lib/aws-sdk-transfer/client.rb in aws-sdk-transfer-1.56.0 vs lib/aws-sdk-transfer/client.rb in aws-sdk-transfer-1.57.0

- old
+ new

@@ -361,40 +361,40 @@ # @!group API Operations # Used by administrators to choose which groups in the directory should # have access to upload and download files over the enabled protocols - # using Amazon Web Services Transfer Family. For example, a Microsoft - # Active Directory might contain 50,000 users, but only a small fraction - # might need the ability to transfer files to the server. An - # administrator can use `CreateAccess` to limit the access to the - # correct set of users who need this ability. + # using Transfer Family. For example, a Microsoft Active Directory might + # contain 50,000 users, but only a small fraction might need the ability + # to transfer files to the server. An administrator can use + # `CreateAccess` to limit the access to the correct set of users who + # need this ability. # # @option params [String] :home_directory # The landing directory (folder) for a user when they log in to the # server using the client. # # A `HomeDirectory` example is `/bucket_name/home/mydirectory`. # # @option params [String] :home_directory_type - # The type of landing directory (folder) you want your users' home - # directory to be when they log into the server. If you set it to + # The type of landing directory (folder) that you want your users' home + # directory to be when they log in to the server. If you set it to # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths # as is in their file transfer protocol clients. If you set it # `LOGICAL`, you need to provide mappings in the `HomeDirectoryMappings` - # for how you want to make Amazon S3 or EFS paths visible to your users. + # for how you want to make Amazon S3 or Amazon EFS paths visible to your + # users. # # @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings # Logical directory mappings that specify what Amazon S3 or Amazon EFS # paths and keys should be visible to your user and how you want to make # them visible. You must specify the `Entry` and `Target` pair, where # `Entry` shows how the path is made visible and `Target` is the actual # Amazon S3 or Amazon EFS path. If you only specify a target, it is - # displayed as is. You also must ensure that your Amazon Web Services - # Identity and Access Management (IAM) role provides access to paths in - # `Target`. This value can only be set when `HomeDirectoryType` is set - # to *LOGICAL*. + # displayed as is. You also must ensure that your Identity and Access + # Management (IAM) role provides access to paths in `Target`. This value + # can be set only when `HomeDirectoryType` is set to *LOGICAL*. # # The following is an `Entry` and `Target` pair example. # # `[ \{ "Entry": "/directory1", "Target": # "/bucket_name/home/mydirectory" \} ]` @@ -407,28 +407,28 @@ # The following is an `Entry` and `Target` pair example for `chroot`. # # `[ \{ "Entry": "/", "Target": "/bucket_name/home/mydirectory" \} ]` # # @option params [String] :policy - # A session policy for your user so that you can use the same IAM role - # across multiple users. This policy scopes down user access to portions - # of their Amazon S3 bucket. Variables that you can use inside this - # policy include `$\{Transfer:UserName\}`, - # `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`. + # A session policy for your user so that you can use the same Identity + # and Access Management (IAM) role across multiple users. This policy + # scopes down a user's access to portions of their Amazon S3 bucket. + # Variables that you can use inside this policy include + # `$\{Transfer:UserName\}`, `$\{Transfer:HomeDirectory\}`, and + # `$\{Transfer:HomeBucket\}`. # - # <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not - # use session policies. + # <note markdown="1"> This policy applies only when the domain of `ServerId` is Amazon S3. + # Amazon EFS does not use session policies. # - # For session policies, Amazon Web Services Transfer Family stores the - # policy as a JSON blob, instead of the Amazon Resource Name (ARN) of - # the policy. You save the policy as a JSON blob and pass it in the - # `Policy` argument. + # For session policies, Transfer Family stores the policy as a JSON + # blob, instead of the Amazon Resource Name (ARN) of the policy. You + # save the policy as a JSON blob and pass it in the `Policy` argument. # # For an example of a session policy, see [Example session policy][1]. # - # For more information, see [AssumeRole][2] in the *Amazon Web Services - # Security Token Service API Reference*. + # For more information, see [AssumeRole][2] in the *Security Token + # Service API Reference*. # # </note> # # # @@ -442,40 +442,41 @@ # that are set on files and directories in your file system determine # the level of access your users get when transferring files into and # out of your Amazon EFS file systems. # # @option params [required, String] :role - # Specifies the Amazon Resource Name (ARN) of the IAM role that controls - # your users' access to your Amazon S3 bucket or EFS file system. The - # policies attached to this role determine the level of access that you - # want to provide your users when transferring files into and out of - # your Amazon S3 bucket or EFS file system. The IAM role should also - # contain a trust relationship that allows the server to access your - # resources when servicing your users' transfer requests. + # The Amazon Resource Name (ARN) of the Identity and Access Management + # (IAM) role that controls your users' access to your Amazon S3 bucket + # or Amazon EFS file system. The policies attached to this role + # determine the level of access that you want to provide your users when + # transferring files into and out of your Amazon S3 bucket or Amazon EFS + # file system. The IAM role should also contain a trust relationship + # that allows the server to access your resources when servicing your + # users' transfer requests. # # @option params [required, String] :server_id # A system-assigned unique identifier for a server instance. This is the # specific server that you added your user to. # # @option params [required, String] :external_id # A unique identifier that is required to identify specific groups # within your directory. The users of the group that you associate have # access to your Amazon S3 or Amazon EFS resources over the enabled - # protocols using Amazon Web Services Transfer Family. If you know the - # group name, you can view the SID values by running the following - # command using Windows PowerShell. + # protocols using Transfer Family. If you know the group name, you can + # view the SID values by running the following command using Windows + # PowerShell. # # `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\} # -Properties * | Select SamAccountName,ObjectSid` # # In that command, replace *YourGroupName* with the name of your Active # Directory group. # - # The regex used to validate this parameter is a string of characters - # consisting of uppercase and lowercase alphanumeric characters with no - # spaces. You can also include underscores or any of the following - # characters: =,.@:/- + # The regular expression used to validate this parameter is a string of + # characters consisting of uppercase and lowercase alphanumeric + # characters with no spaces. You can also include underscores or any of + # the following characters: =,.@:/- # # @return [Types::CreateAccessResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::CreateAccessResponse#server_id #server_id} => String # * {Types::CreateAccessResponse#external_id #external_id} => String @@ -514,31 +515,237 @@ def create_access(params = {}, options = {}) req = build_request(:create_access, params) req.send_request(options) end + # Creates an agreement. An agreement is a bilateral trading partner + # agreement, or partnership, between an Transfer Family server and an + # AS2 process. The agreement defines the file and message transfer + # relationship between the server and the AS2 process. To define an + # agreement, Transfer Family combines a server, local profile, partner + # profile, certificate, and other attributes. + # + # The partner is identified with the `PartnerProfileId`, and the AS2 + # process is identified with the `LocalProfileId`. + # + # @option params [String] :description + # A name or short description to identify the agreement. + # + # @option params [required, String] :server_id + # A system-assigned unique identifier for a server instance. This is the + # specific server that the agreement uses. + # + # @option params [required, String] :local_profile_id + # A unique identifier for the AS2 local profile. + # + # @option params [required, String] :partner_profile_id + # A unique identifier for the partner profile used in the agreement. + # + # @option params [required, String] :base_directory + # The landing directory (folder) for files transferred by using the AS2 + # protocol. + # + # A `BaseDirectory` example is `/DOC-EXAMPLE-BUCKET/home/mydirectory `. + # + # @option params [required, String] :access_role + # The Amazon Resource Name (ARN) of the Identity and Access Management + # (IAM) role that grants access to at least the `HomeDirectory` of your + # users' Amazon S3 buckets. + # + # @option params [String] :status + # The status of the agreement. The agreement can be either `ACTIVE` or + # `INACTIVE`. + # + # @option params [Array<Types::Tag>] :tags + # Key-value pairs that can be used to group and search for agreements. + # + # @return [Types::CreateAgreementResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::CreateAgreementResponse#agreement_id #agreement_id} => String + # + # @example Request syntax with placeholder values + # + # resp = client.create_agreement({ + # description: "Description", + # server_id: "ServerId", # required + # local_profile_id: "ProfileId", # required + # partner_profile_id: "ProfileId", # required + # base_directory: "HomeDirectory", # required + # access_role: "Role", # required + # status: "ACTIVE", # accepts ACTIVE, INACTIVE + # tags: [ + # { + # key: "TagKey", # required + # value: "TagValue", # required + # }, + # ], + # }) + # + # @example Response structure + # + # resp.agreement_id #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateAgreement AWS API Documentation + # + # @overload create_agreement(params = {}) + # @param [Hash] params ({}) + def create_agreement(params = {}, options = {}) + req = build_request(:create_agreement, params) + req.send_request(options) + end + + # Creates the connector, which captures the parameters for an outbound + # connection for the AS2 protocol. The connector is required for sending + # files from a customer's non Amazon Web Services server. + # + # @option params [required, String] :url + # The URL of the partner's AS2 endpoint. + # + # @option params [required, Types::As2ConnectorConfig] :as_2_config + # A structure that contains the parameters for a connector object. + # + # @option params [required, String] :access_role + # With AS2, you can send files by calling `StartFileTransfer` and + # specifying the file paths in the request parameter, `SendFilePaths`. + # We use the file’s parent directory (for example, for + # `--send-file-paths /bucket/dir/file.txt`, parent directory is + # `/bucket/dir/`) to temporarily store a processed AS2 message file, + # store the MDN when we receive them from the partner, and write a final + # JSON file containing relevant metadata of the transmission. So, the + # `AccessRole` needs to provide read and write access to the parent + # directory of the file location used in the `StartFileTransfer` + # request. Additionally, you need to provide read and write access to + # the parent directory of the files that you intend to send with + # `StartFileTransfer`. + # + # @option params [String] :logging_role + # The Amazon Resource Name (ARN) of the Identity and Access Management + # (IAM) role that allows a connector to turn on CloudWatch logging for + # Amazon S3 events. When set, you can view connector activity in your + # CloudWatch logs. + # + # @option params [Array<Types::Tag>] :tags + # Key-value pairs that can be used to group and search for connectors. + # Tags are metadata attached to connectors for any purpose. + # + # @return [Types::CreateConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::CreateConnectorResponse#connector_id #connector_id} => String + # + # @example Request syntax with placeholder values + # + # resp = client.create_connector({ + # url: "Url", # required + # as_2_config: { # required + # local_profile_id: "ProfileId", + # partner_profile_id: "ProfileId", + # message_subject: "MessageSubject", + # compression: "ZLIB", # accepts ZLIB, DISABLED + # encryption_algorithm: "AES128_CBC", # accepts AES128_CBC, AES192_CBC, AES256_CBC + # signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE + # mdn_signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE, DEFAULT + # mdn_response: "SYNC", # accepts SYNC, NONE + # }, + # access_role: "Role", # required + # logging_role: "Role", + # tags: [ + # { + # key: "TagKey", # required + # value: "TagValue", # required + # }, + # ], + # }) + # + # @example Response structure + # + # resp.connector_id #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateConnector AWS API Documentation + # + # @overload create_connector(params = {}) + # @param [Hash] params ({}) + def create_connector(params = {}, options = {}) + req = build_request(:create_connector, params) + req.send_request(options) + end + + # Creates the profile for the AS2 process. The agreement is between the + # partner and the AS2 process. + # + # @option params [required, String] :as_2_id + # The `As2Id` is the *AS2-name*, as defined in the defined in the [RFC + # 4130][1]. For inbound transfers, this is the `AS2-From` header for the + # AS2 messages sent from the partner. For outbound connectors, this is + # the `AS2-To` header for the AS2 messages sent to the partner using the + # `StartFileTransfer` API operation. This ID cannot include spaces. + # + # + # + # [1]: https://datatracker.ietf.org/doc/html/rfc4130 + # + # @option params [required, String] :profile_type + # Indicates whether to list only `LOCAL` type profiles or only `PARTNER` + # type profiles. If not supplied in the request, the command lists all + # types of profiles. + # + # @option params [Array<String>] :certificate_ids + # An array of identifiers for the imported certificates. You use this + # identifier for working with profiles and partner profiles. + # + # @option params [Array<Types::Tag>] :tags + # Key-value pairs that can be used to group and search for AS2 profiles. + # + # @return [Types::CreateProfileResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::CreateProfileResponse#profile_id #profile_id} => String + # + # @example Request syntax with placeholder values + # + # resp = client.create_profile({ + # as_2_id: "As2Id", # required + # profile_type: "LOCAL", # required, accepts LOCAL, PARTNER + # certificate_ids: ["CertificateId"], + # tags: [ + # { + # key: "TagKey", # required + # value: "TagValue", # required + # }, + # ], + # }) + # + # @example Response structure + # + # resp.profile_id #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateProfile AWS API Documentation + # + # @overload create_profile(params = {}) + # @param [Hash] params ({}) + def create_profile(params = {}, options = {}) + req = build_request(:create_profile, params) + req.send_request(options) + end + # Instantiates an auto-scaling virtual server based on the selected file # transfer protocol in Amazon Web Services. When you make updates to # your file transfer protocol-enabled server or when you work with # users, use the service-generated `ServerId` property that is assigned # to the newly created server. # # @option params [String] :certificate - # The Amazon Resource Name (ARN) of the Amazon Web Services Certificate - # Manager (ACM) certificate. Required when `Protocols` is set to `FTPS`. + # The Amazon Resource Name (ARN) of the Certificate Manager (ACM) + # certificate. Required when `Protocols` is set to `FTPS`. # # To request a new public certificate, see [Request a public - # certificate][1] in the <i> Amazon Web Services Certificate Manager - # User Guide</i>. + # certificate][1] in the *Certificate Manager User Guide*. # # To import an existing certificate into ACM, see [Importing - # certificates into ACM][2] in the <i> Amazon Web Services Certificate - # Manager User Guide</i>. + # certificates into ACM][2] in the *Certificate Manager User Guide*. # # To request a private certificate to use FTPS through private IP - # addresses, see [Request a private certificate][3] in the <i> Amazon - # Web Services Certificate Manager User Guide</i>. + # addresses, see [Request a private certificate][3] in the *Certificate + # Manager User Guide*. # # Certificates with the following cryptographic algorithms and key sizes # are supported: # # * 2048-bit RSA (RSA\_2048) @@ -573,14 +780,14 @@ # </note> # # @option params [Types::EndpointDetails] :endpoint_details # The virtual private cloud (VPC) endpoint settings that are configured # for your server. When you host your endpoint within your VPC, you can - # make it accessible only to resources within your VPC, or you can - # attach Elastic IP addresses and make it accessible to clients over the - # internet. Your VPC's default security groups are automatically - # assigned to your endpoint. + # make your endpoint accessible only to resources within your VPC, or + # you can attach Elastic IP addresses and make your endpoint accessible + # to clients over the internet. Your VPC's default security groups are + # automatically assigned to your endpoint. # # @option params [String] :endpoint_type # The type of endpoint that you want your server to use. You can choose # to make your server's endpoint publicly accessible (PUBLIC) or host # it inside your VPC. With an endpoint that is hosted in a VPC, you can @@ -613,12 +820,12 @@ # Use the following command to generate an RSA 2048 bit key with no # passphrase: # # `ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key`. # - # Use a minimum value of 2048 for the `-b` option: you can create a - # stronger key using 3072 or 4096. + # Use a minimum value of 2048 for the `-b` option. You can create a + # stronger key by using 3072 or 4096. # # Use the following command to generate an ECDSA 256 bit key with no # passphrase: # # `ssh-keygen -t ecdsa -b 256 -N "" -m PEM -f my-new-server-key`. @@ -636,11 +843,11 @@ # If you aren't planning to migrate existing users from an existing # SFTP-enabled server to a new server, don't update the host key. # Accidentally changing a server's host key can be disruptive. # # For more information, see [Change the host key for your SFTP-enabled - # server][1] in the *Amazon Web Services Transfer Family User Guide*. + # server][1] in the *Transfer Family User Guide*. # # # # [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key # @@ -650,49 +857,50 @@ # required to use a directory in `AWS_DIRECTORY_SERVICE` or invoke a # customer-supplied authentication API, including the API Gateway URL. # Not required when `IdentityProviderType` is set to `SERVICE_MANAGED`. # # @option params [String] :identity_provider_type - # Specifies the mode of authentication for a server. The default value - # is `SERVICE_MANAGED`, which allows you to store and access user - # credentials within the Amazon Web Services Transfer Family service. + # The mode of authentication for a server. The default value is + # `SERVICE_MANAGED`, which allows you to store and access user + # credentials within the Transfer Family service. # # Use `AWS_DIRECTORY_SERVICE` to provide access to Active Directory - # groups in Amazon Web Services Managed Active Directory or Microsoft - # Active Directory in your on-premises environment or in Amazon Web - # Services using AD Connectors. This option also requires you to provide - # a Directory ID using the `IdentityProviderDetails` parameter. + # groups in Directory Service for Microsoft Active Directory or + # Microsoft Active Directory in your on-premises environment or in + # Amazon Web Services using AD Connector. This option also requires you + # to provide a Directory ID by using the `IdentityProviderDetails` + # parameter. # # Use the `API_GATEWAY` value to integrate with an identity provider of # your choosing. The `API_GATEWAY` setting requires you to provide an - # API Gateway endpoint URL to call for authentication using the - # `IdentityProviderDetails` parameter. + # Amazon API Gateway endpoint URL to call for authentication by using + # the `IdentityProviderDetails` parameter. # - # Use the `AWS_LAMBDA` value to directly use a Lambda function as your + # Use the `AWS_LAMBDA` value to directly use an Lambda function as your # identity provider. If you choose this value, you must specify the ARN - # for the lambda function in the `Function` parameter for the + # for the Lambda function in the `Function` parameter or the # `IdentityProviderDetails` data type. # # @option params [String] :logging_role - # Specifies the Amazon Resource Name (ARN) of the Amazon Web Services - # Identity and Access Management (IAM) role that allows a server to turn - # on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When - # set, user activity can be viewed in your CloudWatch logs. + # The Amazon Resource Name (ARN) of the Identity and Access Management + # (IAM) role that allows a server to turn on Amazon CloudWatch logging + # for Amazon S3 or Amazon EFSevents. When set, you can view user + # activity in your CloudWatch logs. # # @option params [String] :post_authentication_login_banner - # Specify a string to display when users connect to a server. This + # Specifies a string to display when users connect to a server. This # string is displayed after the user authenticates. # # <note markdown="1"> The SFTP protocol does not support post-authentication display # banners. # # </note> # # @option params [String] :pre_authentication_login_banner - # Specify a string to display when users connect to a server. This + # Specifies a string to display when users connect to a server. This # string is displayed before the user authenticates. For example, the - # following banner displays details about using the system. + # following banner displays details about using the system: # # `This system is for the use of authorized users only. Individuals # using this computer system without authority, or in excess of their # authority, are subject to having all of their activities on this # system monitored and recorded by system personnel.