aws-sdk-transfer 1.67.0 → 1.68.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6f5625859721f732602752e01edabf8e915b0ad82aae2502857b1fa13b441b97
-  data.tar.gz: 64ee432e3a967d4dbbff68aada763bd17a07a4a76e3855f4aaa6862fcac8b973
+  metadata.gz: fea65db9c058c1b92c949a5a7efc40bd5f967865eb4ca92880be5b020cfc8c33
+  data.tar.gz: afc7f782c3e8482741bfa49baf23f5e36c19bd0291d614612d1d8cf6bfd8029a
 SHA512:
-  metadata.gz: 0d8cc03d0c99017b385c269549fa4f95ad24a42cc4c9254770dbb66a3f0261031a497d478123362530d29d88094dd9d480354866e54bcc1e641f850dedce72a3
-  data.tar.gz: 0cd1fe1ca95518e0aa2a36340cd03798fcb6fb1c8a5f65103c782e16b209f04740455483a04691746acda797e186588eaa74756d8fb8834348a48cceb9be9119
+  metadata.gz: 39261dd8b5aff9b5a3e263867fa959dc7ecb25921b45289038a8d1837bbdc13fed11a1ac000932e213e47f5ebc8f4cd11f9206c59ed2f1835f1fca2cc255c905
+  data.tar.gz: 1d6f4b7e2af636625201d6a360b81d28473f3548030e47a0c23b915ab7dc06d52d17b66e9f208edb10740936b8353fe072fcf3c9fec97399780068505c05db8b

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.68.0 (2023-05-15)
+------------------
+
+* Feature - This release introduces the ability to require both password and SSH key when users authenticate to your Transfer Family servers that use the SFTP protocol.
+
 1.67.0 (2023-02-07)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.67.0
+1.68.0

