aws-sdk-transfer 1.44.0 → 1.45.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a9092616bcc2f1c9404f43d37dd0da1a60bf5c5a8ad0112f079cd4f2a6dd3992
-  data.tar.gz: a2bd26099b318288d99097d559427a3e7388f0f8e5de84e94b8e0c438c8a6908
+  metadata.gz: 43a8b8de941ff8a2bed7e21846dd7b90b97aaab8cce216b1b6a3475fc50acfc8
+  data.tar.gz: 86f053e182959dcdc3a5a8e175ba4dd591d13fff26dd6769462f5da245ebb054
 SHA512:
-  metadata.gz: d8165fe3d600aa055df8689c262449cbadc7951c802285472fb8c5676d89e78a0f0795d7e16aff909b40b46602f9cad70b9e1495253a7c9e91ae342776cce914
-  data.tar.gz: 9dd8541225bfae130ae8f3909842c0466b0b7d0b21ce5ba5500acb383e61e132b028feff8ab7294e9a3a8a50225d8c003fa06535b5e57476a830e1b8f2caeb3d
+  metadata.gz: '019deb826fbbfc19e65b42d0df221756650d5ec051ffb37daa8895d95b132333e6d2f500634a47c26807967bcb33274bd7976c18a92af7124ae8f7f4fce65056'
+  data.tar.gz: ebcb798a63f5e8a97004af6534fe27042f8dae8dd97056df7a56ddc036668b9ec14a148b405b5a673790c5a510f20fab774735132441b37faef647ddb1a08210

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.45.0 (2021-12-21)
+------------------
+
+* Feature - Property for Transfer Family used with the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session.
+
 1.44.0 (2021-11-30)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.44.0
+1.45.0

data/lib/aws-sdk-transfer/client.rb

@@ -27,6 +27,7 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
 require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
 require 'aws-sdk-core/plugins/transfer_encoding.rb'
 require 'aws-sdk-core/plugins/http_checksum.rb'
+require 'aws-sdk-core/plugins/defaults_mode.rb'
 require 'aws-sdk-core/plugins/signature_v4.rb'
 require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
 
@@ -73,6 +74,7 @@ module Aws::Transfer
     add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
     add_plugin(Aws::Plugins::TransferEncoding)
     add_plugin(Aws::Plugins::HttpChecksum)
+    add_plugin(Aws::Plugins::DefaultsMode)
     add_plugin(Aws::Plugins::SignatureV4)
     add_plugin(Aws::Plugins::Protocols::JsonRpc)
 