` @@ -708,57 +916,67 @@ # * `FTPS` (File Transfer Protocol Secure): File transfer with TLS # encryption # # * `FTP` (File Transfer Protocol): Unencrypted file transfer # - # <note markdown="1"> If you select `FTPS`, you must choose a certificate stored in Amazon - # Web Services Certificate Manager (ACM) which is used to identify your - # server when clients connect to it over FTPS. + # * `AS2` (Applicability Statement 2): used for transporting structured + # business-to-business data # - # If `Protocol` includes either `FTP` or `FTPS`, then the `EndpointType` - # must be `VPC` and the `IdentityProviderType` must be - # `AWS_DIRECTORY_SERVICE` or `API_GATEWAY`. + # <note markdown="1"> * If you select `FTPS`, you must choose a certificate stored in + # Certificate Manager (ACM) which is used to identify your server when + # clients connect to it over FTPS. # - # If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be - # associated. + # * If `Protocol` includes either `FTP` or `FTPS`, then the + # `EndpointType` must be `VPC` and the `IdentityProviderType` must be + # `AWS_DIRECTORY_SERVICE` or `API_GATEWAY`. # - # If `Protocol` is set only to `SFTP`, the `EndpointType` can be set to - # `PUBLIC` and the `IdentityProviderType` can be set to - # `SERVICE_MANAGED`. + # * If `Protocol` includes `FTP`, then `AddressAllocationIds` cannot be + # associated. # + # * If `Protocol` is set only to `SFTP`, the `EndpointType` can be set + # to `PUBLIC` and the `IdentityProviderType` can be set to + # `SERVICE_MANAGED`. + # + # * If `Protocol` includes `AS2`, then the `EndpointType` must be `VPC`, + # and domain must be Amazon S3. + # # </note> # # @option params [Types::ProtocolDetails] :protocol_details # The protocol settings that are configured for your server. # - # * Use the `PassiveIp` parameter to indicate passive mode (for FTP and - # FTPS protocols). Enter a single dotted-quad IPv4 address, such as - # the external IP address of a firewall, router, or load balancer. + # * To indicate passive mode (for FTP and FTPS protocols), use the + # `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such + # as the external IP address of a firewall, router, or load balancer. # - # * Use the `SetStatOption` to ignore the error that is generated when - # the client attempts to use SETSTAT on a file you are uploading to an - # S3 bucket. Set the value to `ENABLE_NO_OP` to have the Transfer - # Family server ignore the SETSTAT command, and upload files without - # needing to make any changes to your SFTP client. Note that with - # `SetStatOption` set to `ENABLE_NO_OP`, Transfer generates a log - # entry to CloudWatch Logs, so you can determine when the client is - # making a SETSTAT call. + # * To ignore the error that is generated when the client attempts to + # use the `SETSTAT` command on a file that you are uploading to an + # Amazon S3 bucket, use the `SetStatOption` parameter. To have the + # Transfer Family server ignore the `SETSTAT` command and upload files + # without needing to make any changes to your SFTP client, set the + # value to `ENABLE_NO_OP`. If you set the `SetStatOption` parameter to + # `ENABLE_NO_OP`, Transfer Family generates a log entry to Amazon + # CloudWatch Logs, so that you can determine when the client is making + # a `SETSTAT` call. # - # * Use the `TlsSessionResumptionMode` parameter to determine whether or - # not your Transfer server resumes recent, negotiated sessions through - # a unique session ID. + # * To determine whether your Transfer Family server resumes recent, + # negotiated sessions through a unique session ID, use the + # `TlsSessionResumptionMode` parameter. # + # * `As2Transports` indicates the transport method for the AS2 messages. + # Currently, only HTTP is supported. + # # @option params [String] :security_policy_name # Specifies the name of the security policy that is attached to the # server. # # @option params [Array<Types::Tag>] :tags # Key-value pairs that can be used to group and search for servers. # # @option params [Types::WorkflowDetails] :workflow_details # Specifies the workflow ID for the workflow to assign and the execution - # role used for executing the workflow. + # role that's used for executing the workflow. # # @return [Types::CreateServerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::CreateServerResponse#server_id #server_id} => String # @@ -784,15 +1002,16 @@ # }, # identity_provider_type: "SERVICE_MANAGED", # accepts SERVICE_MANAGED, API_GATEWAY, AWS_DIRECTORY_SERVICE, AWS_LAMBDA # logging_role: "Role", # post_authentication_login_banner: "PostAuthenticationLoginBanner", # pre_authentication_login_banner: "PreAuthenticationLoginBanner", - # protocols: ["SFTP"], # accepts SFTP, FTP, FTPS + # protocols: ["SFTP"], # accepts SFTP, FTP, FTPS, AS2 # protocol_details: { # passive_ip: "PassiveIp", # tls_session_resumption_mode: "DISABLED", # accepts DISABLED, ENABLED, ENFORCED # set_stat_option: "DEFAULT", # accepts DEFAULT, ENABLE_NO_OP + # as_2_transports: ["HTTP"], # accepts HTTP # }, # security_policy_name: "SecurityPolicyName", # tags: [ # { # key: "TagKey", # required @@ -825,38 +1044,38 @@ # Creates a user and associates them with an existing file transfer # protocol-enabled server. You can only create and associate users with # servers that have the `IdentityProviderType` set to `SERVICE_MANAGED`. # Using parameters for `CreateUser`, you can specify the user name, set # the home directory, store the user's public key, and assign the - # user's Amazon Web Services Identity and Access Management (IAM) role. - # You can also optionally add a session policy, and assign metadata with - # tags that can be used to group and search for users. + # user's Identity and Access Management (IAM) role. You can also + # optionally add a session policy, and assign metadata with tags that + # can be used to group and search for users. # # @option params [String] :home_directory # The landing directory (folder) for a user when they log in to the # server using the client. # # A `HomeDirectory` example is `/bucket_name/home/mydirectory`. # # @option params [String] :home_directory_type - # The type of landing directory (folder) you want your users' home - # directory to be when they log into the server. If you set it to + # The type of landing directory (folder) that you want your users' home + # directory to be when they log in to the server. If you set it to # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths # as is in their file transfer protocol clients. If you set it # `LOGICAL`, you need to provide mappings in the `HomeDirectoryMappings` - # for how you want to make Amazon S3 or EFS paths visible to your users. + # for how you want to make Amazon S3 or Amazon EFS paths visible to your + # users. # # @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings # Logical directory mappings that specify what Amazon S3 or Amazon EFS # paths and keys should be visible to your user and how you want to make # them visible. You must specify the `Entry` and `Target` pair, where # `Entry` shows how the path is made visible and `Target` is the actual # Amazon S3 or Amazon EFS path. If you only specify a target, it is - # displayed as is. You also must ensure that your Amazon Web Services - # Identity and Access Management (IAM) role provides access to paths in - # `Target`. This value can only be set when `HomeDirectoryType` is set - # to *LOGICAL*. + # displayed as is. You also must ensure that your Identity and Access + # Management (IAM) role provides access to paths in `Target`. This value + # can be set only when `HomeDirectoryType` is set to *LOGICAL*. # # The following is an `Entry` and `Target` pair example. # # `[ \{ "Entry": "/directory1", "Target": # "/bucket_name/home/mydirectory" \} ]` @@ -869,23 +1088,23 @@ # The following is an `Entry` and `Target` pair example for `chroot`. # # `[ \{ "Entry": "/", "Target": "/bucket_name/home/mydirectory" \} ]` # # @option params [String] :policy - # A session policy for your user so that you can use the same IAM role - # across multiple users. This policy scopes down user access to portions - # of their Amazon S3 bucket. Variables that you can use inside this - # policy include `$\{Transfer:UserName\}`, - # `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`. + # A session policy for your user so that you can use the same Identity + # and Access Management (IAM) role across multiple users. This policy + # scopes down a user's access to portions of their Amazon S3 bucket. + # Variables that you can use inside this policy include + # `$\{Transfer:UserName\}`, `$\{Transfer:HomeDirectory\}`, and + # `$\{Transfer:HomeBucket\}`. # - # <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not - # use session policies. + # <note markdown="1"> This policy applies only when the domain of `ServerId` is Amazon S3. + # Amazon EFS does not use session policies. # - # For session policies, Amazon Web Services Transfer Family stores the - # policy as a JSON blob, instead of the Amazon Resource Name (ARN) of - # the policy. You save the policy as a JSON blob and pass it in the - # `Policy` argument. + # For session policies, Transfer Family stores the policy as a JSON + # blob, instead of the Amazon Resource Name (ARN) of the policy. You + # save the policy as a JSON blob and pass it in the `Policy` argument. # # For an example of a session policy, see [Example session policy][1]. # # For more information, see [AssumeRole][2] in the *Amazon Web Services # Security Token Service API Reference*. @@ -904,17 +1123,18 @@ # permissions that are set on files and directories in Amazon EFS # determine the level of access your users get when transferring files # into and out of your Amazon EFS file systems. # # @option params [required, String] :role - # Specifies the Amazon Resource Name (ARN) of the IAM role that controls - # your users' access to your Amazon S3 bucket or EFS file system. The - # policies attached to this role determine the level of access that you - # want to provide your users when transferring files into and out of - # your Amazon S3 bucket or EFS file system. The IAM role should also - # contain a trust relationship that allows the server to access your - # resources when servicing your users' transfer requests. + # The Amazon Resource Name (ARN) of the Identity and Access Management + # (IAM) role that controls your users' access to your Amazon S3 bucket + # or Amazon EFS file system. The policies attached to this role + # determine the level of access that you want to provide your users when + # transferring files into and out of your Amazon S3 bucket or Amazon EFS + # file system. The IAM role should also contain a trust relationship + # that allows the server to access your resources when servicing your + # users' transfer requests. # # @option params [required, String] :server_id # A system-assigned unique identifier for a server instance. This is the # specific server that you added your user to. # @@ -997,24 +1217,24 @@ # workflow. # # The `TYPE` specifies which of the following actions is being taken for # this step. # - # * *COPY*\: copy the file to another location + # * *COPY*\: Copy the file to another location. # - # * *CUSTOM*\: custom step with a lambda target + # * *CUSTOM*\: Perform a custom step with an Lambda function target. # - # * *DELETE*\: delete the file + # * *DELETE*\: Delete the file. # - # * *TAG*\: add a tag to the file + # * *TAG*\: Add a tag to the file. # # <note markdown="1"> Currently, copying and tagging are supported only on S3. # # </note> # # For file location, you specify either the S3 bucket and key, or the - # EFS filesystem ID and path. + # EFS file system ID and path. # # @option params [Array<Types::WorkflowStep>] :on_exception_steps # Specifies the steps (actions) to take if errors are encountered during # execution of the workflow. # @@ -1147,24 +1367,24 @@ # # @option params [required, String] :external_id # A unique identifier that is required to identify specific groups # within your directory. The users of the group that you associate have # access to your Amazon S3 or Amazon EFS resources over the enabled - # protocols using Amazon Web Services Transfer Family. If you know the - # group name, you can view the SID values by running the following - # command using Windows PowerShell. + # protocols using Transfer Family. If you know the group name, you can + # view the SID values by running the following command using Windows + # PowerShell. # # `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\} # -Properties * | Select SamAccountName,ObjectSid` # # In that command, replace *YourGroupName* with the name of your Active # Directory group. # - # The regex used to validate this parameter is a string of characters - # consisting of uppercase and lowercase alphanumeric characters with no - # spaces. You can also include underscores or any of the following - # characters: =,.