data/lib/aws-sdk-transfer/client.rb

@@ -889,8 +889,9 @@ module Aws::Transfer
     #   [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key
     #
     # @option params [Types::IdentityProviderDetails] :identity_provider_details
-    #   Required when `IdentityProviderType` is set to `AWS_DIRECTORY_SERVICE`
-    #   or `API_GATEWAY`. Accepts an array containing all of the information
+    #   Required when `IdentityProviderType` is set to
+    #   `AWS_DIRECTORY_SERVICE`, `Amazon Web Services_LAMBDA` or
+    #   `API_GATEWAY`. Accepts an array containing all of the information
     #   required to use a directory in `AWS_DIRECTORY_SERVICE` or invoke a
     #   customer-supplied authentication API, including the API Gateway URL.
     #   Not required when `IdentityProviderType` is set to `SERVICE_MANAGED`.
@@ -914,7 +915,7 @@ module Aws::Transfer
     #
     #   Use the `AWS_LAMBDA` value to directly use an Lambda function as your
     #   identity provider. If you choose this value, you must specify the ARN
-    #   for the Lambda function in the `Function` parameter or the
+    #   for the Lambda function in the `Function` parameter for the
     #   `IdentityProviderDetails` data type.
     #
     # @option params [String] :logging_role
@@ -1017,7 +1018,8 @@ module Aws::Transfer
     #   In addition to a workflow to execute when a file is uploaded
     #   completely, `WorkflowDetails` can also contain a workflow ID (and
     #   execution role) for a workflow to execute on partial upload. A partial
-    #   upload occurs when a file is open when the session disconnects.
+    #   upload occurs when the server session disconnects while the file is
+    #   still being uploaded.
     #
     # @return [Types::CreateServerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1042,6 +1044,7 @@ module Aws::Transfer
     #       invocation_role: "Role",
     #       directory_id: "DirectoryId",
     #       function: "Function",
+    #       sftp_authentication_methods: "PASSWORD", # accepts PASSWORD, PUBLIC_KEY, PUBLIC_KEY_OR_PASSWORD, PUBLIC_KEY_AND_PASSWORD
     #     },
     #     identity_provider_type: "SERVICE_MANAGED", # accepts SERVICE_MANAGED, API_GATEWAY, AWS_DIRECTORY_SERVICE, AWS_LAMBDA
     #     logging_role: "Role",
@@ -1303,9 +1306,9 @@ module Aws::Transfer
     #   Specifies the steps (actions) to take if errors are encountered during
     #   execution of the workflow.
     #
-    #   <note markdown="1"> For custom steps, the lambda function needs to send `FAILURE` to the
+    #   <note markdown="1"> For custom steps, the Lambda function needs to send `FAILURE` to the
     #   call back API to kick off the exception steps. Additionally, if the
-    #   lambda does not send `SUCCESS` before it times out, the exception
+    #   Lambda does not send `SUCCESS` before it times out, the exception
     #   steps are executed.
     #
     #    </note>
@@ -1572,7 +1575,7 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Deletes the host key that's specified in the `HoskKeyId` parameter.
+    # Deletes the host key that's specified in the `HostKeyId` parameter.
     #
     # @option params [required, String] :server_id
     #   The identifier of the server that contains the host key that you are
@@ -1935,6 +1938,14 @@ module Aws::Transfer
     # You can use `DescribeExecution` to check the details of the execution
     # of the specified workflow.
     #
+    # <note markdown="1"> This API call only returns details for in-progress workflows.
+    #
+    #  If you provide an ID for an execution that is not in progress, or if
+    # the execution doesn't match the specified workflow ID, you receive a
+    # `ResourceNotFound` exception.
+    #
+    #  </note>
+    #
     # @option params [required, String] :execution_id
     #   A unique identifier for the execution of a workflow.
     #
@@ -2162,6 +2173,7 @@ module Aws::Transfer
     #   resp.server.identity_provider_details.invocation_role #=> String
     #   resp.server.identity_provider_details.directory_id #=> String
     #   resp.server.identity_provider_details.function #=> String
+    #   resp.server.identity_provider_details.sftp_authentication_methods #=> String, one of "PASSWORD", "PUBLIC_KEY", "PUBLIC_KEY_OR_PASSWORD", "PUBLIC_KEY_AND_PASSWORD"
     #   resp.server.identity_provider_type #=> String, one of "SERVICE_MANAGED", "API_GATEWAY", "AWS_DIRECTORY_SERVICE", "AWS_LAMBDA"
     #   resp.server.logging_role #=> String
     #   resp.server.post_authentication_login_banner #=> String
@@ -2470,9 +2482,9 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Adds a Secure Shell (SSH) public key to a user account identified by a
-    # `UserName` value assigned to the specific file transfer
-    # protocol-enabled server, identified by `ServerId`.
+    # Adds a Secure Shell (SSH) public key to a Transfer Family user
+    # identified by a `UserName` value assigned to the specific file
+    # transfer protocol-enabled server, identified by `ServerId`.
     #
     # The response returns the `UserName` value, the `ServerId` value, and
     # the name of the `SshPublicKeyId`.
@@ -2486,7 +2498,8 @@ module Aws::Transfer
     #   Transfer Family accepts RSA, ECDSA, and ED25519 keys.
     #
     # @option params [required, String] :user_name
-    #   The name of the user account that is assigned to one or more servers.
+    #   The name of the Transfer Family user that is assigned to one or more
+    #   servers.
     #
     # @return [Types::ImportSshPublicKeyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2716,7 +2729,12 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Lists all executions for the specified workflow.
+    # Lists all in-progress executions for the specified workflow.
+    #
+    # <note markdown="1"> If the specified workflow ID cannot be found, `ListExecutions` returns
+    # a `ResourceNotFound` exception.
+    #
+    #  </note>
     #
     # @option params [Integer] :max_results
     #   Specifies the maximum number of executions to return.
@@ -2728,7 +2746,7 @@ module Aws::Transfer
     #
     #   This is useful for pagination, for instance. If you have 100
     #   executions for a workflow, you might only want to list first 10. If
-    #   so, call the API by specifying the `max-results`\:
+    #   so, call the API by specifying the `max-results`:
     #
     #   `aws transfer list-executions --max-results 10`
     #
@@ -3086,7 +3104,8 @@ module Aws::Transfer
       req.send_request(options)
     end
 
-    # Lists all of your workflows.
+    # Lists all workflows associated with your Amazon Web Services account
+    # for your current region.
     #
     # @option params [Integer] :max_results
     #   Specifies the maximum number of workflows to return.
@@ -3281,8 +3300,8 @@ module Aws::Transfer
     #
     # @option params [required, Array<Types::Tag>] :tags
     #   Key-value pairs assigned to ARNs that you can use to group and search
-    #   for resources by type. You can attach this metadata to user accounts
-    #   for any purpose.
+    #   for resources by type. You can attach this metadata to resources
+    #   (servers, users, workflows, and so on) for any purpose.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -3318,10 +3337,16 @@ module Aws::Transfer
     # The `ServerId` and `UserName` parameters are required. The
     # `ServerProtocol`, `SourceIp`, and `UserPassword` are all optional.
     #
-    # <note markdown="1"> You cannot use `TestIdentityProvider` if the `IdentityProviderType` of
-    # your server is `SERVICE_MANAGED`.
+    # Note the following:
     #
-    #  </note>
+    # * You cannot use `TestIdentityProvider` if the `IdentityProviderType`
+    #   of your server is `SERVICE_MANAGED`.
+    #
+    # * `TestIdentityProvider` does not work with keys: it only accepts
+    #   passwords.
+    #
+    # * `TestIdentityProvider` can test the password operation for a custom
+    #   Identity Provider that handles keys and passwords.
     #
     # * If you provide any incorrect values for any parameters, the
     #   `Response` field is empty.
@@ -3338,7 +3363,11 @@ module Aws::Transfer
     #   error:
     #
     #   `An error occurred (ResourceNotFoundException) when calling the
-    #   TestIdentityProvider operation: Unknown server`
+    #   TestIdentityProvider operation: Unknown server`.
+    #
+    #   It is possible your sever is in a different region. You can specify
+    #   a region by adding the following: `--region region-code`, such as
+    #   `--region us-east-2` to specify a server in **US East (Ohio)**.
     #
     # @option params [required, String] :server_id
     #   A system-assigned identifier for a specific server. That server's
@@ -3355,14 +3384,16 @@ module Aws::Transfer
     #
     #   * File Transfer Protocol (FTP)
     #
+    #   * Applicability Statement 2 (AS2)
+    #
     # @option params [String] :source_ip
-    #   The source IP address of the user account to be tested.
+    #   The source IP address of the account to be tested.
     #
     # @option params [required, String] :user_name
-    #   The name of the user account to be tested.
+    #   The name of the account to be tested.
     #
     # @option params [String] :user_password
-    #   The password of the user account to be tested.
+    #   The password of the account to be tested.
     #
     # @return [Types::TestIdentityProviderResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -4060,7 +4091,7 @@ module Aws::Transfer
     #
     # @option params [required, String] :server_id
     #   A system-assigned unique identifier for a server instance that the
-    #   user account is assigned to.
+    #   Transfer Family user is assigned to.
     #
     # @option params [Types::WorkflowDetails] :workflow_details
     #   Specifies the workflow ID for the workflow to assign and the execution
@@ -4069,7 +4100,8 @@ module Aws::Transfer
     #   In addition to a workflow to execute when a file is uploaded
     #   completely, `WorkflowDetails` can also contain a workflow ID (and
     #   execution role) for a workflow to execute on partial upload. A partial
-    #   upload occurs when a file is open when the session disconnects.
+    #   upload occurs when the server session disconnects while the file is
+    #   still being uploaded.
     #
     #   To remove an associated workflow from a server, you can provide an
     #   empty `OnUpload` object, as in the following example.
@@ -4105,6 +4137,7 @@ module Aws::Transfer
     #       invocation_role: "Role",
     #       directory_id: "DirectoryId",
     #       function: "Function",
+    #       sftp_authentication_methods: "PASSWORD", # accepts PASSWORD, PUBLIC_KEY, PUBLIC_KEY_OR_PASSWORD, PUBLIC_KEY_AND_PASSWORD
     #     },
     #     logging_role: "NullableRole",
     #     post_authentication_login_banner: "PostAuthenticationLoginBanner",
@@ -4234,8 +4267,8 @@ module Aws::Transfer
     #   users' transfer requests.
     #
     # @option params [required, String] :server_id
-    #   A system-assigned unique identifier for a server instance that the
-    #   user account is assigned to.
+    #   A system-assigned unique identifier for a Transfer Family server
+    #   instance that the user is assigned to.
     #
     # @option params [required, String] :user_name
     #   A unique string that identifies a user and is associated with a server
@@ -4299,7 +4332,7 @@ module Aws::Transfer
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-transfer'
-      context[:gem_version] = '1.67.0'
+      context[:gem_version] = '1.68.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-transfer/client_api.rb

@@ -249,6 +249,7 @@ module Aws::Transfer
     ServiceUnavailableException = Shapes::StructureShape.new(name: 'ServiceUnavailableException')
     SessionId = Shapes::StringShape.new(name: 'SessionId')
     SetStatOption = Shapes::StringShape.new(name: 'SetStatOption')
+    SftpAuthenticationMethods = Shapes::StringShape.new(name: 'SftpAuthenticationMethods')
     SigningAlg = Shapes::StringShape.new(name: 'SigningAlg')
     SourceFileLocation = Shapes::StringShape.new(name: 'SourceFileLocation')
     SourceIp = Shapes::StringShape.new(name: 'SourceIp')
@@ -721,6 +722,7 @@ module Aws::Transfer
     IdentityProviderDetails.add_member(:invocation_role, Shapes::ShapeRef.new(shape: Role, location_name: "InvocationRole"))
     IdentityProviderDetails.add_member(:directory_id, Shapes::ShapeRef.new(shape: DirectoryId, location_name: "DirectoryId"))
     IdentityProviderDetails.add_member(:function, Shapes::ShapeRef.new(shape: Function, location_name: "Function"))
+    IdentityProviderDetails.add_member(:sftp_authentication_methods, Shapes::ShapeRef.new(shape: SftpAuthenticationMethods, location_name: "SftpAuthenticationMethods"))
     IdentityProviderDetails.struct_class = Types::IdentityProviderDetails
 
     ImportCertificateRequest.add_member(:usage, Shapes::ShapeRef.new(shape: CertificateUsageType, required: true, location_name: "Usage"))

data/lib/aws-sdk-transfer/endpoint_parameters.rb

@@ -50,9 +50,6 @@ module Aws::Transfer
 
     def initialize(options = {})
       self[:region] = options[:region]
-      if self[:region].nil?
-        raise ArgumentError, "Missing required EndpointParameter: :region"
-      end
       self[:use_dual_stack] = options[:use_dual_stack]
       self[:use_dual_stack] = false if self[:use_dual_stack].nil?
       if self[:use_dual_stack].nil?

data/lib/aws-sdk-transfer/endpoint_provider.rb

@@ -14,36 +14,39 @@ module Aws::Transfer
       use_dual_stack = parameters.use_dual_stack
       use_fips = parameters.use_fips
       endpoint = parameters.endpoint
-      if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
-        if Aws::Endpoints::Matchers.set?(endpoint)
-          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
-            raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
-          end
-          if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
-            raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
-          end
-          return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
-        end
-        if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
-          if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
-            return Aws::Endpoints::Endpoint.new(url: "https://transfer-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
-          end
-          raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
-        end
+      if Aws::Endpoints::Matchers.set?(endpoint)
         if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
-          if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
-            return Aws::Endpoints::Endpoint.new(url: "https://transfer-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
-          end
-          raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
+          raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
         end
         if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
-          if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
-            return Aws::Endpoints::Endpoint.new(url: "https://transfer.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+          raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
+        end
+        return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
+      end
+      if Aws::Endpoints::Matchers.set?(region)
+        if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
+          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
+              return Aws::Endpoints::Endpoint.new(url: "https://transfer-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+            end
+            raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
+          end
+          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
+            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
+              return Aws::Endpoints::Endpoint.new(url: "https://transfer-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
+            end
+            raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
+          end
+          if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
+              return Aws::Endpoints::Endpoint.new(url: "https://transfer.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+            end
+            raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
           end
-          raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
+          return Aws::Endpoints::Endpoint.new(url: "https://transfer.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
         end
-        return Aws::Endpoints::Endpoint.new(url: "https://transfer.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
       end
+      raise ArgumentError, "Invalid Configuration: Missing Region"
       raise ArgumentError, 'No endpoint could be resolved'
 
     end

data/lib/aws-sdk-transfer/types.rb

@@ -73,10 +73,10 @@ module Aws::Transfer
     #   transfers is synchronous or asynchronous. Specify either of the
     #   following values:
     #
-    #   * `SYNC`\: The system expects a synchronous MDN response, confirming
+    #   * `SYNC`: The system expects a synchronous MDN response, confirming
     #     that the file was transferred successfully (or not).
     #
-    #   * `NONE`\: Specifies that no MDN response is required.
+    #   * `NONE`: Specifies that no MDN response is required.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/As2ConnectorConfig AWS API Documentation
@@ -117,11 +117,11 @@ module Aws::Transfer
     #
     # @!attribute [rw] destination_file_location
     #   Specifies the location for the file being copied. Use
-    #   `$\{Transfer:username\}` or `$\{Transfer:UploadDate\}` in this field
+    #   `$\{Transfer:UserName\}` or `$\{Transfer:UploadDate\}` in this field
     #   to parametrize the destination prefix by username or uploaded date.
     #
     #   * Set the value of `DestinationFileLocation` to
-    #     `$\{Transfer:username\}` to copy uploaded files to an Amazon S3
+    #     `$\{Transfer:UserName\}` to copy uploaded files to an Amazon S3
     #     bucket that is prefixed with the name of the Transfer Family user
     #     that uploaded the file.
     #
@@ -130,7 +130,7 @@ module Aws::Transfer
     #     bucket that is prefixed with the date of the upload.
     #
     #     <note markdown="1"> The system resolves `UploadDate` to a date format of *YYYY-MM-DD*,
-    #     based on the date the file is uploaded.
+    #     based on the date the file is uploaded in UTC.
     #
     #      </note>
     #   @return [Types::InputFileLocation]
@@ -138,6 +138,15 @@ module Aws::Transfer
     # @!attribute [rw] overwrite_existing
     #   A flag that indicates whether to overwrite an existing file of the
     #   same name. The default is `FALSE`.
+    #
+    #   If the workflow is processing a file that has the same name as an
+    #   existing file, the behavior is as follows:
+    #
+    #   * If `OverwriteExisting` is `TRUE`, the existing file is replaced
+    #     with the file being processed.
+    #
+    #   * If `OverwriteExisting` is `FALSE`, nothing happens, and the
+    #     workflow processing stops.
     #   @return [String]
     #
     # @!attribute [rw] source_file_location
@@ -637,11 +646,12 @@ module Aws::Transfer
     #
     # @!attribute [rw] identity_provider_details
     #   Required when `IdentityProviderType` is set to
-    #   `AWS_DIRECTORY_SERVICE` or `API_GATEWAY`. Accepts an array
-    #   containing all of the information required to use a directory in
-    #   `AWS_DIRECTORY_SERVICE` or invoke a customer-supplied authentication
-    #   API, including the API Gateway URL. Not required when
-    #   `IdentityProviderType` is set to `SERVICE_MANAGED`.
+    #   `AWS_DIRECTORY_SERVICE`, `Amazon Web Services_LAMBDA` or
+    #   `API_GATEWAY`. Accepts an array containing all of the information
+    #   required to use a directory in `AWS_DIRECTORY_SERVICE` or invoke a
+    #   customer-supplied authentication API, including the API Gateway URL.
+    #   Not required when `IdentityProviderType` is set to
+    #   `SERVICE_MANAGED`.
     #   @return [Types::IdentityProviderDetails]
     #
     # @!attribute [rw] identity_provider_type
@@ -663,7 +673,7 @@ module Aws::Transfer
     #
     #   Use the `AWS_LAMBDA` value to directly use an Lambda function as
     #   your identity provider. If you choose this value, you must specify
-    #   the ARN for the Lambda function in the `Function` parameter or the
+    #   the ARN for the Lambda function in the `Function` parameter for the
     #   `IdentityProviderDetails` data type.
     #   @return [String]
     #
@@ -775,8 +785,8 @@ module Aws::Transfer
     #   In addition to a workflow to execute when a file is uploaded
     #   completely, `WorkflowDetails` can also contain a workflow ID (and
     #   execution role) for a workflow to execute on partial upload. A
-    #   partial upload occurs when a file is open when the session
-    #   disconnects.
+    #   partial upload occurs when the server session disconnects while the
+    #   file is still being uploaded.
     #   @return [Types::WorkflowDetails]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateServerRequest AWS API Documentation
@@ -963,8 +973,7 @@ module Aws::Transfer
     #   @return [String]
     #
     # @!attribute [rw] user_name
-    #   A unique string that identifies a user account associated with a
-    #   server.
+    #   A unique string that identifies a Transfer Family user.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateUserResponse AWS API Documentation
@@ -1011,9 +1020,9 @@ module Aws::Transfer
     #   Specifies the steps (actions) to take if errors are encountered
     #   during execution of the workflow.
     #
-    #   <note markdown="1"> For custom steps, the lambda function needs to send `FAILURE` to the
+    #   <note markdown="1"> For custom steps, the Lambda function needs to send `FAILURE` to the
     #   call back API to kick off the exception steps. Additionally, if the
-    #   lambda does not send `SUCCESS` before it times out, the exception
+    #   Lambda does not send `SUCCESS` before it times out, the exception
     #   steps are executed.
     #
     #    </note>
@@ -1054,7 +1063,7 @@ module Aws::Transfer
     #   @return [String]
     #
     # @!attribute [rw] target
-    #   The ARN for the lambda function that is being called.
+    #   The ARN for the Lambda function that is being called.
     #   @return [String]
     #
     # @!attribute [rw] timeout_seconds
@@ -1111,10 +1120,35 @@ module Aws::Transfer
     # @!attribute [rw] overwrite_existing
     #   A flag that indicates whether to overwrite an existing file of the
     #   same name. The default is `FALSE`.
+    #
+    #   If the workflow is processing a file that has the same name as an
+    #   existing file, the behavior is as follows:
+    #
+    #   * If `OverwriteExisting` is `TRUE`, the existing file is replaced
+    #     with the file being processed.
+    #
+    #   * If `OverwriteExisting` is `FALSE`, nothing happens, and the
+    #     workflow processing stops.
     #   @return [String]
     #
     # @!attribute [rw] destination_file_location
-    #   Specifies the location for the file that's being processed.
+    #   Specifies the location for the file being decrypted. Use
+    #   `$\{Transfer:UserName\}` or `$\{Transfer:UploadDate\}` in this field
+    #   to parametrize the destination prefix by username or uploaded date.
+    #
+    #   * Set the value of `DestinationFileLocation` to
+    #     `$\{Transfer:UserName\}` to decrypt uploaded files to an Amazon S3
+    #     bucket that is prefixed with the name of the Transfer Family user
+    #     that uploaded the file.
+    #
+    #   * Set the value of `DestinationFileLocation` to
+    #     `$\{Transfer:UploadDate\}` to decrypt uploaded files to an Amazon
+    #     S3 bucket that is prefixed with the date of the upload.
+    #
+    #     <note markdown="1"> The system resolves `UploadDate` to a date format of *YYYY-MM-DD*,
+    #     based on the date the file is uploaded in UTC.
+    #
+    #      </note>
     #   @return [Types::InputFileLocation]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DecryptStepDetails AWS API Documentation
@@ -1628,8 +1662,8 @@ module Aws::Transfer
     #   @return [String]
     #
     # @!attribute [rw] user
-    #   An array containing the properties of the user account for the
-    #   `ServerID` value that you specified.
+    #   An array containing the properties of the Transfer Family user for
+    #   the `ServerID` value that you specified.
     #   @return [Types::DescribedUser]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeUserResponse AWS API Documentation
@@ -2293,7 +2327,7 @@ module Aws::Transfer
     #
     #   Use the `AWS_LAMBDA` value to directly use an Lambda function as
     #   your identity provider. If you choose this value, you must specify
-    #   the ARN for the Lambda function in the `Function` parameter or the
+    #   the ARN for the Lambda function in the `Function` parameter for the
     #   `IdentityProviderDetails` data type.
     #   @return [String]
     #
@@ -2402,8 +2436,8 @@ module Aws::Transfer
     #   In addition to a workflow to execute when a file is uploaded
     #   completely, `WorkflowDetails` can also contain a workflow ID (and
     #   execution role) for a workflow to execute on partial upload. A
-    #   partial upload occurs when a file is open when the session
-    #   disconnects.
+    #   partial upload occurs when the server session disconnects while the
+    #   file is still being uploaded.
     #   @return [Types::WorkflowDetails]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribedServer AWS API Documentation
@@ -2695,36 +2729,36 @@ module Aws::Transfer
     # @!attribute [rw] type
     #   Specifies the error type.
     #
-    #   * `ALREADY_EXISTS`\: occurs for a copy step, if the overwrite option
+    #   * `ALREADY_EXISTS`: occurs for a copy step, if the overwrite option
     #     is not selected and a file with the same name already exists in
     #     the target location.
     #
-    #   * `BAD_REQUEST`\: a general bad request: for example, a step that
+    #   * `BAD_REQUEST`: a general bad request: for example, a step that
     #     attempts to tag an EFS file returns `BAD_REQUEST`, as only S3
     #     files can be tagged.
     #
-    #   * `CUSTOM_STEP_FAILED`\: occurs when the custom step provided a
+    #   * `CUSTOM_STEP_FAILED`: occurs when the custom step provided a
     #     callback that indicates failure.
     #
-    #   * `INTERNAL_SERVER_ERROR`\: a catch-all error that can occur for a
+    #   * `INTERNAL_SERVER_ERROR`: a catch-all error that can occur for a
     #     variety of reasons.
     #
-    #   * `NOT_FOUND`\: occurs when a requested entity, for example a source
+    #   * `NOT_FOUND`: occurs when a requested entity, for example a source
     #     file for a copy step, does not exist.
     #
-    #   * `PERMISSION_DENIED`\: occurs if your policy does not contain the
+    #   * `PERMISSION_DENIED`: occurs if your policy does not contain the
     #     correct permissions to complete one or more of the steps in the
     #     workflow.
     #
-    #   * `TIMEOUT`\: occurs when the execution times out.
+    #   * `TIMEOUT`: occurs when the execution times out.
     #
     #     <note markdown="1"> You can set the `TimeoutSeconds` for a custom step, anywhere from
     #     1 second to 1800 seconds (30 minutes).
     #
     #      </note>
     #
-    #   * `THROTTLED`\: occurs if you exceed the new execution refill rate
-    #     of one workflow per second.
+    #   * `THROTTLED`: occurs if you exceed the new execution refill rate of
+    #     one workflow per second.
     #   @return [String]
     #
     # @!attribute [rw] message
@@ -2857,8 +2891,9 @@ module Aws::Transfer
     #   @return [String]
     #
     # @!attribute [rw] invocation_role
-    #   Provides the type of `InvocationRole` used to authenticate the user
-    #   account.
+    #   This parameter is only applicable if your `IdentityProviderType` is
+    #   `API_GATEWAY`. Provides the type of `InvocationRole` used to
+    #   authenticate the user account.
     #   @return [String]
     #
     # @!attribute [rw] directory_id
@@ -2867,7 +2902,26 @@ module Aws::Transfer
     #   @return [String]
     #
     # @!attribute [rw] function
-    #   The ARN for a lambda function to use for the Identity provider.
+    #   The ARN for a Lambda function to use for the Identity provider.
+    #   @return [String]
+    #
+    # @!attribute [rw] sftp_authentication_methods
+    #   For SFTP-enabled servers, and for custom identity providers *only*,
+    #   you can specify whether to authenticate using a password, SSH key
+    #   pair, or both.
+    #
+    #   * `PASSWORD` - users must provide their password to connect.
+    #
+    #   * `PUBLIC_KEY` - users must provide their private key to connect.
+    #
+    #   * `PUBLIC_KEY_OR_PASSWORD` - users can authenticate with either
+    #     their password or their key. This is the default value.
+    #
+    #   * `PUBLIC_KEY_AND_PASSWORD` - users must provide both their private
+    #     key and their password to connect. The server checks the key
+    #     first, and then if the key is valid, the system prompts for a
+    #     password. If the private key provided does not match the public
+    #     key that is stored, authentication fails.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/IdentityProviderDetails AWS API Documentation
@@ -2876,7 +2930,8 @@ module Aws::Transfer
       :url,
       :invocation_role,
       :directory_id,
-      :function)
+      :function,
+      :sftp_authentication_methods)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -3014,7 +3069,7 @@ module Aws::Transfer
     #   @return [String]
     #
     # @!attribute [rw] user_name
-    #   The name of the user account that is assigned to one or more
+    #   The name of the Transfer Family user that is assigned to one or more
     #   servers.
     #   @return [String]
     #
@@ -3302,7 +3357,7 @@ module Aws::Transfer
     #
     #   This is useful for pagination, for instance. If you have 100
     #   executions for a workflow, you might only want to list first 10. If
-    #   so, call the API by specifying the `max-results`\:
+    #   so, call the API by specifying the `max-results`:
     #
     #   `aws transfer list-executions --max-results 10`
     #
@@ -3343,19 +3398,8 @@ module Aws::Transfer
     #   @return [String]
     #
     # @!attribute [rw] executions
-    #   Returns the details for each execution.
-    #
-    #   * **NextToken**\: returned from a call to several APIs, you can use
-    #     pass it to a subsequent command to continue listing additional
-    #     executions.
-    #
-    #   * **StartTime**\: timestamp indicating when the execution began.
-    #
-    #   * **Executions**\: details of the execution, including the execution
-    #     ID, initial file location, and Service metadata.
-    #
-    #   * **Status**\: one of the following values: `IN_PROGRESS`,
-    #     `COMPLETED`, `EXCEPTION`, `HANDLING_EXEPTION`.
+    #   Returns the details for each execution, in a `ListedExecution`
+    #   array.
     #   @return [Array<Types::ListedExecution>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListExecutionsResponse AWS API Documentation
@@ -3638,8 +3682,8 @@ module Aws::Transfer
     #   @return [String]
     #
     # @!attribute [rw] users
-    #   Returns the user accounts and their properties for the `ServerId`
-    #   value that you specify.
+    #   Returns the Transfer Family users and their properties for the
+    #   `ServerId` value that you specify.
     #   @return [Array<Types::ListedUser>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListUsersResponse AWS API Documentation
@@ -4038,7 +4082,7 @@ module Aws::Transfer
     #
     #   Use the `AWS_LAMBDA` value to directly use an Lambda function as
     #   your identity provider. If you choose this value, you must specify
-    #   the ARN for the Lambda function in the `Function` parameter or the
+    #   the ARN for the Lambda function in the `Function` parameter for the
     #   `IdentityProviderDetails` data type.
     #   @return [String]
     #
@@ -4292,15 +4336,15 @@ module Aws::Transfer
     #   `TlsSessionResumptionMode` value is not specified during
     #   `CreateServer`, it is set to `ENFORCED` by default.
     #
-    #   * `DISABLED`\: the server does not process TLS session resumption
+    #   * `DISABLED`: the server does not process TLS session resumption
     #     client requests and creates a new TLS session for each request.
     #
-    #   * `ENABLED`\: the server processes and accepts clients that are
+    #   * `ENABLED`: the server processes and accepts clients that are
     #     performing TLS session resumption. The server doesn't reject
     #     client data connections that do not perform the TLS session
     #     resumption client processing.
     #
-    #   * `ENFORCED`\: the server processes and accepts clients that are
+    #   * `ENFORCED`: the server processes and accepts clients that are
     #     performing TLS session resumption. The server rejects client data
     #     connections that do not perform the TLS session resumption client
     #     processing. Before you set the value to `ENFORCED`, test your
@@ -4448,7 +4492,7 @@ module Aws::Transfer
     # For example, if your path is `shared-files/bob/`, your uploaded files
     # are copied to the `shared-files/bob/`, folder. If your path is
     # `shared-files/today`, each uploaded file is copied to the
-    # `shared-files` folder and named `today`\: each upload overwrites the
+    # `shared-files` folder and named `today`: each upload overwrites the
     # previous version of the *bob* file.
     #
     # @!attribute [rw] bucket
@@ -4552,15 +4596,15 @@ module Aws::Transfer
     end
 
