 
@@ -454,6 +456,9 @@ module Aws::Transfer
       attr_accessor ssh_kexs: ::Array[::String]
       attr_accessor ssh_macs: ::Array[::String]
       attr_accessor tls_ciphers: ::Array[::String]
+      attr_accessor ssh_host_key_algorithms: ::Array[::String]
+      attr_accessor type: ("SERVER" | "CONNECTOR")
+      attr_accessor protocols: ::Array[("SFTP" | "FTPS")]
       SENSITIVE: []
     end
 
@@ -1110,6 +1115,7 @@ module Aws::Transfer
       attr_accessor access_role: ::String
       attr_accessor logging_role: ::String
       attr_accessor sftp_config: Types::SftpConnectorConfig
+      attr_accessor security_policy_name: ::String
       SENSITIVE: []
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-transfer
 version: !ruby/object:Gem::Version
-  version: 1.88.0
+  version: 1.90.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-01-26 00:00:00.000000000 Z
+date: 2024-04-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core