@:/- + # The regular expression used to validate this parameter is a string of + # characters consisting of uppercase and lowercase alphanumeric + # characters with no spaces. You can also include underscores or any of + # the following characters: =,.@:/- # # @return [Struct] Returns an empty {Seahorse::Client::Response response}. # # @example Request syntax with placeholder values # @@ -1180,10 +1400,104 @@ def delete_access(params = {}, options = {}) req = build_request(:delete_access, params) req.send_request(options) end + # Delete the agreement that's specified in the provided `AgreementId`. + # + # @option params [required, String] :agreement_id + # A unique identifier for the agreement. This identifier is returned + # when you create an agreement. + # + # @option params [required, String] :server_id + # The server ID associated with the agreement that you are deleting. + # + # @return [Struct] Returns an empty {Seahorse::Client::Response response}. + # + # @example Request syntax with placeholder values + # + # resp = client.delete_agreement({ + # agreement_id: "AgreementId", # required + # server_id: "ServerId", # required + # }) + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteAgreement AWS API Documentation + # + # @overload delete_agreement(params = {}) + # @param [Hash] params ({}) + def delete_agreement(params = {}, options = {}) + req = build_request(:delete_agreement, params) + req.send_request(options) + end + + # Deletes the certificate that's specified in the `CertificateId` + # parameter. + # + # @option params [required, String] :certificate_id + # The ID of the certificate object that you are deleting. + # + # @return [Struct] Returns an empty {Seahorse::Client::Response response}. + # + # @example Request syntax with placeholder values + # + # resp = client.delete_certificate({ + # certificate_id: "CertificateId", # required + # }) + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteCertificate AWS API Documentation + # + # @overload delete_certificate(params = {}) + # @param [Hash] params ({}) + def delete_certificate(params = {}, options = {}) + req = build_request(:delete_certificate, params) + req.send_request(options) + end + + # Deletes the agreement that's specified in the provided `ConnectorId`. + # + # @option params [required, String] :connector_id + # The unique identifier for the connector. + # + # @return [Struct] Returns an empty {Seahorse::Client::Response response}. + # + # @example Request syntax with placeholder values + # + # resp = client.delete_connector({ + # connector_id: "ConnectorId", # required + # }) + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteConnector AWS API Documentation + # + # @overload delete_connector(params = {}) + # @param [Hash] params ({}) + def delete_connector(params = {}, options = {}) + req = build_request(:delete_connector, params) + req.send_request(options) + end + + # Deletes the profile that's specified in the `ProfileId` parameter. + # + # @option params [required, String] :profile_id + # The ID of the profile that you are deleting. + # + # @return [Struct] Returns an empty {Seahorse::Client::Response response}. + # + # @example Request syntax with placeholder values + # + # resp = client.delete_profile({ + # profile_id: "ProfileId", # required + # }) + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteProfile AWS API Documentation + # + # @overload delete_profile(params = {}) + # @param [Hash] params ({}) + def delete_profile(params = {}, options = {}) + req = build_request(:delete_profile, params) + req.send_request(options) + end + # Deletes the file transfer protocol-enabled server that you specify. # # No response returns from this operation. # # @option params [required, String] :server_id @@ -1295,11 +1609,11 @@ req.send_request(options) end # Describes the access that is assigned to the specific file transfer # protocol-enabled server, as identified by its `ServerId` property and - # its `ExternalID`. + # its `ExternalId`. # # The response from this call returns the properties of the access that # is associated with the `ServerId` value that was specified. # # @option params [required, String] :server_id @@ -1308,24 +1622,24 @@ # # @option params [required, String] :external_id # A unique identifier that is required to identify specific groups # within your directory. The users of the group that you associate have # access to your Amazon S3 or Amazon EFS resources over the enabled - # protocols using Amazon Web Services Transfer Family. If you know the - # group name, you can view the SID values by running the following - # command using Windows PowerShell. + # protocols using Transfer Family. If you know the group name, you can + # view the SID values by running the following command using Windows + # PowerShell. # # `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\} # -Properties * | Select SamAccountName,ObjectSid` # # In that command, replace *YourGroupName* with the name of your Active # Directory group. # - # The regex used to validate this parameter is a string of characters - # consisting of uppercase and lowercase alphanumeric characters with no - # spaces. You can also include underscores or any of the following - # characters: =,.@:/- + # The regular expression used to validate this parameter is a string of + # characters consisting of uppercase and lowercase alphanumeric + # characters with no spaces. You can also include underscores or any of + # the following characters: =,.@:/- # # @return [Types::DescribeAccessResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DescribeAccessResponse#server_id #server_id} => String # * {Types::DescribeAccessResponse#access #access} => Types::DescribedAccess @@ -1360,10 +1674,141 @@ def describe_access(params = {}, options = {}) req = build_request(:describe_access, params) req.send_request(options) end + # Describes the agreement that's identified by the `AgreementId`. + # + # @option params [required, String] :agreement_id + # A unique identifier for the agreement. This identifier is returned + # when you create an agreement. + # + # @option params [required, String] :server_id + # The server ID that's associated with the agreement. + # + # @return [Types::DescribeAgreementResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::DescribeAgreementResponse#agreement #agreement} => Types::DescribedAgreement + # + # @example Request syntax with placeholder values + # + # resp = client.describe_agreement({ + # agreement_id: "AgreementId", # required + # server_id: "ServerId", # required + # }) + # + # @example Response structure + # + # resp.agreement.arn #=> String + # resp.agreement.agreement_id #=> String + # resp.agreement.description #=> String + # resp.agreement.status #=> String, one of "ACTIVE", "INACTIVE" + # resp.agreement.server_id #=> String + # resp.agreement.local_profile_id #=> String + # resp.agreement.partner_profile_id #=> String + # resp.agreement.base_directory #=> String + # resp.agreement.access_role #=> String + # resp.agreement.tags #=> Array + # resp.agreement.tags[0].key #=> String + # resp.agreement.tags[0].value #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeAgreement AWS API Documentation + # + # @overload describe_agreement(params = {}) + # @param [Hash] params ({}) + def describe_agreement(params = {}, options = {}) + req = build_request(:describe_agreement, params) + req.send_request(options) + end + + # Describes the certificate that's identified by the `CertificateId`. + # + # @option params [required, String] :certificate_id + # An array of identifiers for the imported certificates. You use this + # identifier for working with profiles and partner profiles. + # + # @return [Types::DescribeCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::DescribeCertificateResponse#certificate #certificate} => Types::DescribedCertificate + # + # @example Request syntax with placeholder values + # + # resp = client.describe_certificate({ + # certificate_id: "CertificateId", # required + # }) + # + # @example Response structure + # + # resp.certificate.arn #=> String + # resp.certificate.certificate_id #=> String + # resp.certificate.usage #=> String, one of "SIGNING", "ENCRYPTION" + # resp.certificate.status #=> String, one of "ACTIVE", "PENDING_ROTATION", "INACTIVE" + # resp.certificate.certificate #=> String + # resp.certificate.certificate_chain #=> String + # resp.certificate.active_date #=> Time + # resp.certificate.inactive_date #=> Time + # resp.certificate.serial #=> String + # resp.certificate.not_before_date #=> Time + # resp.certificate.not_after_date #=> Time + # resp.certificate.type #=> String, one of "CERTIFICATE", "CERTIFICATE_WITH_PRIVATE_KEY" + # resp.certificate.description #=> String + # resp.certificate.tags #=> Array + # resp.certificate.tags[0].key #=> String + # resp.certificate.tags[0].value #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeCertificate AWS API Documentation + # + # @overload describe_certificate(params = {}) + # @param [Hash] params ({}) + def describe_certificate(params = {}, options = {}) + req = build_request(:describe_certificate, params) + req.send_request(options) + end + + # Describes the connector that's identified by the `ConnectorId.