     # Provides information about the public Secure Shell (SSH) key that is
-    # associated with a user account for the specific file transfer
+    # associated with a Transfer Family user for the specific file transfer
     # protocol-enabled server (as identified by `ServerId`). The information
     # returned includes the date the key was imported, the public key
     # contents, and the public key ID. A user can store more than one SSH
     # public key associated with their user name on a specific server.
     #
     # @!attribute [rw] date_imported
-    #   Specifies the date that the public key was added to the user
-    #   account.
+    #   Specifies the date that the public key was added to the Transfer
+    #   Family user.
     #   @return [Time]
     #
     # @!attribute [rw] ssh_public_key_body
@@ -4672,8 +4716,8 @@ module Aws::Transfer
     #
     # @!attribute [rw] tags
     #   Key-value pairs assigned to ARNs that you can use to group and
-    #   search for resources by type. You can attach this metadata to user
-    #   accounts for any purpose.
+    #   search for resources by type. You can attach this metadata to
+    #   resources (servers, users, workflows, and so on) for any purpose.
     #   @return [Array<Types::Tag>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/TagResourceRequest AWS API Documentation
@@ -4736,18 +4780,20 @@ module Aws::Transfer
     #   * File Transfer Protocol Secure (FTPS)
     #
     #   * File Transfer Protocol (FTP)
+    #
+    #   * Applicability Statement 2 (AS2)
     #   @return [String]
     #
     # @!attribute [rw] source_ip
-    #   The source IP address of the user account to be tested.
+    #   The source IP address of the account to be tested.
     #   @return [String]
     #
     # @!attribute [rw] user_name
-    #   The name of the user account to be tested.
+    #   The name of the account to be tested.
     #   @return [String]
     #
     # @!attribute [rw] user_password
-    #   The password of the user account to be tested.
+    #   The password of the account to be tested.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/TestIdentityProviderRequest AWS API Documentation
@@ -4763,11 +4809,13 @@ module Aws::Transfer
     end
 
     # @!attribute [rw] response
-    #   The response that is returned from your API Gateway.
+    #   The response that is returned from your API Gateway or your Lambda
+    #   function.
     #   @return [String]
     #
     # @!attribute [rw] status_code
-    #   The HTTP status code that is the response from your API Gateway.
+    #   The HTTP status code that is the response from your API Gateway or
+    #   your Lambda function.
     #   @return [Integer]
     #
     # @!attribute [rw] message
@@ -5452,7 +5500,7 @@ module Aws::Transfer
     #
     # @!attribute [rw] server_id
     #   A system-assigned unique identifier for a server instance that the
-    #   user account is assigned to.
+    #   Transfer Family user is assigned to.
     #   @return [String]
     #
     # @!attribute [rw] workflow_details
@@ -5462,8 +5510,8 @@ module Aws::Transfer
     #   In addition to a workflow to execute when a file is uploaded
     #   completely, `WorkflowDetails` can also contain a workflow ID (and
     #   execution role) for a workflow to execute on partial upload. A
-    #   partial upload occurs when a file is open when the session
-    #   disconnects.
+    #   partial upload occurs when the server session disconnects while the
+    #   file is still being uploaded.
     #
     #   To remove an associated workflow from a server, you can provide an
     #   empty `OnUpload` object, as in the following example.
@@ -5493,8 +5541,8 @@ module Aws::Transfer
     end
 
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a server that the user
-    #   account is assigned to.
+    #   A system-assigned unique identifier for a server that the Transfer
+    #   Family user is assigned to.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateServerResponse AWS API Documentation
@@ -5599,8 +5647,8 @@ module Aws::Transfer
     #   @return [String]
     #
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a server instance that the
-    #   user account is assigned to.
+    #   A system-assigned unique identifier for a Transfer Family server
+    #   instance that the user is assigned to.
     #   @return [String]
     #
     # @!attribute [rw] user_name
@@ -5631,8 +5679,8 @@ module Aws::Transfer
     # request to update a user's properties.
     #
     # @!attribute [rw] server_id
-    #   A system-assigned unique identifier for a server instance that the
-    #   user account is assigned to.
+    #   A system-assigned unique identifier for a Transfer Family server
+    #   instance that the account is assigned to.
     #   @return [String]
     #
     # @!attribute [rw] user_name
@@ -5652,8 +5700,8 @@ module Aws::Transfer
     # Specifies the user name, server ID, and session ID for a workflow.
     #
     # @!attribute [rw] user_name
-    #   A unique string that identifies a user account associated with a
-    #   server.
+    #   A unique string that identifies a Transfer Family user associated
+    #   with a server.
     #   @return [String]
     #
     # @!attribute [rw] server_id
@@ -5682,7 +5730,8 @@ module Aws::Transfer
     # In addition to a workflow to execute when a file is uploaded
     # completely, `WorkflowDetails` can also contain a workflow ID (and
     # execution role) for a workflow to execute on partial upload. A partial
-    # upload occurs when a file is open when the session disconnects.
+    # upload occurs when the server session disconnects while the file is
+    # still being uploaded.
     #
     # @!attribute [rw] workflow_id
     #   A unique identifier for the workflow.

data/lib/aws-sdk-transfer.rb

@@ -53,6 +53,6 @@ require_relative 'aws-sdk-transfer/customizations'
 # @!group service
 module Aws::Transfer
 
-  GEM_VERSION = '1.67.0'
+  GEM_VERSION = '1.68.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-transfer
 version: !ruby/object:Gem::Version
-  version: 1.67.0
+  version: 1.68.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-02-07 00:00:00.000000000 Z
+date: 2023-05-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core