@@ -175,6 +177,10 @@ module Aws::Transfer
     #     Used only in `standard` and adaptive retry modes. Specifies whether to apply
     #     a clock skew correction and retry requests with skewed client clocks.
     #
+    #   @option options [String] :defaults_mode ("legacy")
+    #     See {Aws::DefaultsModeConfiguration} for a list of the
+    #     accepted modes and the configuration defaults that are included.
+    #
     #   @option options [Boolean] :disable_host_prefix_injection (false)
     #     Set to true to disable SDK automatically adding host prefix
     #     to default service endpoint when available.
@@ -307,7 +313,7 @@ module Aws::Transfer
     #     seconds to wait when opening a HTTP session before raising a
     #     `Timeout::Error`.
     #
-    #   @option options [Integer] :http_read_timeout (60) The default
+    #   @option options [Float] :http_read_timeout (60) The default
     #     number of seconds to wait for response data.  This value can
     #     safely be set per-request on the session.
     #
@@ -323,6 +329,9 @@ module Aws::Transfer
     #     disables this behaviour.  This value can safely be set per
     #     request on the session.
     #
+    #   @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
+    #     in seconds.
+    #
     #   @option options [Boolean] :http_wire_trace (false) When `true`,
     #     HTTP debug output will be sent to the `:logger`.
     #
@@ -643,7 +652,7 @@ module Aws::Transfer
     #   API Gateway endpoint URL to call for authentication using the
     #   `IdentityProviderDetails` parameter.
     #
-    #   Use the `LAMBDA` value to directly use a Lambda function as your
+    #   Use the `AWS_LAMBDA` value to directly use a Lambda function as your
     #   identity provider. If you choose this value, you must specify the ARN
     #   for the lambda function in the `Function` parameter for the
     #   `IdentityProviderDetails` data type.
@@ -684,6 +693,17 @@ module Aws::Transfer
     #
     #    </note>
     #
+    # @option params [Types::ProtocolDetails] :protocol_details
+    #   The protocol settings that are configured for your server.
+    #
+    #   Use the `PassiveIp` parameter to indicate passive mode (for FTP and
+    #   FTPS protocols). Enter a single dotted-quad IPv4 address, such as the
+    #   external IP address of a firewall, router, or load balancer.
+    #
+    #   Use the `TlsSessionResumptionMode` parameter to determine whether or
+    #   not your Transfer server resumes recent, negotiated sessions through a
+    #   unique session ID.
+    #
     # @option params [String] :security_policy_name
     #   Specifies the name of the security policy that is attached to the
     #   server.
@@ -722,6 +742,10 @@ module Aws::Transfer
     #     identity_provider_type: "SERVICE_MANAGED", # accepts SERVICE_MANAGED, API_GATEWAY, AWS_DIRECTORY_SERVICE, AWS_LAMBDA
     #     logging_role: "Role",
     #     protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
+    #     protocol_details: {
+    #       passive_ip: "PassiveIp",
+    #       tls_session_resumption_mode: "DISABLED", # accepts DISABLED, ENABLED, ENFORCED
+    #     },
     #     security_policy_name: "SecurityPolicyName",
     #     tags: [
     #       {
@@ -863,6 +887,11 @@ module Aws::Transfer
     #   The public portion of the Secure Shell (SSH) key used to authenticate
     #   the user to the server.
     #
+    #   <note markdown="1"> Currently, Transfer Family does not accept elliptical curve keys (keys
+    #   beginning with `ecdsa`).
+    #
+    #    </note>
+    #
     # @option params [Array<Types::Tag>] :tags
     #   Key-value pairs that can be used to group and search for users. Tags
     #   are metadata attached to users for any purpose.
@@ -1425,6 +1454,7 @@ module Aws::Transfer
     #   resp.server.arn #=> String
     #   resp.server.certificate #=> String
     #   resp.server.protocol_details.passive_ip #=> String
+    #   resp.server.protocol_details.tls_session_resumption_mode #=> String, one of "DISABLED", "ENABLED", "ENFORCED"
     #   resp.server.domain #=> String, one of "S3", "EFS"
     #   resp.server.endpoint_details.address_allocation_ids #=> Array
     #   resp.server.endpoint_details.address_allocation_ids[0] #=> String
@@ -2476,6 +2506,10 @@ module Aws::Transfer
     #   FTPS protocols). Enter a single dotted-quad IPv4 address, such as the
     #   external IP address of a firewall, router, or load balancer.
     #
+    #   Use the `TlsSessionResumptionMode` parameter to determine whether or
+    #   not your Transfer server resumes recent, negotiated sessions through a
+    #   unique session ID.
+    #
     # @option params [Types::EndpointDetails] :endpoint_details
     #   The virtual private cloud (VPC) endpoint settings that are configured
     #   for your server. When you host your endpoint within your VPC, you can
@@ -2588,6 +2622,7 @@ module Aws::Transfer
     #     certificate: "Certificate",
     #     protocol_details: {
     #       passive_ip: "PassiveIp",
+    #       tls_session_resumption_mode: "DISABLED", # accepts DISABLED, ENABLED, ENFORCED
     #     },
     #     endpoint_details: {
     #       address_allocation_ids: ["AddressAllocationId"],
@@ -2799,7 +2834,7 @@ module Aws::Transfer
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-transfer'
-      context[:gem_version] = '1.44.0'
+      context[:gem_version] = '1.45.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-transfer/client_api.rb

@@ -186,6 +186,7 @@ module Aws::Transfer
     TestIdentityProviderRequest = Shapes::StructureShape.new(name: 'TestIdentityProviderRequest')
     TestIdentityProviderResponse = Shapes::StructureShape.new(name: 'TestIdentityProviderResponse')
     ThrottlingException = Shapes::StructureShape.new(name: 'ThrottlingException')
+    TlsSessionResumptionMode = Shapes::StringShape.new(name: 'TlsSessionResumptionMode')
     UntagResourceRequest = Shapes::StructureShape.new(name: 'UntagResourceRequest')
     UpdateAccessRequest = Shapes::StructureShape.new(name: 'UpdateAccessRequest')
     UpdateAccessResponse = Shapes::StructureShape.new(name: 'UpdateAccessResponse')
@@ -245,6 +246,7 @@ module Aws::Transfer
     CreateServerRequest.add_member(:identity_provider_type, Shapes::ShapeRef.new(shape: IdentityProviderType, location_name: "IdentityProviderType"))
     CreateServerRequest.add_member(:logging_role, Shapes::ShapeRef.new(shape: Role, location_name: "LoggingRole"))
     CreateServerRequest.add_member(:protocols, Shapes::ShapeRef.new(shape: Protocols, location_name: "Protocols"))
+    CreateServerRequest.add_member(:protocol_details, Shapes::ShapeRef.new(shape: ProtocolDetails, location_name: "ProtocolDetails"))
     CreateServerRequest.add_member(:security_policy_name, Shapes::ShapeRef.new(shape: SecurityPolicyName, location_name: "SecurityPolicyName"))
     CreateServerRequest.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "Tags"))
     CreateServerRequest.add_member(:workflow_details, Shapes::ShapeRef.new(shape: WorkflowDetails, location_name: "WorkflowDetails"))
@@ -599,6 +601,7 @@ module Aws::Transfer
     PosixProfile.struct_class = Types::PosixProfile
 