` + # + # @option params [required, String] :connector_id + # The unique identifier for the connector. + # + # @return [Types::DescribeConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::DescribeConnectorResponse#connector #connector} => Types::DescribedConnector + # + # @example Request syntax with placeholder values + # + # resp = client.describe_connector({ + # connector_id: "ConnectorId", # required + # }) + # + # @example Response structure + # + # resp.connector.arn #=> String + # resp.connector.connector_id #=> String + # resp.connector.url #=> String + # resp.connector.as_2_config.local_profile_id #=> String + # resp.connector.as_2_config.partner_profile_id #=> String + # resp.connector.as_2_config.message_subject #=> String + # resp.connector.as_2_config.compression #=> String, one of "ZLIB", "DISABLED" + # resp.connector.as_2_config.encryption_algorithm #=> String, one of "AES128_CBC", "AES192_CBC", "AES256_CBC" + # resp.connector.as_2_config.signing_algorithm #=> String, one of "SHA256", "SHA384", "SHA512", "SHA1", "NONE" + # resp.connector.as_2_config.mdn_signing_algorithm #=> String, one of "SHA256", "SHA384", "SHA512", "SHA1", "NONE", "DEFAULT" + # resp.connector.as_2_config.mdn_response #=> String, one of "SYNC", "NONE" + # resp.connector.access_role #=> String + # resp.connector.logging_role #=> String + # resp.connector.tags #=> Array + # resp.connector.tags[0].key #=> String + # resp.connector.tags[0].value #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeConnector AWS API Documentation + # + # @overload describe_connector(params = {}) + # @param [Hash] params ({}) + def describe_connector(params = {}, options = {}) + req = build_request(:describe_connector, params) + req.send_request(options) + end + # You can use `DescribeExecution` to check the details of the execution # of the specified workflow. # # @option params [required, String] :execution_id # A unique identifier for the execution of a workflow. @@ -1422,10 +1867,47 @@ def describe_execution(params = {}, options = {}) req = build_request(:describe_execution, params) req.send_request(options) end + # Returns the details of the profile that's specified by the + # `ProfileId`. + # + # @option params [required, String] :profile_id + # The identifier of the profile that you want described. + # + # @return [Types::DescribeProfileResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::DescribeProfileResponse#profile #profile} => Types::DescribedProfile + # + # @example Request syntax with placeholder values + # + # resp = client.describe_profile({ + # profile_id: "ProfileId", # required + # }) + # + # @example Response structure + # + # resp.profile.arn #=> String + # resp.profile.profile_id #=> String + # resp.profile.profile_type #=> String, one of "LOCAL", "PARTNER" + # resp.profile.as_2_id #=> String + # resp.profile.certificate_ids #=> Array + # resp.profile.certificate_ids[0] #=> String + # resp.profile.tags #=> Array + # resp.profile.tags[0].key #=> String + # resp.profile.tags[0].value #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeProfile AWS API Documentation + # + # @overload describe_profile(params = {}) + # @param [Hash] params ({}) + def describe_profile(params = {}, options = {}) + req = build_request(:describe_profile, params) + req.send_request(options) + end + # Describes the security policy that is attached to your file transfer # protocol-enabled server. The response contains a description of the # security policy's properties. For more information about security # policies, see [Working with security policies][1]. # @@ -1494,10 +1976,12 @@ # resp.server.arn #=> String # resp.server.certificate #=> String # resp.server.protocol_details.passive_ip #=> String # resp.server.protocol_details.tls_session_resumption_mode #=> String, one of "DISABLED", "ENABLED", "ENFORCED" # resp.server.protocol_details.set_stat_option #=> String, one of "DEFAULT", "ENABLE_NO_OP" + # resp.server.protocol_details.as_2_transports #=> Array + # resp.server.protocol_details.as_2_transports[0] #=> String, one of "HTTP" # resp.server.domain #=> String, one of "S3", "EFS" # resp.server.endpoint_details.address_allocation_ids #=> Array # resp.server.endpoint_details.address_allocation_ids[0] #=> String # resp.server.endpoint_details.subnet_ids #=> Array # resp.server.endpoint_details.subnet_ids[0] #=> String @@ -1514,11 +1998,11 @@ # resp.server.identity_provider_type #=> String, one of "SERVICE_MANAGED", "API_GATEWAY", "AWS_DIRECTORY_SERVICE", "AWS_LAMBDA" # resp.server.logging_role #=> String # resp.server.post_authentication_login_banner #=> String # resp.server.pre_authentication_login_banner #=> String # resp.server.protocols #=> Array - # resp.server.protocols[0] #=> String, one of "SFTP", "FTP", "FTPS" + # resp.server.protocols[0] #=> String, one of "SFTP", "FTP", "FTPS", "AS2" # resp.server.security_policy_name #=> String # resp.server.server_id #=> String # resp.server.state #=> String, one of "OFFLINE", "ONLINE", "STARTING", "STOPPING", "START_FAILED", "STOP_FAILED" # resp.server.tags #=> Array # resp.server.tags[0].key #=> String @@ -1553,12 +2037,12 @@ # A system-assigned unique identifier for a server that has this user # assigned. # # @option params [required, String] :user_name # The name of the user assigned to one or more servers. User names are - # part of the sign-in credentials to use the Amazon Web Services - # Transfer Family service and perform file transfer tasks. + # part of the sign-in credentials to use the Transfer Family service and + # perform file transfer tasks. # # @return [Types::DescribeUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DescribeUserResponse#server_id #server_id} => String # * {Types::DescribeUserResponse#user #user} => Types::DescribedUser @@ -1674,10 +2158,74 @@ def describe_workflow(params = {}, options = {}) req = build_request(:describe_workflow, params) req.send_request(options) end + # Imports the signing and encryption certificates that you need to + # create local (AS2) profiles and partner profiles. + # + # @option params [required, String] :usage + # Specifies whether this certificate is used for signing or encryption. + # + # @option params [required, String] :certificate + # The file that contains the certificate to import. + # + # @option params [String] :certificate_chain + # An optional list of certificates that make up the chain for the + # certificate that's being imported. + # + # @option params [String] :private_key + # The file that contains the private key for the certificate that's + # being imported. + # + # @option params [Time,DateTime,Date,Integer,String] :active_date + # An optional date that specifies when the certificate becomes active. + # + # @option params [Time,DateTime,Date,Integer,String] :inactive_date + # An optional date that specifies when the certificate becomes inactive. + # + # @option params [String] :description + # A short description that helps identify the certificate. + # + # @option params [Array<Types::Tag>] :tags + # Key-value pairs that can be used to group and search for certificates. + # + # @return [Types::ImportCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ImportCertificateResponse#certificate_id #certificate_id} => String + # + # @example Request syntax with placeholder values + # + # resp = client.import_certificate({ + # usage: "SIGNING", # required, accepts SIGNING, ENCRYPTION + # certificate: "CertificateBodyType", # required + # certificate_chain: "CertificateChainType", + # private_key: "PrivateKeyType", + # active_date: Time.now, + # inactive_date: Time.now, + # description: "Description", + # tags: [ + # { + # key: "TagKey", # required + # value: "TagValue", # required + # }, + # ], + # }) + # + # @example Response structure + # + # resp.certificate_id #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ImportCertificate AWS API Documentation + # + # @overload import_certificate(params = {}) + # @param [Hash] params ({}) + def import_certificate(params = {}, options = {}) + req = build_request(:import_certificate, params) + req.send_request(options) + end + # Adds a Secure Shell (SSH) public key to a user account identified by a # `UserName` value assigned to the specific file transfer # protocol-enabled server, identified by `ServerId`. # # The response returns the `UserName` value, the `ServerId` value, and @@ -1771,29 +2319,178 @@ def list_accesses(params = {}, options = {}) req = build_request(:list_accesses, params) req.send_request(options) end + # Returns a list of the agreements for the server that's identified by + # the `ServerId` that you supply. If you want to limit the results to a + # certain number, supply a value for the `MaxResults` parameter. If you + # ran the command previously and received a value for `NextToken`, you + # can supply that value to continue listing agreements from where you + # left off. + # + # @option params [Integer] :max_results + # The maximum number of agreements to return. + # + # @option params [String] :next_token + # When you can get additional results from the `ListAgreements` call, a + # `NextToken` parameter is returned in the output. You can then pass in + # a subsequent command to the `NextToken` parameter to continue listing + # additional agreements. + # + # @option params [required, String] :server_id + # The identifier of the server for which you want a list of agreements. + # + # @return [Types::ListAgreementsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ListAgreementsResponse#next_token #next_token} => String + # * {Types::ListAgreementsResponse#agreements #agreements} => Array&lt;Types::ListedAgreement&gt; + # + # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}. + # + # @example Request syntax with placeholder values + # + # resp = client.list_agreements({ + # max_results: 1, + # next_token: "NextToken", + # server_id: "ServerId", # required + # }) + # + # @example Response structure + # + # resp.next_token #=> String + # resp.agreements #=> Array + # resp.agreements[0].arn #=> String + # resp.agreements[0].agreement_id #=> String + # resp.agreements[0].description #=> String + # resp.agreements[0].status #=> String, one of "ACTIVE", "INACTIVE" + # resp.agreements[0].server_id #=> String + # resp.agreements[0].local_profile_id #=> String + # resp.agreements[0].partner_profile_id #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListAgreements AWS API Documentation + # + # @overload list_agreements(params = {}) + # @param [Hash] params ({}) + def list_agreements(params = {}, options = {}) + req = build_request(:list_agreements, params) + req.send_request(options) + end + + # Returns a list of the current certificates that have been imported + # into Transfer Family. If you want to limit the results to a certain + # number, supply a value for the `MaxResults` parameter. If you ran the + # command previously and received a value for the `NextToken` parameter, + # you can supply that value to continue listing certificates from where + # you left off. + # + # @option params [Integer] :max_results + # The maximum number of certificates to return. + # + # @option params [String] :next_token + # When you can get additional results from the `ListCertificates` call, + # a `NextToken` parameter is returned in the output. You can then pass + # in a subsequent command to the `NextToken` parameter to continue + # listing additional certificates. + # + # @return [Types::ListCertificatesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ListCertificatesResponse#next_token #next_token} => String + # * {Types::ListCertificatesResponse#certificates #certificates} => Array&lt;Types::ListedCertificate&gt; + # + # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}. + # + # @example Request syntax with placeholder values + # + # resp = client.list_certificates({ + # max_results: 1, + # next_token: "NextToken", + # }) + # + # @example Response structure + # + # resp.next_token #=> String + # resp.certificates #=> Array + # resp.certificates[0].arn #=> String + # resp.certificates[0].certificate_id #=> String + # resp.certificates[0].usage #=> String, one of "SIGNING", "ENCRYPTION" + # resp.certificates[0].status #=> String, one of "ACTIVE", "PENDING_ROTATION", "INACTIVE" + # resp.certificates[0].active_date #=> Time + # resp.certificates[0].inactive_date #=> Time + # resp.certificates[0].type #=> String, one of "CERTIFICATE", "CERTIFICATE_WITH_PRIVATE_KEY" + # resp.certificates[0].description #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListCertificates AWS API Documentation + # + # @overload list_certificates(params = {}) + # @param [Hash] params ({}) + def list_certificates(params = {}, options = {}) + req = build_request(:list_certificates, params) + req.send_request(options) + end + + # Lists the connectors for the specified Region. + # + # @option params [Integer] :max_results + # The maximum number of connectors to return. + # + # @option params [String] :next_token + # When you can get additional results from the `ListConnectors` call, a + # `NextToken` parameter is returned in the output. You can then pass in + # a subsequent command to the `NextToken` parameter to continue listing + # additional connectors. + # + # @return [Types::ListConnectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ListConnectorsResponse#next_token #next_token} => String + # * {Types::ListConnectorsResponse#connectors #connectors} => Array&lt;Types::ListedConnector&gt; + # + # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}. + # + # @example Request syntax with placeholder values + # + # resp = client.list_connectors({ + # max_results: 1, + # next_token: "NextToken", + # }) + # + # @example Response structure + # + # resp.next_token #=> String + # resp.connectors #=> Array + # resp.connectors[0].arn #=> String + # resp.connectors[0].connector_id #=> String + # resp.connectors[0].url #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListConnectors AWS API Documentation + # + # @overload list_connectors(params = {}) + # @param [Hash] params ({}) + def list_connectors(params = {}, options = {}) + req = build_request(:list_connectors, params) + req.send_request(options) + end + # Lists all executions for the specified workflow. # # @option params [Integer] :max_results - # Specifies the aximum number of executions to return. + # Specifies the maximum number of executions to return. # # @option params [String] :next_token # `ListExecutions` returns the `NextToken` parameter in the output. You # can then pass the `NextToken` parameter in a subsequent command to # continue listing additional executions. # # This is useful for pagination, for instance. If you have 100 # executions for a workflow, you might only want to list first 10. If - # so, callthe API by specifing the `max-results`\: + # so, call the API by specifying the `max-results`\: # # `aws transfer list-executions --max-results 10` # # This returns details for the first 10 executions, as well as the # pointer (`NextToken`) to the eleventh execution. You can now call the - # API again, suppling the `NextToken` value you received: + # API again, supplying the `NextToken` value you received: # # `aws transfer list-executions --max-results 10 --next-token # $somePointerReturnedFromPreviousListResult` # # This call returns the next 10 executions, the 11th through the 20th. @@ -1843,10 +2540,62 @@ def list_executions(params = {}, options = {}) req = build_request(:list_executions, params) req.send_request(options) end + # Returns a list of the profiles for your system. If you want to limit + # the results to a certain number, supply a value for the `MaxResults` + # parameter. If you ran the command previously and received a value for + # `NextToken`, you can supply that value to continue listing profiles + # from where you left off. + # + # @option params [Integer] :max_results + # The maximum number of profiles to return. + # + # @option params [String] :next_token + # When there are additional results that were not returned, a + # `NextToken` parameter is returned. You can use that value for a + # subsequent call to `ListProfiles` to continue listing results. + # + # @option params [String] :profile_type + # Indicates whether to list only `LOCAL` type profiles or only `PARTNER` + # type profiles. If not supplied in the request, the command lists all + # types of profiles. + # + # @return [Types::ListProfilesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ListProfilesResponse#next_token #next_token} => String + # * {Types::ListProfilesResponse#profiles #profiles} => Array&lt;Types::ListedProfile&gt; + # + # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}. + # + # @example Request syntax with placeholder values + # + # resp = client.list_profiles({ + # max_results: 1, + # next_token: "NextToken", + # profile_type: "LOCAL", # accepts LOCAL, PARTNER + # }) + # + # @example Response structure + # + # resp.next_token #=> String + # resp.profiles #=> Array + # resp.profiles[0].arn #=> String + # resp.profiles[0].profile_id #=> String + # resp.profiles[0].as_2_id #=> String + # resp.profiles[0].profile_type #=> String, one of "LOCAL", "PARTNER" + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ListProfiles AWS API Documentation + # + # @overload list_profiles(params = {}) + # @param [Hash] params ({}) + def list_profiles(params = {}, options = {}) + req = build_request(:list_profiles, params) + req.send_request(options) + end + # Lists the security policies that are attached to your file transfer # protocol-enabled servers. # # @option params [Integer] :max_results # Specifies the number of security policies to return as a response to @@ -2119,10 +2868,45 @@ def send_workflow_step_state(params = {}, options = {}) req = build_request(:send_workflow_step_state, params) req.send_request(options) end + # Begins an outbound file transfer. You specify the `ConnectorId` and + # the file paths for where to send the files. + # + # @option params [required, String] :connector_id + # The unique identifier for the connector. + # + # @option params [required, Array<String>] :send_file_paths + # An array of strings. Each string represents the absolute path for one + # outbound file transfer. For example, ` DOC-EXAMPLE-BUCKET/myfile.txt + # `. + # + # @return [Types::StartFileTransferResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::StartFileTransferResponse#transfer_id #transfer_id} => String + # + # @example Request syntax with placeholder values + # + # resp = client.start_file_transfer({ + # connector_id: "ConnectorId", # required + # send_file_paths: ["FilePath"], # required + # }) + # + # @example Response structure + # + # resp.transfer_id #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/StartFileTransfer AWS API Documentation + # + # @overload start_file_transfer(params = {}) + # @param [Hash] params ({}) + def start_file_transfer(params = {}, options = {}) + req = build_request(:start_file_transfer, params) + req.send_request(options) + end + # Changes the state of a file transfer protocol-enabled server from # `OFFLINE` to `ONLINE`. It has no impact on a server that is already # `ONLINE`. An `ONLINE` server can accept and process file transfer # jobs. # @@ -2155,11 +2939,11 @@ # Changes the state of a file transfer protocol-enabled server from # `ONLINE` to `OFFLINE`. An `OFFLINE` server cannot accept and process # file transfer jobs. Information tied to your server, such as server # and user properties, are not affected by stopping your server. # - # <note markdown="1"> Stopping the server will not reduce or impact your file transfer + # <note markdown="1"> Stopping the server does not reduce or impact your file transfer # protocol endpoint billing; you must delete the server to stop being # billed. # # </note> # @@ -2293,11 +3077,11 @@ # # @example Request syntax with placeholder values # # resp = client.test_identity_provider({ # server_id: "ServerId", # required - # server_protocol: "SFTP", # accepts SFTP, FTP, FTPS + # server_protocol: "SFTP", # accepts SFTP, FTP, FTPS, AS2 # source_ip: "SourceIp", # user_name: "UserName", # required # user_password: "UserPassword", # }) # @@ -2359,27 +3143,27 @@ # server using the client. # # A `HomeDirectory` example is `/bucket_name/home/mydirectory`. # # @option params [String] :home_directory_type - # The type of landing directory (folder) you want your users' home - # directory to be when they log into the server. If you set it to + # The type of landing directory (folder) that you want your users' home + # directory to be when they log in to the server. If you set it to # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths # as is in their file transfer protocol clients. If you set it # `LOGICAL`, you need to provide mappings in the `HomeDirectoryMappings` - # for how you want to make Amazon S3 or EFS paths visible to your users. + # for how you want to make Amazon S3 or Amazon EFS paths visible to your + # users. # # @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings # Logical directory mappings that specify what Amazon S3 or Amazon EFS # paths and keys should be visible to your user and how you want to make # them visible. You must specify the `Entry` and `Target` pair, where # `Entry` shows how the path is made visible and `Target` is the actual # Amazon S3 or Amazon EFS path. If you only specify a target, it is - # displayed as is. You also must ensure that your Amazon Web Services - # Identity and Access Management (IAM) role provides access to paths in - # `Target`. This value can only be set when `HomeDirectoryType` is set - # to *LOGICAL*. + # displayed as is. You also must ensure that your Identity and Access + # Management (IAM) role provides access to paths in `Target`. This value + # can be set only when `HomeDirectoryType` is set to *LOGICAL*. # # The following is an `Entry` and `Target` pair example. # # `[ \{ "Entry": "/directory1", "Target": # "/bucket_name/home/mydirectory" \} ]` @@ -2392,23 +3176,23 @@ # The following is an `Entry` and `Target` pair example for `chroot`. # # `[ \{ "Entry": "/", "Target": "/bucket_name/home/mydirectory" \} ]` # # @option params [String] :policy - # A session policy for your user so that you can use the same IAM role - # across multiple users. This policy scopes down user access to portions - # of their Amazon S3 bucket. Variables that you can use inside this - # policy include `$\{Transfer:UserName\}`, - # `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`. + # A session policy for your user so that you can use the same Identity + # and Access Management (IAM) role across multiple users. This policy + # scopes down a user's access to portions of their Amazon S3 bucket. + # Variables that you can use inside this policy include + # `$\{Transfer:UserName\}`, `$\{Transfer:HomeDirectory\}`, and + # `$\{Transfer:HomeBucket\}`. # - # <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not - # use session policies. + # <note markdown="1"> This policy applies only when the domain of `ServerId` is Amazon S3. + # Amazon EFS does not use session policies. # - # For session policies, Amazon Web Services Transfer Family stores the - # policy as a JSON blob, instead of the Amazon Resource Name (ARN) of - # the policy. You save the policy as a JSON blob and pass it in the - # `Policy` argument. + # For session policies, Transfer Family stores the policy as a JSON + # blob, instead of the Amazon Resource Name (ARN) of the policy. You + # save the policy as a JSON blob and pass it in the `Policy` argument. # # For an example of a session policy, see [Example session policy][1]. # # For more information, see [AssumeRole][2] in the *Amazon Web # ServicesSecurity Token Service API Reference*. @@ -2427,40 +3211,41 @@ # that are set on files and directories in your file system determine # the level of access your users get when transferring files into and # out of your Amazon EFS file systems. # # @option params [String] :role - # Specifies the Amazon Resource Name (ARN) of the IAM role that controls - # your users' access to your Amazon S3 bucket or EFS file system. The - # policies attached to this role determine the level of access that you - # want to provide your users when transferring files into and out of - # your Amazon S3 bucket or EFS file system. The IAM role should also - # contain a trust relationship that allows the server to access your - # resources when servicing your users' transfer requests. + # The Amazon Resource Name (ARN) of the Identity and Access Management + # (IAM) role that controls your users' access to your Amazon S3 bucket + # or Amazon EFS file system. The policies attached to this role + # determine the level of access that you want to provide your users when + # transferring files into and out of your Amazon S3 bucket or Amazon EFS + # file system. The IAM role should also contain a trust relationship + # that allows the server to access your resources when servicing your + # users' transfer requests. # # @option params [required, String] :server_id # A system-assigned unique identifier for a server instance. This is the # specific server that you added your user to. # # @option params [required, String] :external_id # A unique identifier that is required to identify specific groups # within your directory. The users of the group that you associate have # access to your Amazon S3 or Amazon EFS resources over the enabled - # protocols using Amazon Web Services Transfer Family. If you know the - # group name, you can view the SID values by running the following - # command using Windows PowerShell. + # protocols using Transfer Family. If you know the group name, you can + # view the SID values by running the following command using Windows + # PowerShell. # # `Get-ADGroup -Filter \{samAccountName -like "YourGroupName*"\} # -Properties * | Select SamAccountName,ObjectSid` # # In that command, replace *YourGroupName* with the name of your Active # Directory group. # - # The regex used to validate this parameter is a string of characters - # consisting of uppercase and lowercase alphanumeric characters with no - # spaces. You can also include underscores or any of the following - # characters: =,.@:/- + # The regular expression used to validate this parameter is a string of + # characters consisting of uppercase and lowercase alphanumeric + # characters with no spaces. You can also include underscores or any of + # the following characters: =,.@:/- # # @return [Types::UpdateAccessResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::UpdateAccessResponse#server_id #server_id} => String # * {Types::UpdateAccessResponse#external_id #external_id} => String @@ -2499,10 +3284,220 @@ def update_access(params = {}, options = {}) req = build_request(:update_access, params) req.send_request(options) end + # Updates some of the parameters for an existing agreement. Provide the + # `AgreementId` and the `ServerId` for the agreement that you want to + # update, along with the new values for the parameters to update. + # + # @option params [required, String] :agreement_id + # A unique identifier for the agreement. This identifier is returned + # when you create an agreement. + # + # @option params [required, String] :server_id + # A system-assigned unique identifier for a server instance. This is the + # specific server that the agreement uses. + # + # @option params [String] :description + # To replace the existing description, provide a short description for + # the agreement. + # + # @option params [String] :status + # You can update the status for the agreement, either activating an + # inactive agreement or the reverse. + # + # @option params [String] :local_profile_id + # To change the local profile identifier, provide a new value here. + # + # @option params [String] :partner_profile_id + # To change the partner profile identifier, provide a new value here. + # + # @option params [String] :base_directory + # To change the landing directory (folder) for files that are + # transferred, provide the bucket folder that you want to use; for + # example, `/DOC-EXAMPLE-BUCKET/home/mydirectory `. + # + # @option params [String] :access_role + # The Amazon Resource Name (ARN) of the Identity and Access Management + # (IAM) role that grants access to at least the `HomeDirectory` of your + # users' Amazon S3 buckets. + # + # @return [Types::UpdateAgreementResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::UpdateAgreementResponse#agreement_id #agreement_id} => String + # + # @example Request syntax with placeholder values + # + # resp = client.update_agreement({ + # agreement_id: "AgreementId", # required + # server_id: "ServerId", # required + # description: "Description", + # status: "ACTIVE", # accepts ACTIVE, INACTIVE + # local_profile_id: "ProfileId", + # partner_profile_id: "ProfileId", + # base_directory: "HomeDirectory", + # access_role: "Role", + # }) + # + # @example Response structure + # + # resp.agreement_id #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateAgreement AWS API Documentation + # + # @overload update_agreement(params = {}) + # @param [Hash] params ({}) + def update_agreement(params = {}, options = {}) + req = build_request(:update_agreement, params) + req.send_request(options) + end + + # Updates the active and inactive dates for a certificate. + # + # @option params [required, String] :certificate_id + # The identifier of the certificate object that you are updating. + # + # @option params [Time,DateTime,Date,Integer,String] :active_date + # An optional date that specifies when the certificate becomes active. + # + # @option params [Time,DateTime,Date,Integer,String] :inactive_date + # An optional date that specifies when the certificate becomes inactive. + # + # @option params [String] :description + # A short description to help identify the certificate. + # + # @return [Types::UpdateCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::UpdateCertificateResponse#certificate_id #certificate_id} => String + # + # @example Request syntax with placeholder values + # + # resp = client.update_certificate({ + # certificate_id: "CertificateId", # required + # active_date: Time.now, + # inactive_date: Time.now, + # description: "Description", + # }) + # + # @example Response structure + # + # resp.certificate_id #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateCertificate AWS API Documentation + # + # @overload update_certificate(params = {}) + # @param [Hash] params ({}) + def update_certificate(params = {}, options = {}) + req = build_request(:update_certificate, params) + req.send_request(options) + end + + # Updates some of the parameters for an existing connector. Provide the + # `ConnectorId` for the connector that you want to update, along with + # the new values for the parameters to update. + # + # @option params [required, String] :connector_id + # The unique identifier for the connector. + # + # @option params [String] :url + # The URL of the partner's AS2 endpoint. + # + # @option params [Types::As2ConnectorConfig] :as_2_config + # A structure that contains the parameters for a connector object. + # + # @option params [String] :access_role + # With AS2, you can send files by calling `StartFileTransfer` and + # specifying the file paths in the request parameter, `SendFilePaths`. + # We use the file’s parent directory (for example, for + # `--send-file-paths /bucket/dir/file.txt`, parent directory is + # `/bucket/dir/`) to temporarily store a processed AS2 message file, + # store the MDN when we receive them from the partner, and write a final + # JSON file containing relevant metadata of the transmission. So, the + # `AccessRole` needs to provide read and write access to the parent + # directory of the file location used in the `StartFileTransfer` + # request. Additionally, you need to provide read and write access to + # the parent directory of the files that you intend to send with + # `StartFileTransfer`. + # + # @option params [String] :logging_role + # The Amazon Resource Name (ARN) of the Identity and Access Management + # (IAM) role that allows a connector to turn on CloudWatch logging for + # Amazon S3 events. When set, you can view connector activity in your + # CloudWatch logs. + # + # @return [Types::UpdateConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::UpdateConnectorResponse#connector_id #connector_id} => String + # + # @example Request syntax with placeholder values + # + # resp = client.update_connector({ + # connector_id: "ConnectorId", # required + # url: "Url", + # as_2_config: { + # local_profile_id: "ProfileId", + # partner_profile_id: "ProfileId", + # message_subject: "MessageSubject", + # compression: "ZLIB", # accepts ZLIB, DISABLED + # encryption_algorithm: "AES128_CBC", # accepts AES128_CBC, AES192_CBC, AES256_CBC + # signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE + # mdn_signing_algorithm: "SHA256", # accepts SHA256, SHA384, SHA512, SHA1, NONE, DEFAULT + # mdn_response: "SYNC", # accepts SYNC, NONE + # }, + # access_role: "Role", + # logging_role: "Role", + # }) + # + # @example Response structure + # + # resp.connector_id #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateConnector AWS API Documentation + # + # @overload update_connector(params = {}) + # @param [Hash] params ({}) + def update_connector(params = {}, options = {}) + req = build_request(:update_connector, params) + req.send_request(options) + end + + # Updates some of the parameters for an existing profile. Provide the + # `ProfileId` for the profile that you want to update, along with the + # new values for the parameters to update. + # + # @option params [required, String] :profile_id + # The identifier of the profile object that you are updating. + # + # @option params [Array<String>] :certificate_ids + # An array of identifiers for the imported certificates. You use this + # identifier for working with profiles and partner profiles. + # + # @return [Types::UpdateProfileResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::UpdateProfileResponse#profile_id #profile_id} => String + # + # @example Request syntax with placeholder values + # + # resp = client.update_profile({ + # profile_id: "ProfileId", # required + # certificate_ids: ["CertificateId"], + # }) + # + # @example Response structure + # + # resp.profile_id #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateProfile AWS API Documentation + # + # @overload update_profile(params = {}) + # @param [Hash] params ({}) + def update_profile(params = {}, options = {}) + req = build_request(:update_profile, params) + req.send_request(options) + end + # Updates the file transfer protocol-enabled server's properties after # that server has been created. # # The `UpdateServer` call returns the `ServerId` of the server you # updated. @@ -2548,34 +3543,38 @@ # [3]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html # # @option params [Types::ProtocolDetails] :protocol_details # The protocol settings that are configured for your server. # - # * Use the `PassiveIp` parameter to indicate passive mode (for FTP and - # FTPS protocols). Enter a single dotted-quad IPv4 address, such as - # the external IP address of a firewall, router, or load balancer. + # * To indicate passive mode (for FTP and FTPS protocols), use the + # `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such + # as the external IP address of a firewall, router, or load balancer. # - # * Use the `SetStatOption` to ignore the error that is generated when - # the client attempts to use SETSTAT on a file you are uploading to an - # S3 bucket. Set the value to `ENABLE_NO_OP` to have the Transfer - # Family server ignore the SETSTAT command, and upload files without - # needing to make any changes to your SFTP client. Note that with - # `SetStatOption` set to `ENABLE_NO_OP`, Transfer generates a log - # entry to CloudWatch Logs, so you can determine when the client is - # making a SETSTAT call. + # * To ignore the error that is generated when the client attempts to + # use the `SETSTAT` command on a file that you are uploading to an + # Amazon S3 bucket, use the `SetStatOption` parameter. To have the + # Transfer Family server ignore the `SETSTAT` command and upload files + # without needing to make any changes to your SFTP client, set the + # value to `ENABLE_NO_OP`. If you set the `SetStatOption` parameter to + # `ENABLE_NO_OP`, Transfer Family generates a log entry to Amazon + # CloudWatch Logs, so that you can determine when the client is making + # a `SETSTAT` call. # - # * Use the `TlsSessionResumptionMode` parameter to determine whether or - # not your Transfer server resumes recent, negotiated sessions through - # a unique session ID. + # * To determine whether your Transfer Family server resumes recent, + # negotiated sessions through a unique session ID, use the + # `TlsSessionResumptionMode` parameter. # + # * `As2Transports` indicates the transport method for the AS2 messages. + # Currently, only HTTP is supported. + # # @option params [Types::EndpointDetails] :endpoint_details # The virtual private cloud (VPC) endpoint settings that are configured # for your server. When you host your endpoint within your VPC, you can - # make it accessible only to resources within your VPC, or you can - # attach Elastic IP addresses and make it accessible to clients over the - # internet. Your VPC's default security groups are automatically - # assigned to your endpoint. + # make your endpoint accessible only to resources within your VPC, or + # you can attach Elastic IP addresses and make your endpoint accessible + # to clients over the internet. Your VPC's default security groups are + # automatically assigned to your endpoint. # # @option params [String] :endpoint_type # The type of endpoint that you want your server to use. You can choose # to make your server's endpoint publicly accessible (PUBLIC) or host # it inside your VPC. With an endpoint that is hosted in a VPC, you can @@ -2608,12 +3607,12 @@ # Use the following command to generate an RSA 2048 bit key with no # passphrase: # # `ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key`. # - # Use a minimum value of 2048 for the `-b` option: you can create a - # stronger key using 3072 or 4096. + # Use a minimum value of 2048 for the `-b` option. You can create a + # stronger key by using 3072 or 4096. # # Use the following command to generate an ECDSA 256 bit key with no # passphrase: # # `ssh-keygen -t ecdsa -b 256 -N "" -m PEM -f my-new-server-key`. @@ -2631,39 +3630,39 @@ # If you aren't planning to migrate existing users from an existing # SFTP-enabled server to a new server, don't update the host key. # Accidentally changing a server's host key can be disruptive. # # For more information, see [Change the host key for your SFTP-enabled - # server][1] in the *Amazon Web Services Transfer Family User Guide*. + # server][1] in the *Transfer Family User Guide*. # # # # [1]: https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key # # @option params [Types::IdentityProviderDetails] :identity_provider_details # An array containing all of the information required to call a # customer's authentication API method. # # @option params [String] :logging_role - # Specifies the Amazon Resource Name (ARN) of the Amazon Web Services - # Identity and Access Management (IAM) role that allows a server to turn - # on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When - # set, user activity can be viewed in your CloudWatch logs. + # The Amazon Resource Name (ARN) of the Identity and Access Management + # (IAM) role that allows a server to turn on Amazon CloudWatch logging + # for Amazon S3 or Amazon EFSevents. When set, you can view user + # activity in your CloudWatch logs. # # @option params [String] :post_authentication_login_banner - # Specify a string to display when users connect to a server. This + # Specifies a string to display when users connect to a server. This # string is displayed after the user authenticates. # # <note markdown="1"> The SFTP protocol does not support post-authentication display # banners. # # </note> # # @option params [String] :pre_authentication_login_banner - # Specify a string to display when users connect to a server. This + # Specifies a string to display when users connect to a server. This # string is displayed before the user authenticates. For example, the - # following banner displays details about using the system. + # following banner displays details about using the system: # # `This system is for the use of authorized users only. Individuals # using this computer system without authority, or in excess of their # authority, are subject to having all of their activities on this # system monitored and recorded by system personnel.` @@ -2706,11 +3705,11 @@ # A system-assigned unique identifier for a server instance that the # user account is assigned to. # # @option params [Types::WorkflowDetails] :workflow_details # Specifies the workflow ID for the workflow to assign and the execution - # role used for executing the workflow. + # role that's used for executing the workflow. # # To remove an associated workflow from a server, you can provide an # empty `OnUpload` object, as in the following example. # # `aws transfer update-server --server-id s-01234567890abcdef @@ -2726,10 +3725,11 @@ # certificate: "Certificate", # protocol_details: { # passive_ip: "PassiveIp", # tls_session_resumption_mode: "DISABLED", # accepts DISABLED, ENABLED, ENFORCED # set_stat_option: "DEFAULT", # accepts DEFAULT, ENABLE_NO_OP + # as_2_transports: ["HTTP"], # accepts HTTP # }, # endpoint_details: { # address_allocation_ids: ["AddressAllocationId"], # subnet_ids: ["SubnetId"], # vpc_endpoint_id: "VpcEndpointId", @@ -2745,11 +3745,11 @@ # function: "Function", # }, # logging_role: "NullableRole", # post_authentication_login_banner: "PostAuthenticationLoginBanner", # pre_authentication_login_banner: "PreAuthenticationLoginBanner", - # protocols: ["SFTP"], # accepts SFTP, FTP, FTPS + # protocols: ["SFTP"], # accepts SFTP, FTP, FTPS, AS2 # security_policy_name: "SecurityPolicyName", # server_id: "ServerId", # required # workflow_details: { # on_upload: [ # required # { @@ -2785,27 +3785,27 @@ # server using the client. # # A `HomeDirectory` example is `/bucket_name/home/mydirectory`. # # @option params [String] :home_directory_type - # The type of landing directory (folder) you want your users' home - # directory to be when they log into the server. If you set it to + # The type of landing directory (folder) that you want your users' home + # directory to be when they log in to the server. If you set it to # `PATH`, the user will see the absolute Amazon S3 bucket or EFS paths # as is in their file transfer protocol clients. If you set it # `LOGICAL`, you need to provide mappings in the `HomeDirectoryMappings` - # for how you want to make Amazon S3 or EFS paths visible to your users. + # for how you want to make Amazon S3 or Amazon EFS paths visible to your + # users. # # @option params [Array<Types::HomeDirectoryMapEntry>] :home_directory_mappings # Logical directory mappings that specify what Amazon S3 or Amazon EFS # paths and keys should be visible to your user and how you want to make # them visible. You must specify the `Entry` and `Target` pair, where # `Entry` shows how the path is made visible and `Target` is the actual # Amazon S3 or Amazon EFS path. If you only specify a target, it is - # displayed as is. You also must ensure that your Amazon Web Services - # Identity and Access Management (IAM) role provides access to paths in - # `Target`. This value can only be set when `HomeDirectoryType` is set - # to *LOGICAL*. + # displayed as is. You also must ensure that your Identity and Access + # Management (IAM) role provides access to paths in `Target`. This value + # can be set only when `HomeDirectoryType` is set to *LOGICAL*. # # The following is an `Entry` and `Target` pair example. # # `[ \{ "Entry": "/directory1", "Target": # "/bucket_name/home/mydirectory" \} ]` @@ -2818,23 +3818,23 @@ # The following is an `Entry` and `Target` pair example for `chroot`. # # `[ \{ "Entry": "/", "Target": "/bucket_name/home/mydirectory" \} ]` # # @option params [String] :policy - # A session policy for your user so that you can use the same IAM role - # across multiple users. This policy scopes down user access to portions - # of their Amazon S3 bucket. Variables that you can use inside this - # policy include `$\{Transfer:UserName\}`, - # `$\{Transfer:HomeDirectory\}`, and `$\{Transfer:HomeBucket\}`. + # A session policy for your user so that you can use the same Identity + # and Access Management (IAM) role across multiple users. This policy + # scopes down a user's access to portions of their Amazon S3 bucket. + # Variables that you can use inside this policy include + # `$\{Transfer:UserName\}`, `$\{Transfer:HomeDirectory\}`, and + # `$\{Transfer:HomeBucket\}`. # - # <note markdown="1"> This only applies when the domain of `ServerId` is S3. EFS does not - # use session policies. + # <note markdown="1"> This policy applies only when the domain of `ServerId` is Amazon S3. + # Amazon EFS does not use session policies. # - # For session policies, Amazon Web Services Transfer Family stores the - # policy as a JSON blob, instead of the Amazon Resource Name (ARN) of - # the policy. You save the policy as a JSON blob and pass it in the - # `Policy` argument. + # For session policies, Transfer Family stores the policy as a JSON + # blob, instead of the Amazon Resource Name (ARN) of the policy. You + # save the policy as a JSON blob and pass it in the `Policy` argument. # # For an example of a session policy, see [Creating a session # policy][1]. # # For more information, see [AssumeRole][2] in the *Amazon Web Services @@ -2854,17 +3854,18 @@ # The POSIX permissions that are set on files and directories in your # file system determines the level of access your users get when # transferring files into and out of your Amazon EFS file systems. # # @option params [String] :role - # Specifies the Amazon Resource Name (ARN) of the IAM role that controls - # your users' access to your Amazon S3 bucket or EFS file system. The - # policies attached to this role determine the level of access that you - # want to provide your users when transferring files into and out of - # your Amazon S3 bucket or EFS file system. The IAM role should also - # contain a trust relationship that allows the server to access your - # resources when servicing your users' transfer requests. + # The Amazon Resource Name (ARN) of the Identity and Access Management + # (IAM) role that controls your users' access to your Amazon S3 bucket + # or Amazon EFS file system. The policies attached to this role + # determine the level of access that you want to provide your users when + # transferring files into and out of your Amazon S3 bucket or Amazon EFS + # file system. The IAM role should also contain a trust relationship + # that allows the server to access your resources when servicing your + # users' transfer requests. # # @option params [required, String] :server_id # A system-assigned unique identifier for a server instance that the # user account is assigned to. # @@ -2928,10 +3929,10 @@ operation: config.api.operation(operation_name), client: self, params: params, config: config) context[:gem_name] = 'aws-sdk-transfer' - context[:gem_version] = '1.56.0' + context[:gem_version] = '1.57.0' Seahorse::Client::Request.new(handlers, context) end # Polls an API operation until a resource enters a desired state. #