     ProtocolDetails.add_member(:passive_ip, Shapes::ShapeRef.new(shape: PassiveIp, location_name: "PassiveIp"))
+    ProtocolDetails.add_member(:tls_session_resumption_mode, Shapes::ShapeRef.new(shape: TlsSessionResumptionMode, location_name: "TlsSessionResumptionMode"))
     ProtocolDetails.struct_class = Types::ProtocolDetails
 
     Protocols.member = Shapes::ShapeRef.new(shape: Protocol)

data/lib/aws-sdk-transfer/types.rb

@@ -290,6 +290,10 @@ module Aws::Transfer
     #         identity_provider_type: "SERVICE_MANAGED", # accepts SERVICE_MANAGED, API_GATEWAY, AWS_DIRECTORY_SERVICE, AWS_LAMBDA
     #         logging_role: "Role",
     #         protocols: ["SFTP"], # accepts SFTP, FTP, FTPS
+    #         protocol_details: {
+    #           passive_ip: "PassiveIp",
+    #           tls_session_resumption_mode: "DISABLED", # accepts DISABLED, ENABLED, ENFORCED
+    #         },
     #         security_policy_name: "SecurityPolicyName",
     #         tags: [
     #           {
@@ -439,7 +443,7 @@ module Aws::Transfer
     #   an API Gateway endpoint URL to call for authentication using the
     #   `IdentityProviderDetails` parameter.
     #
-    #   Use the `LAMBDA` value to directly use a Lambda function as your
+    #   Use the `AWS_LAMBDA` value to directly use a Lambda function as your
     #   identity provider. If you choose this value, you must specify the
     #   ARN for the lambda function in the `Function` parameter for the
     #   `IdentityProviderDetails` data type.
@@ -484,6 +488,18 @@ module Aws::Transfer
     #    </note>
     #   @return [Array<String>]
     #
+    # @!attribute [rw] protocol_details
+    #   The protocol settings that are configured for your server.
+    #
+    #   Use the `PassiveIp` parameter to indicate passive mode (for FTP and
+    #   FTPS protocols). Enter a single dotted-quad IPv4 address, such as
+    #   the external IP address of a firewall, router, or load balancer.
+    #
+    #   Use the `TlsSessionResumptionMode` parameter to determine whether or
+    #   not your Transfer server resumes recent, negotiated sessions through
+    #   a unique session ID.
+    #   @return [Types::ProtocolDetails]
+    #
     # @!attribute [rw] security_policy_name
     #   Specifies the name of the security policy that is attached to the
     #   server.
@@ -510,6 +526,7 @@ module Aws::Transfer
       :identity_provider_type,
       :logging_role,
       :protocols,
+      :protocol_details,
       :security_policy_name,
       :tags,
       :workflow_details)
@@ -669,6 +686,11 @@ module Aws::Transfer
     # @!attribute [rw] ssh_public_key_body
     #   The public portion of the Secure Shell (SSH) key used to
     #   authenticate the user to the server.
+    #
+    #   <note markdown="1"> Currently, Transfer Family does not accept elliptical curve keys
+    #   (keys beginning with `ecdsa`).
+    #
+    #    </note>
     #   @return [String]
     #
     # @!attribute [rw] tags
@@ -1590,7 +1612,7 @@ module Aws::Transfer
     #   an API Gateway endpoint URL to call for authentication using the
     #   `IdentityProviderDetails` parameter.
     #
-    #   Use the `LAMBDA` value to directly use a Lambda function as your
+    #   Use the `AWS_LAMBDA` value to directly use a Lambda function as your
     #   identity provider. If you choose this value, you must specify the
     #   ARN for the lambda function in the `Function` parameter for the
     #   `IdentityProviderDetails` data type.
@@ -2120,8 +2142,8 @@ module Aws::Transfer
     #   @return [String]
     #
     # @!attribute [rw] directory_id
-    #   The identifier of the Amazon Web ServicesDirectory Service directory
-    #   that you want to stop sharing.
+    #   The identifier of the Amazon Web Services Directory Service
+    #   directory that you want to stop sharing.
     #   @return [String]
     #
     # @!attribute [rw] function
@@ -2816,7 +2838,7 @@ module Aws::Transfer
     #   an API Gateway endpoint URL to call for authentication using the
     #   `IdentityProviderDetails` parameter.
     #
-    #   Use the `LAMBDA` value to directly use a Lambda function as your
+    #   Use the `AWS_LAMBDA` value to directly use a Lambda function as your
     #   identity provider. If you choose this value, you must specify the
     #   ARN for the lambda function in the `Function` parameter for the
     #   `IdentityProviderDetails` data type.
@@ -3031,15 +3053,12 @@ module Aws::Transfer
 
     # The protocol settings that are configured for your server.
     #
-    # <note markdown="1"> This type is only valid in the `UpdateServer` API.
-    #
-    #  </note>
-    #
     # @note When making an API call, you may pass ProtocolDetails
     #   data as a hash:
     #
     #       {
     #         passive_ip: "PassiveIp",
+    #         tls_session_resumption_mode: "DISABLED", # accepts DISABLED, ENABLED, ENFORCED
     #       }
     #
     # @!attribute [rw] passive_ip
@@ -3065,10 +3084,44 @@ module Aws::Transfer
     #   [1]: http://aws.amazon.com/blogs/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/
     #   @return [String]
     #
+    # @!attribute [rw] tls_session_resumption_mode
+    #   A property used with Transfer servers that use the FTPS protocol.
+    #   TLS Session Resumption provides a mechanism to resume or share a
+    #   negotiated secret key between the control and data connection for an
+    #   FTPS session. `TlsSessionResumptionMode` determines whether or not
+    #   the server resumes recent, negotiated sessions through a unique
+    #   session ID. This property is available during `CreateServer` and
+    #   `UpdateServer` calls. If a `TlsSessionResumptionMode` value is not
+    #   specified during CreateServer, it is set to `ENFORCED` by default.
+    #
+    #   * `DISABLED`\: the server does not process TLS session resumption
+    #     client requests and creates a new TLS session for each request.
+    #
+    #   * `ENABLED`\: the server processes and accepts clients that are
+    #     performing TLS session resumption. The server doesn't reject
+    #     client data connections that do not perform the TLS session
+    #     resumption client processing.
+    #
+    #   * `ENFORCED`\: the server processes and accepts clients that are
+    #     performing TLS session resumption. The server rejects client data
+    #     connections that do not perform the TLS session resumption client
+    #     processing. Before you set the value to `ENFORCED`, test your
+    #     clients.
+    #
+    #     <note markdown="1"> Not all FTPS clients perform TLS session resumption. So, if you
+    #     choose to enforce TLS session resumption, you prevent any
+    #     connections from FTPS clients that don't perform the protocol
+    #     negotiation. To determine whether or not you can use the
+    #     `ENFORCED` value, you need to test your clients.
+    #
+    #      </note>
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ProtocolDetails AWS API Documentation
     #
     class ProtocolDetails < Struct.new(
-      :passive_ip)
+      :passive_ip,
+      :tls_session_resumption_mode)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -3776,6 +3829,7 @@ module Aws::Transfer
     #         certificate: "Certificate",
     #         protocol_details: {
     #           passive_ip: "PassiveIp",
+    #           tls_session_resumption_mode: "DISABLED", # accepts DISABLED, ENABLED, ENFORCED
     #         },
     #         endpoint_details: {
     #           address_allocation_ids: ["AddressAllocationId"],
@@ -3854,6 +3908,10 @@ module Aws::Transfer
     #   Use the `PassiveIp` parameter to indicate passive mode (for FTP and
     #   FTPS protocols). Enter a single dotted-quad IPv4 address, such as
     #   the external IP address of a firewall, router, or load balancer.
+    #
+    #   Use the `TlsSessionResumptionMode` parameter to determine whether or
+    #   not your Transfer server resumes recent, negotiated sessions through
+    #   a unique session ID.
     #   @return [Types::ProtocolDetails]
     #
     # @!attribute [rw] endpoint_details

data/lib/aws-sdk-transfer.rb

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-transfer/customizations'
 # @!group service
 module Aws::Transfer
 
-  GEM_VERSION = '1.44.0'
+  GEM_VERSION = '1.45.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-transfer
 version: !ruby/object:Gem::Version
-  version: 1.44.0
+  version: 1.45.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-11-30 00:00:00.000000000 Z
+date: 2021-12-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.122.0
+        version: 3.125.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.122.0
+        version: 3.125.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement