Amazon Web Services Transfer Family is a fully managed service that enables the transfer of files over the -File Transfer Protocol (FTP), File Transfer Protocol over SSL (FTPS), or Secure Shell (SSH) -File Transfer Protocol (SFTP) directly into and out of Amazon Simple Storage Service (Amazon -S3). Amazon Web Services helps you seamlessly migrate your file transfer workflows to Amazon Web Services Transfer Family by -integrating with existing authentication systems, and providing DNS routing with Amazon Route -53 so nothing changes for your customers and partners, or their applications. With your data -in Amazon S3, you can use it with Amazon Web Services services for processing, analytics, machine learning, -and archiving. Getting started with Amazon Web Services Transfer Family is easy since there is no -infrastructure to buy and set up.
+Transfer Family is a fully managed service that enables the transfer of files over the File +Transfer Protocol (FTP), File Transfer Protocol over SSL (FTPS), or Secure Shell (SSH) File +Transfer Protocol (SFTP) directly into and out of Amazon Simple Storage Service (Amazon S3). +Amazon Web Services helps you seamlessly migrate your file transfer workflows to Transfer Family by integrating +with existing authentication systems, and providing DNS routing with Amazon Route 53 so +nothing changes for your customers and partners, or their applications. With your data in +Amazon S3, you can use it with Amazon Web Services for processing, analytics, machine learning, and +archiving. Getting started with Transfer Family is easy since there is no infrastructure to buy and +set up.
## Installing diff --git a/clients/client-transfer/src/Transfer.ts b/clients/client-transfer/src/Transfer.ts index af6e73dcd25c..7a63465af2b4 100644 --- a/clients/client-transfer/src/Transfer.ts +++ b/clients/client-transfer/src/Transfer.ts @@ -6,6 +6,21 @@ import { CreateAccessCommandInput, CreateAccessCommandOutput, } from "./commands/CreateAccessCommand"; +import { + CreateAgreementCommand, + CreateAgreementCommandInput, + CreateAgreementCommandOutput, +} from "./commands/CreateAgreementCommand"; +import { + CreateConnectorCommand, + CreateConnectorCommandInput, + CreateConnectorCommandOutput, +} from "./commands/CreateConnectorCommand"; +import { + CreateProfileCommand, + CreateProfileCommandInput, + CreateProfileCommandOutput, +} from "./commands/CreateProfileCommand"; import { CreateServerCommand, CreateServerCommandInput, @@ -22,6 +37,26 @@ import { DeleteAccessCommandInput, DeleteAccessCommandOutput, } from "./commands/DeleteAccessCommand"; +import { + DeleteAgreementCommand, + DeleteAgreementCommandInput, + DeleteAgreementCommandOutput, +} from "./commands/DeleteAgreementCommand"; +import { + DeleteCertificateCommand, + DeleteCertificateCommandInput, + DeleteCertificateCommandOutput, +} from "./commands/DeleteCertificateCommand"; +import { + DeleteConnectorCommand, + DeleteConnectorCommandInput, + DeleteConnectorCommandOutput, +} from "./commands/DeleteConnectorCommand"; +import { + DeleteProfileCommand, + DeleteProfileCommandInput, + DeleteProfileCommandOutput, +} from "./commands/DeleteProfileCommand"; import { DeleteServerCommand, DeleteServerCommandInput, @@ -43,11 +78,31 @@ import { DescribeAccessCommandInput, DescribeAccessCommandOutput, } from "./commands/DescribeAccessCommand"; +import { + DescribeAgreementCommand, + DescribeAgreementCommandInput, + DescribeAgreementCommandOutput, +} from "./commands/DescribeAgreementCommand"; +import { + DescribeCertificateCommand, + DescribeCertificateCommandInput, + DescribeCertificateCommandOutput, +} from "./commands/DescribeCertificateCommand"; +import { + DescribeConnectorCommand, + DescribeConnectorCommandInput, + DescribeConnectorCommandOutput, +} from "./commands/DescribeConnectorCommand"; import { DescribeExecutionCommand, DescribeExecutionCommandInput, DescribeExecutionCommandOutput, } from "./commands/DescribeExecutionCommand"; +import { + DescribeProfileCommand, + DescribeProfileCommandInput, + DescribeProfileCommandOutput, +} from "./commands/DescribeProfileCommand"; import { DescribeSecurityPolicyCommand, DescribeSecurityPolicyCommandInput, @@ -68,6 +123,11 @@ import { DescribeWorkflowCommandInput, DescribeWorkflowCommandOutput, } from "./commands/DescribeWorkflowCommand"; +import { + ImportCertificateCommand, + ImportCertificateCommandInput, + ImportCertificateCommandOutput, +} from "./commands/ImportCertificateCommand"; import { ImportSshPublicKeyCommand, ImportSshPublicKeyCommandInput, @@ -78,11 +138,31 @@ import { ListAccessesCommandInput, ListAccessesCommandOutput, } from "./commands/ListAccessesCommand"; +import { + ListAgreementsCommand, + ListAgreementsCommandInput, + ListAgreementsCommandOutput, +} from "./commands/ListAgreementsCommand"; +import { + ListCertificatesCommand, + ListCertificatesCommandInput, + ListCertificatesCommandOutput, +} from "./commands/ListCertificatesCommand"; +import { + ListConnectorsCommand, + ListConnectorsCommandInput, + ListConnectorsCommandOutput, +} from "./commands/ListConnectorsCommand"; import { ListExecutionsCommand, ListExecutionsCommandInput, ListExecutionsCommandOutput, } from "./commands/ListExecutionsCommand"; +import { + ListProfilesCommand, + ListProfilesCommandInput, + ListProfilesCommandOutput, +} from "./commands/ListProfilesCommand"; import { ListSecurityPoliciesCommand, ListSecurityPoliciesCommandInput, @@ -105,6 +185,11 @@ import { SendWorkflowStepStateCommandInput, SendWorkflowStepStateCommandOutput, } from "./commands/SendWorkflowStepStateCommand"; +import { + StartFileTransferCommand, + StartFileTransferCommandInput, + StartFileTransferCommandOutput, +} from "./commands/StartFileTransferCommand"; import { StartServerCommand, StartServerCommandInput, StartServerCommandOutput } from "./commands/StartServerCommand"; import { StopServerCommand, StopServerCommandInput, StopServerCommandOutput } from "./commands/StopServerCommand"; import { TagResourceCommand, TagResourceCommandInput, TagResourceCommandOutput } from "./commands/TagResourceCommand"; @@ -123,6 +208,26 @@ import { UpdateAccessCommandInput, UpdateAccessCommandOutput, } from "./commands/UpdateAccessCommand"; +import { + UpdateAgreementCommand, + UpdateAgreementCommandInput, + UpdateAgreementCommandOutput, +} from "./commands/UpdateAgreementCommand"; +import { + UpdateCertificateCommand, + UpdateCertificateCommandInput, + UpdateCertificateCommandOutput, +} from "./commands/UpdateCertificateCommand"; +import { + UpdateConnectorCommand, + UpdateConnectorCommandInput, + UpdateConnectorCommandOutput, +} from "./commands/UpdateConnectorCommand"; +import { + UpdateProfileCommand, + UpdateProfileCommandInput, + UpdateProfileCommandOutput, +} from "./commands/UpdateProfileCommand"; import { UpdateServerCommand, UpdateServerCommandInput, @@ -132,20 +237,20 @@ import { UpdateUserCommand, UpdateUserCommandInput, UpdateUserCommandOutput } fr import { TransferClient } from "./TransferClient"; /** - *Amazon Web Services Transfer Family is a fully managed service that enables the transfer of files over the - * File Transfer Protocol (FTP), File Transfer Protocol over SSL (FTPS), or Secure Shell (SSH) - * File Transfer Protocol (SFTP) directly into and out of Amazon Simple Storage Service (Amazon - * S3). Amazon Web Services helps you seamlessly migrate your file transfer workflows to Amazon Web Services Transfer Family by - * integrating with existing authentication systems, and providing DNS routing with Amazon Route - * 53 so nothing changes for your customers and partners, or their applications. With your data - * in Amazon S3, you can use it with Amazon Web Services services for processing, analytics, machine learning, - * and archiving. Getting started with Amazon Web Services Transfer Family is easy since there is no - * infrastructure to buy and set up.
+ *Transfer Family is a fully managed service that enables the transfer of files over the File + * Transfer Protocol (FTP), File Transfer Protocol over SSL (FTPS), or Secure Shell (SSH) File + * Transfer Protocol (SFTP) directly into and out of Amazon Simple Storage Service (Amazon S3). + * Amazon Web Services helps you seamlessly migrate your file transfer workflows to Transfer Family by integrating + * with existing authentication systems, and providing DNS routing with Amazon Route 53 so + * nothing changes for your customers and partners, or their applications. With your data in + * Amazon S3, you can use it with Amazon Web Services for processing, analytics, machine learning, and + * archiving. Getting started with Transfer Family is easy since there is no infrastructure to buy and + * set up.
*/ export class Transfer extends TransferClient { /** *Used by administrators to choose which groups in the directory should have access to
- * upload and download files over the enabled protocols using Amazon Web Services Transfer Family. For example, a
+ * upload and download files over the enabled protocols using Transfer Family. For example, a
* Microsoft Active Directory might contain 50,000 users, but only a small fraction might need
* the ability to transfer files to the server. An administrator can use
* CreateAccess to limit the access to the correct set of users who need this
@@ -177,6 +282,110 @@ export class Transfer extends TransferClient {
}
}
+ /**
+ *
Creates an agreement. An agreement is a bilateral trading partner agreement, or partnership, + * between an Transfer Family server and an AS2 process. The agreement defines the file and message + * transfer relationship between the server and the AS2 process. To define an agreement, Transfer Family + * combines a server, local profile, partner profile, certificate, and other + * attributes.
+ *The partner is identified with the PartnerProfileId, and the AS2 process is identified with the LocalProfileId.
Creates the connector, which captures the parameters for an outbound connection for the + * AS2 protocol. The connector is required for sending files from a + * customer's non Amazon Web Services server.
+ */ + public createConnector( + args: CreateConnectorCommandInput, + options?: __HttpHandlerOptions + ): PromiseCreates the profile for the AS2 process. The agreement is between the partner and the AS2 + * process.
+ */ + public createProfile( + args: CreateProfileCommandInput, + options?: __HttpHandlerOptions + ): PromiseInstantiates an auto-scaling virtual server based on the selected file transfer protocol
* in Amazon Web Services. When you make updates to your file transfer protocol-enabled server or when you work
@@ -214,7 +423,7 @@ export class Transfer extends TransferClient {
* You can only create and associate users with servers that have the
* IdentityProviderType set to SERVICE_MANAGED. Using parameters for
* CreateUser, you can specify the user name, set the home directory, store the
- * user's public key, and assign the user's Amazon Web Services Identity and Access Management (IAM)
+ * user's public key, and assign the user's Identity and Access Management (IAM)
* role. You can also optionally add a session policy, and assign metadata with tags that can
* be used to group and search for users.
Delete the agreement that's specified in the provided AgreementId.
Deletes the certificate that's specified in the CertificateId
+ * parameter.
Deletes the agreement that's specified in the provided ConnectorId.
Deletes the profile that's specified in the ProfileId parameter.
Deletes the file transfer protocol-enabled server that you specify.
* @@ -436,7 +774,7 @@ export class Transfer extends TransferClient { /** *Describes the access that is assigned to the specific file transfer protocol-enabled
* server, as identified by its ServerId property and its
- * ExternalID.
ExternalId.
*
* The response from this call returns the properties of the access that is associated with
* the ServerId value that was specified.
Describes the agreement that's identified by the AgreementId.
Describes the certificate that's identified by the CertificateId.
Describes the connector that's identified by the ConnectorId.
+ *
You can use DescribeExecution to check the details of the execution of the specified workflow.
Returns the details of the profile that's specified by the ProfileId.
Describes the security policy that is attached to your file transfer protocol-enabled * server. The response contains a description of the security policy's properties. For more @@ -639,6 +1106,40 @@ export class Transfer extends TransferClient { } } + /** + *
Imports the signing and encryption certificates that you need to create local (AS2) + * profiles and partner + * profiles.
+ */ + public importCertificate( + args: ImportCertificateCommandInput, + options?: __HttpHandlerOptions + ): PromiseAdds a Secure Shell (SSH) public key to a user account identified by a
* UserName value assigned to the specific file transfer protocol-enabled server,
@@ -705,6 +1206,110 @@ export class Transfer extends TransferClient {
}
}
+ /**
+ *
Returns a list of the agreements for the server that's identified by the
+ * ServerId that you supply. If you want to limit the results to a certain number,
+ * supply a value for the MaxResults parameter. If you ran the command previously
+ * and received a value for NextToken, you can supply that value to continue listing
+ * agreements from where you left off.
Returns a list of the current certificates that have been imported into Transfer Family. If you want to
+ * limit the results to a certain number, supply a value for the MaxResults
+ * parameter. If you ran the command previously and received a value for the
+ * NextToken parameter, you can supply that value to continue listing certificates
+ * from where you left off.
Lists the connectors for the specified Region.
+ */ + public listConnectors( + args: ListConnectorsCommandInput, + options?: __HttpHandlerOptions + ): PromiseLists all executions for the specified workflow.
*/ @@ -737,6 +1342,38 @@ export class Transfer extends TransferClient { } } + /** + *Returns a list of the profiles for your system. If you want to limit the results to a
+ * certain number, supply a value for the MaxResults parameter. If you ran the
+ * command previously and received a value for NextToken, you can supply that value
+ * to continue listing profiles from where you left off.
Lists the security policies that are attached to your file transfer protocol-enabled * servers.
@@ -925,6 +1562,39 @@ export class Transfer extends TransferClient { } } + /** + *Begins an outbound file transfer. You specify the ConnectorId and the file
+ * paths for where to send the files.
Changes the state of a file transfer protocol-enabled server from OFFLINE to
* ONLINE. It has no impact on a server that is already ONLINE. An
@@ -966,7 +1636,7 @@ export class Transfer extends TransferClient {
* stopping your server.
Stopping the server will not reduce or impact your file transfer protocol endpoint + *
Stopping the server does not reduce or impact your file transfer protocol endpoint * billing; you must delete the server to stop being billed.
*Updates some of the parameters for an existing agreement. Provide the
+ * AgreementId and the ServerId for the agreement that you want to
+ * update, along with the new values for the parameters to update.
Updates the active and inactive dates for a certificate.
+ */ + public updateCertificate( + args: UpdateCertificateCommandInput, + options?: __HttpHandlerOptions + ): PromiseUpdates some of the parameters for an existing connector. Provide the
+ * ConnectorId for the connector that you want to update, along with the new
+ * values for the parameters to update.
Updates some of the parameters for an existing profile. Provide the ProfileId
+ * for the profile that you want to update, along with the new values for the parameters to
+ * update.
Updates the file transfer protocol-enabled server's properties after that server has * been created.
diff --git a/clients/client-transfer/src/TransferClient.ts b/clients/client-transfer/src/TransferClient.ts index 80bab50c6ad5..3b71666b0df7 100644 --- a/clients/client-transfer/src/TransferClient.ts +++ b/clients/client-transfer/src/TransferClient.ts @@ -54,16 +54,30 @@ import { } from "@aws-sdk/types"; import { CreateAccessCommandInput, CreateAccessCommandOutput } from "./commands/CreateAccessCommand"; +import { CreateAgreementCommandInput, CreateAgreementCommandOutput } from "./commands/CreateAgreementCommand"; +import { CreateConnectorCommandInput, CreateConnectorCommandOutput } from "./commands/CreateConnectorCommand"; +import { CreateProfileCommandInput, CreateProfileCommandOutput } from "./commands/CreateProfileCommand"; import { CreateServerCommandInput, CreateServerCommandOutput } from "./commands/CreateServerCommand"; import { CreateUserCommandInput, CreateUserCommandOutput } from "./commands/CreateUserCommand"; import { CreateWorkflowCommandInput, CreateWorkflowCommandOutput } from "./commands/CreateWorkflowCommand"; import { DeleteAccessCommandInput, DeleteAccessCommandOutput } from "./commands/DeleteAccessCommand"; +import { DeleteAgreementCommandInput, DeleteAgreementCommandOutput } from "./commands/DeleteAgreementCommand"; +import { DeleteCertificateCommandInput, DeleteCertificateCommandOutput } from "./commands/DeleteCertificateCommand"; +import { DeleteConnectorCommandInput, DeleteConnectorCommandOutput } from "./commands/DeleteConnectorCommand"; +import { DeleteProfileCommandInput, DeleteProfileCommandOutput } from "./commands/DeleteProfileCommand"; import { DeleteServerCommandInput, DeleteServerCommandOutput } from "./commands/DeleteServerCommand"; import { DeleteSshPublicKeyCommandInput, DeleteSshPublicKeyCommandOutput } from "./commands/DeleteSshPublicKeyCommand"; import { DeleteUserCommandInput, DeleteUserCommandOutput } from "./commands/DeleteUserCommand"; import { DeleteWorkflowCommandInput, DeleteWorkflowCommandOutput } from "./commands/DeleteWorkflowCommand"; import { DescribeAccessCommandInput, DescribeAccessCommandOutput } from "./commands/DescribeAccessCommand"; +import { DescribeAgreementCommandInput, DescribeAgreementCommandOutput } from "./commands/DescribeAgreementCommand"; +import { + DescribeCertificateCommandInput, + DescribeCertificateCommandOutput, +} from "./commands/DescribeCertificateCommand"; +import { DescribeConnectorCommandInput, DescribeConnectorCommandOutput } from "./commands/DescribeConnectorCommand"; import { DescribeExecutionCommandInput, DescribeExecutionCommandOutput } from "./commands/DescribeExecutionCommand"; +import { DescribeProfileCommandInput, DescribeProfileCommandOutput } from "./commands/DescribeProfileCommand"; import { DescribeSecurityPolicyCommandInput, DescribeSecurityPolicyCommandOutput, @@ -71,9 +85,14 @@ import { import { DescribeServerCommandInput, DescribeServerCommandOutput } from "./commands/DescribeServerCommand"; import { DescribeUserCommandInput, DescribeUserCommandOutput } from "./commands/DescribeUserCommand"; import { DescribeWorkflowCommandInput, DescribeWorkflowCommandOutput } from "./commands/DescribeWorkflowCommand"; +import { ImportCertificateCommandInput, ImportCertificateCommandOutput } from "./commands/ImportCertificateCommand"; import { ImportSshPublicKeyCommandInput, ImportSshPublicKeyCommandOutput } from "./commands/ImportSshPublicKeyCommand"; import { ListAccessesCommandInput, ListAccessesCommandOutput } from "./commands/ListAccessesCommand"; +import { ListAgreementsCommandInput, ListAgreementsCommandOutput } from "./commands/ListAgreementsCommand"; +import { ListCertificatesCommandInput, ListCertificatesCommandOutput } from "./commands/ListCertificatesCommand"; +import { ListConnectorsCommandInput, ListConnectorsCommandOutput } from "./commands/ListConnectorsCommand"; import { ListExecutionsCommandInput, ListExecutionsCommandOutput } from "./commands/ListExecutionsCommand"; +import { ListProfilesCommandInput, ListProfilesCommandOutput } from "./commands/ListProfilesCommand"; import { ListSecurityPoliciesCommandInput, ListSecurityPoliciesCommandOutput, @@ -89,6 +108,7 @@ import { SendWorkflowStepStateCommandInput, SendWorkflowStepStateCommandOutput, } from "./commands/SendWorkflowStepStateCommand"; +import { StartFileTransferCommandInput, StartFileTransferCommandOutput } from "./commands/StartFileTransferCommand"; import { StartServerCommandInput, StartServerCommandOutput } from "./commands/StartServerCommand"; import { StopServerCommandInput, StopServerCommandOutput } from "./commands/StopServerCommand"; import { TagResourceCommandInput, TagResourceCommandOutput } from "./commands/TagResourceCommand"; @@ -98,75 +118,121 @@ import { } from "./commands/TestIdentityProviderCommand"; import { UntagResourceCommandInput, UntagResourceCommandOutput } from "./commands/UntagResourceCommand"; import { UpdateAccessCommandInput, UpdateAccessCommandOutput } from "./commands/UpdateAccessCommand"; +import { UpdateAgreementCommandInput, UpdateAgreementCommandOutput } from "./commands/UpdateAgreementCommand"; +import { UpdateCertificateCommandInput, UpdateCertificateCommandOutput } from "./commands/UpdateCertificateCommand"; +import { UpdateConnectorCommandInput, UpdateConnectorCommandOutput } from "./commands/UpdateConnectorCommand"; +import { UpdateProfileCommandInput, UpdateProfileCommandOutput } from "./commands/UpdateProfileCommand"; import { UpdateServerCommandInput, UpdateServerCommandOutput } from "./commands/UpdateServerCommand"; import { UpdateUserCommandInput, UpdateUserCommandOutput } from "./commands/UpdateUserCommand"; import { getRuntimeConfig as __getRuntimeConfig } from "./runtimeConfig"; export type ServiceInputTypes = | CreateAccessCommandInput + | CreateAgreementCommandInput + | CreateConnectorCommandInput + | CreateProfileCommandInput | CreateServerCommandInput | CreateUserCommandInput | CreateWorkflowCommandInput | DeleteAccessCommandInput + | DeleteAgreementCommandInput + | DeleteCertificateCommandInput + | DeleteConnectorCommandInput + | DeleteProfileCommandInput | DeleteServerCommandInput | DeleteSshPublicKeyCommandInput | DeleteUserCommandInput | DeleteWorkflowCommandInput | DescribeAccessCommandInput + | DescribeAgreementCommandInput + | DescribeCertificateCommandInput + | DescribeConnectorCommandInput | DescribeExecutionCommandInput + | DescribeProfileCommandInput | DescribeSecurityPolicyCommandInput | DescribeServerCommandInput | DescribeUserCommandInput | DescribeWorkflowCommandInput + | ImportCertificateCommandInput | ImportSshPublicKeyCommandInput | ListAccessesCommandInput + | ListAgreementsCommandInput + | ListCertificatesCommandInput + | ListConnectorsCommandInput | ListExecutionsCommandInput + | ListProfilesCommandInput | ListSecurityPoliciesCommandInput | ListServersCommandInput | ListTagsForResourceCommandInput | ListUsersCommandInput | ListWorkflowsCommandInput | SendWorkflowStepStateCommandInput + | StartFileTransferCommandInput | StartServerCommandInput | StopServerCommandInput | TagResourceCommandInput | TestIdentityProviderCommandInput | UntagResourceCommandInput | UpdateAccessCommandInput + | UpdateAgreementCommandInput + | UpdateCertificateCommandInput + | UpdateConnectorCommandInput + | UpdateProfileCommandInput | UpdateServerCommandInput | UpdateUserCommandInput; export type ServiceOutputTypes = | CreateAccessCommandOutput + | CreateAgreementCommandOutput + | CreateConnectorCommandOutput + | CreateProfileCommandOutput | CreateServerCommandOutput | CreateUserCommandOutput | CreateWorkflowCommandOutput | DeleteAccessCommandOutput + | DeleteAgreementCommandOutput + | DeleteCertificateCommandOutput + | DeleteConnectorCommandOutput + | DeleteProfileCommandOutput | DeleteServerCommandOutput | DeleteSshPublicKeyCommandOutput | DeleteUserCommandOutput | DeleteWorkflowCommandOutput | DescribeAccessCommandOutput + | DescribeAgreementCommandOutput + | DescribeCertificateCommandOutput + | DescribeConnectorCommandOutput | DescribeExecutionCommandOutput + | DescribeProfileCommandOutput | DescribeSecurityPolicyCommandOutput | DescribeServerCommandOutput | DescribeUserCommandOutput | DescribeWorkflowCommandOutput + | ImportCertificateCommandOutput | ImportSshPublicKeyCommandOutput | ListAccessesCommandOutput + | ListAgreementsCommandOutput + | ListCertificatesCommandOutput + | ListConnectorsCommandOutput | ListExecutionsCommandOutput + | ListProfilesCommandOutput | ListSecurityPoliciesCommandOutput | ListServersCommandOutput | ListTagsForResourceCommandOutput | ListUsersCommandOutput | ListWorkflowsCommandOutput | SendWorkflowStepStateCommandOutput + | StartFileTransferCommandOutput | StartServerCommandOutput | StopServerCommandOutput | TagResourceCommandOutput | TestIdentityProviderCommandOutput | UntagResourceCommandOutput | UpdateAccessCommandOutput + | UpdateAgreementCommandOutput + | UpdateCertificateCommandOutput + | UpdateConnectorCommandOutput + | UpdateProfileCommandOutput | UpdateServerCommandOutput | UpdateUserCommandOutput; @@ -324,15 +390,15 @@ type TransferClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHand export interface TransferClientResolvedConfig extends TransferClientResolvedConfigType {} /** - *Amazon Web Services Transfer Family is a fully managed service that enables the transfer of files over the - * File Transfer Protocol (FTP), File Transfer Protocol over SSL (FTPS), or Secure Shell (SSH) - * File Transfer Protocol (SFTP) directly into and out of Amazon Simple Storage Service (Amazon - * S3). Amazon Web Services helps you seamlessly migrate your file transfer workflows to Amazon Web Services Transfer Family by - * integrating with existing authentication systems, and providing DNS routing with Amazon Route - * 53 so nothing changes for your customers and partners, or their applications. With your data - * in Amazon S3, you can use it with Amazon Web Services services for processing, analytics, machine learning, - * and archiving. Getting started with Amazon Web Services Transfer Family is easy since there is no - * infrastructure to buy and set up.
+ *Transfer Family is a fully managed service that enables the transfer of files over the File + * Transfer Protocol (FTP), File Transfer Protocol over SSL (FTPS), or Secure Shell (SSH) File + * Transfer Protocol (SFTP) directly into and out of Amazon Simple Storage Service (Amazon S3). + * Amazon Web Services helps you seamlessly migrate your file transfer workflows to Transfer Family by integrating + * with existing authentication systems, and providing DNS routing with Amazon Route 53 so + * nothing changes for your customers and partners, or their applications. With your data in + * Amazon S3, you can use it with Amazon Web Services for processing, analytics, machine learning, and + * archiving. Getting started with Transfer Family is easy since there is no infrastructure to buy and + * set up.
*/ export class TransferClient extends __Client< __HttpHandlerOptions, diff --git a/clients/client-transfer/src/commands/CreateAccessCommand.ts b/clients/client-transfer/src/commands/CreateAccessCommand.ts index 03a4a2675e49..4ca4293c6f23 100644 --- a/clients/client-transfer/src/commands/CreateAccessCommand.ts +++ b/clients/client-transfer/src/commands/CreateAccessCommand.ts @@ -29,7 +29,7 @@ export interface CreateAccessCommandOutput extends CreateAccessResponse, __Metad /** *Used by administrators to choose which groups in the directory should have access to
- * upload and download files over the enabled protocols using Amazon Web Services Transfer Family. For example, a
+ * upload and download files over the enabled protocols using Transfer Family. For example, a
* Microsoft Active Directory might contain 50,000 users, but only a small fraction might need
* the ability to transfer files to the server. An administrator can use
* CreateAccess to limit the access to the correct set of users who need this
diff --git a/clients/client-transfer/src/commands/CreateAgreementCommand.ts b/clients/client-transfer/src/commands/CreateAgreementCommand.ts
new file mode 100644
index 000000000000..b7c8b1ab3216
--- /dev/null
+++ b/clients/client-transfer/src/commands/CreateAgreementCommand.ts
@@ -0,0 +1,106 @@
+// smithy-typescript generated code
+import { getSerdePlugin } from "@aws-sdk/middleware-serde";
+import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http";
+import { Command as $Command } from "@aws-sdk/smithy-client";
+import {
+ FinalizeHandlerArguments,
+ Handler,
+ HandlerExecutionContext,
+ HttpHandlerOptions as __HttpHandlerOptions,
+ MetadataBearer as __MetadataBearer,
+ MiddlewareStack,
+ SerdeContext as __SerdeContext,
+} from "@aws-sdk/types";
+
+import {
+ CreateAgreementRequest,
+ CreateAgreementRequestFilterSensitiveLog,
+ CreateAgreementResponse,
+ CreateAgreementResponseFilterSensitiveLog,
+} from "../models/models_0";
+import {
+ deserializeAws_json1_1CreateAgreementCommand,
+ serializeAws_json1_1CreateAgreementCommand,
+} from "../protocols/Aws_json1_1";
+import { ServiceInputTypes, ServiceOutputTypes, TransferClientResolvedConfig } from "../TransferClient";
+
+export interface CreateAgreementCommandInput extends CreateAgreementRequest {}
+export interface CreateAgreementCommandOutput extends CreateAgreementResponse, __MetadataBearer {}
+
+/**
+ *
Creates an agreement. An agreement is a bilateral trading partner agreement, or partnership, + * between an Transfer Family server and an AS2 process. The agreement defines the file and message + * transfer relationship between the server and the AS2 process. To define an agreement, Transfer Family + * combines a server, local profile, partner profile, certificate, and other + * attributes.
+ *The partner is identified with the PartnerProfileId, and the AS2 process is identified with the LocalProfileId.
Creates the connector, which captures the parameters for an outbound connection for the + * AS2 protocol. The connector is required for sending files from a + * customer's non Amazon Web Services server.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { TransferClient, CreateConnectorCommand } from "@aws-sdk/client-transfer"; // ES Modules import + * // const { TransferClient, CreateConnectorCommand } = require("@aws-sdk/client-transfer"); // CommonJS import + * const client = new TransferClient(config); + * const command = new CreateConnectorCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link CreateConnectorCommandInput} for command's `input` shape. + * @see {@link CreateConnectorCommandOutput} for command's `response` shape. + * @see {@link TransferClientResolvedConfig | config} for TransferClient's `config` shape. + * + */ +export class CreateConnectorCommand extends $Command< + CreateConnectorCommandInput, + CreateConnectorCommandOutput, + TransferClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: CreateConnectorCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackCreates the profile for the AS2 process. The agreement is between the partner and the AS2 + * process.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { TransferClient, CreateProfileCommand } from "@aws-sdk/client-transfer"; // ES Modules import + * // const { TransferClient, CreateProfileCommand } = require("@aws-sdk/client-transfer"); // CommonJS import + * const client = new TransferClient(config); + * const command = new CreateProfileCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link CreateProfileCommandInput} for command's `input` shape. + * @see {@link CreateProfileCommandOutput} for command's `response` shape. + * @see {@link TransferClientResolvedConfig | config} for TransferClient's `config` shape. + * + */ +export class CreateProfileCommand extends $Command< + CreateProfileCommandInput, + CreateProfileCommandOutput, + TransferClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: CreateProfileCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackIdentityProviderType set to SERVICE_MANAGED. Using parameters for
* CreateUser, you can specify the user name, set the home directory, store the
- * user's public key, and assign the user's Amazon Web Services Identity and Access Management (IAM)
+ * user's public key, and assign the user's Identity and Access Management (IAM)
* role. You can also optionally add a session policy, and assign metadata with tags that can
* be used to group and search for users.
* @example
diff --git a/clients/client-transfer/src/commands/DeleteAgreementCommand.ts b/clients/client-transfer/src/commands/DeleteAgreementCommand.ts
new file mode 100644
index 000000000000..149c951eed2c
--- /dev/null
+++ b/clients/client-transfer/src/commands/DeleteAgreementCommand.ts
@@ -0,0 +1,96 @@
+// smithy-typescript generated code
+import { getSerdePlugin } from "@aws-sdk/middleware-serde";
+import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http";
+import { Command as $Command } from "@aws-sdk/smithy-client";
+import {
+ FinalizeHandlerArguments,
+ Handler,
+ HandlerExecutionContext,
+ HttpHandlerOptions as __HttpHandlerOptions,
+ MetadataBearer as __MetadataBearer,
+ MiddlewareStack,
+ SerdeContext as __SerdeContext,
+} from "@aws-sdk/types";
+
+import { DeleteAgreementRequest, DeleteAgreementRequestFilterSensitiveLog } from "../models/models_0";
+import {
+ deserializeAws_json1_1DeleteAgreementCommand,
+ serializeAws_json1_1DeleteAgreementCommand,
+} from "../protocols/Aws_json1_1";
+import { ServiceInputTypes, ServiceOutputTypes, TransferClientResolvedConfig } from "../TransferClient";
+
+export interface DeleteAgreementCommandInput extends DeleteAgreementRequest {}
+export interface DeleteAgreementCommandOutput extends __MetadataBearer {}
+
+/**
+ * Delete the agreement that's specified in the provided AgreementId.
Deletes the certificate that's specified in the CertificateId
+ * parameter.
Deletes the agreement that's specified in the provided ConnectorId.
Deletes the profile that's specified in the ProfileId parameter.
Describes the access that is assigned to the specific file transfer protocol-enabled
* server, as identified by its ServerId property and its
- * ExternalID.
ExternalId.
*
* The response from this call returns the properties of the access that is associated with
* the ServerId value that was specified.
Describes the agreement that's identified by the AgreementId.
Describes the certificate that's identified by the CertificateId.
Describes the connector that's identified by the ConnectorId.
+ *
Returns the details of the profile that's specified by the ProfileId.
Imports the signing and encryption certificates that you need to create local (AS2) + * profiles and partner + * profiles.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { TransferClient, ImportCertificateCommand } from "@aws-sdk/client-transfer"; // ES Modules import + * // const { TransferClient, ImportCertificateCommand } = require("@aws-sdk/client-transfer"); // CommonJS import + * const client = new TransferClient(config); + * const command = new ImportCertificateCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link ImportCertificateCommandInput} for command's `input` shape. + * @see {@link ImportCertificateCommandOutput} for command's `response` shape. + * @see {@link TransferClientResolvedConfig | config} for TransferClient's `config` shape. + * + */ +export class ImportCertificateCommand extends $Command< + ImportCertificateCommandInput, + ImportCertificateCommandOutput, + TransferClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: ImportCertificateCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackReturns a list of the agreements for the server that's identified by the
+ * ServerId that you supply. If you want to limit the results to a certain number,
+ * supply a value for the MaxResults parameter. If you ran the command previously
+ * and received a value for NextToken, you can supply that value to continue listing
+ * agreements from where you left off.
Returns a list of the current certificates that have been imported into Transfer Family. If you want to
+ * limit the results to a certain number, supply a value for the MaxResults
+ * parameter. If you ran the command previously and received a value for the
+ * NextToken parameter, you can supply that value to continue listing certificates
+ * from where you left off.
Lists the connectors for the specified Region.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { TransferClient, ListConnectorsCommand } from "@aws-sdk/client-transfer"; // ES Modules import + * // const { TransferClient, ListConnectorsCommand } = require("@aws-sdk/client-transfer"); // CommonJS import + * const client = new TransferClient(config); + * const command = new ListConnectorsCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link ListConnectorsCommandInput} for command's `input` shape. + * @see {@link ListConnectorsCommandOutput} for command's `response` shape. + * @see {@link TransferClientResolvedConfig | config} for TransferClient's `config` shape. + * + */ +export class ListConnectorsCommand extends $Command< + ListConnectorsCommandInput, + ListConnectorsCommandOutput, + TransferClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: ListConnectorsCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackReturns a list of the profiles for your system. If you want to limit the results to a
+ * certain number, supply a value for the MaxResults parameter. If you ran the
+ * command previously and received a value for NextToken, you can supply that value
+ * to continue listing profiles from where you left off.
Begins an outbound file transfer. You specify the ConnectorId and the file
+ * paths for where to send the files.
Stopping the server will not reduce or impact your file transfer protocol endpoint + *
Stopping the server does not reduce or impact your file transfer protocol endpoint * billing; you must delete the server to stop being billed.
*Updates some of the parameters for an existing agreement. Provide the
+ * AgreementId and the ServerId for the agreement that you want to
+ * update, along with the new values for the parameters to update.
Updates the active and inactive dates for a certificate.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { TransferClient, UpdateCertificateCommand } from "@aws-sdk/client-transfer"; // ES Modules import + * // const { TransferClient, UpdateCertificateCommand } = require("@aws-sdk/client-transfer"); // CommonJS import + * const client = new TransferClient(config); + * const command = new UpdateCertificateCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link UpdateCertificateCommandInput} for command's `input` shape. + * @see {@link UpdateCertificateCommandOutput} for command's `response` shape. + * @see {@link TransferClientResolvedConfig | config} for TransferClient's `config` shape. + * + */ +export class UpdateCertificateCommand extends $Command< + UpdateCertificateCommandInput, + UpdateCertificateCommandOutput, + TransferClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: UpdateCertificateCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackUpdates some of the parameters for an existing connector. Provide the
+ * ConnectorId for the connector that you want to update, along with the new
+ * values for the parameters to update.
Updates some of the parameters for an existing profile. Provide the ProfileId
+ * for the profile that you want to update, along with the new values for the parameters to
+ * update.
Contains the details for a connector object. The connector object is used for AS2 outbound + * processes, to connect the Transfer Family customer with the trading partner.
+ */ +export interface As2ConnectorConfig { + /** + *A unique identifier for the AS2 process.
+ */ + LocalProfileId?: string; + + /** + *A unique identifier for the partner for the connector.
+ */ + PartnerProfileId?: string; + + /** + *A short description to help identify the connector.
+ */ + MessageSubject?: string; + + /** + *Specifies whether the AS2 file is compressed.
+ */ + Compression?: CompressionEnum | string; + + /** + *The algorithm that is used to encrypt the file.
+ */ + EncryptionAlgorithm?: EncryptionAlg | string; + + /** + *The algorithm that is used to sign the AS2 transfers for this partner profile.
+ */ + SigningAlgorithm?: SigningAlg | string; + + /** + *The signing algorithm for the MDN response.
+ */ + MdnSigningAlgorithm?: MdnSigningAlg | string; + + /** + *Used for outbound requests (from an Transfer Family server to a partner AS2 server) to determine whether + * the partner response for transfers is synchronous or asynchronous. Specify either of the following values:
+ *
+ * SYNC: The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).
+ * NONE: Specifies that no MDN response is required.
This exception is thrown when the UpdateServer is called for a file transfer
* protocol-enabled server that has VPC as the endpoint type and the server's
@@ -85,7 +200,7 @@ export interface S3InputFileLocation {
Bucket?: string;
/**
- *
The name assigned to the file when it was created in S3. You use the object key to retrieve the object.
+ *The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.
*/ Key?: string; } @@ -206,10 +321,10 @@ export interface CreateAccessRequest { HomeDirectory?: string; /** - *The type of landing directory (folder) you want your users' home directory to be when they log into the server.
- * If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer protocol clients.
- * If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for how you want to make Amazon
- * S3 or EFS paths visible to your users.
The type of landing directory (folder) that you want your users' home directory to be when they log in to the server.
+ * If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer
+ * protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for
+ * how you want to make Amazon S3 or Amazon EFS paths visible to your users.
Entry and Target pair, where Entry shows how the path
* is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you
- * only specify a target, it is displayed as is. You also must ensure that your Amazon Web Services Identity
- * and Access Management (IAM) role provides access to paths in Target. This value
- * can only be set when HomeDirectoryType is set to
+ * only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM)
+ * role provides access to paths in Target. This value
+ * can be set only when HomeDirectoryType is set to
* LOGICAL.
* The following is an Entry and Target pair example.
@@ -238,18 +353,18 @@ export interface CreateAccessRequest { HomeDirectoryMappings?: HomeDirectoryMapEntry[]; /** - *
A session policy for your user so that you can use the same IAM role across multiple users. This policy scopes down user + *
A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's
* access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName},
* ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.
This only applies when the domain of ServerId is S3. EFS does not use session policies.
For session policies, Amazon Web Services Transfer Family stores the policy as a JSON blob, instead + *
This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies.
For session policies, Transfer Family stores the policy as a JSON blob, instead
* of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass
* it in the Policy argument.
For an example of a session policy, see Example * session policy.
- *For more information, see AssumeRole in the Amazon Web Services Security Token Service API + *
For more information, see AssumeRole in the Security Token Service API * Reference.
*Specifies the Amazon Resource Name (ARN) of the IAM role that controls your users' access to your Amazon S3 bucket or EFS - * file system. The policies attached to this role determine the level of access that you want to provide your users when transferring - * files into and out of your Amazon S3 bucket or EFS file system. The IAM role should also contain a trust relationship that allows the - * server to access your resources when servicing your users' transfer requests.
+ *The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 + * bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users + * when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust + * relationship that allows the server to access your resources when servicing your users' transfer requests.
*/ Role: string | undefined; @@ -280,7 +395,7 @@ export interface CreateAccessRequest { /** *A unique identifier that is required to identify specific groups within your directory. * The users of the group that you associate have access to your Amazon S3 or Amazon EFS - * resources over the enabled protocols using Amazon Web Services Transfer Family. If you know the group name, + * resources over the enabled protocols using Transfer Family. If you know the group name, * you can view the SID values by running the following command using Windows PowerShell.
* *@@ -289,7 +404,7 @@ export interface CreateAccessRequest { * *
In that command, replace YourGroupName with the name of your Active Directory group.
* - *The regex used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. + *
The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. * You can also include underscores or any of the following characters: =,.@:/-
*/ ExternalId: string | undefined; @@ -303,7 +418,7 @@ export interface CreateAccessResponse { /** *The external ID of the group whose users have access to your Amazon S3 or Amazon EFS - * resources over the enabled protocols using Amazon Web Services Transfer Family.
+ * resources over the enabled protocols using Transfer Family. */ ExternalId: string | undefined; } @@ -422,6 +537,165 @@ export class ServiceUnavailableException extends __BaseException { } } +/** + *Creates a key-value pair for a specific resource. Tags are metadata that you can use to
+ * search for and group a resource for various purposes. You can apply tags to servers, users,
+ * and roles. A tag key can take more than one value. For example, to group servers for
+ * accounting purposes, you might create a tag called Group and assign the values
+ * Research and Accounting to that group.
The name assigned to the tag that you create.
+ */ + Key: string | undefined; + + /** + *Contains one or more values that you assigned to the key name you create.
+ */ + Value: string | undefined; +} + +export interface CreateAgreementRequest { + /** + *A name or short description to identify the agreement.
+ */ + Description?: string; + + /** + *A system-assigned unique identifier for a server instance. This is the specific server + * that the agreement uses.
+ */ + ServerId: string | undefined; + + /** + *A unique identifier for the AS2 local profile.
+ */ + LocalProfileId: string | undefined; + + /** + *A unique identifier for the partner profile used in the agreement.
+ */ + PartnerProfileId: string | undefined; + + /** + *The landing directory (folder) for files transferred by using the AS2 protocol.
+ *A BaseDirectory example is
+ * /DOC-EXAMPLE-BUCKET/home/mydirectory
+ * .
The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that grants access to at least the
+ * HomeDirectory of your users' Amazon S3 buckets.
The status of the agreement. The agreement can be either ACTIVE or
+ * INACTIVE.
Key-value pairs that can be used to group and search for agreements.
+ */ + Tags?: Tag[]; +} + +export interface CreateAgreementResponse { + /** + *The unique identifier for the agreement. Use this ID for deleting, or updating an + * agreement, as well as in any other API calls that require that you specify the agreement + * ID.
+ */ + AgreementId: string | undefined; +} + +export interface CreateConnectorRequest { + /** + *The URL of the partner's AS2 endpoint.
+ */ + Url: string | undefined; + + /** + *A structure that contains the parameters for a connector object.
+ */ + As2Config: As2ConnectorConfig | undefined; + + /** + *With AS2, you can send files by calling StartFileTransfer and specifying the
+ * file paths in the request parameter, SendFilePaths. We use the file’s parent
+ * directory (for example, for --send-file-paths /bucket/dir/file.txt, parent
+ * directory is /bucket/dir/) to temporarily store a processed AS2 message file,
+ * store the MDN when we receive them from the partner, and write a final JSON file containing
+ * relevant metadata of the transmission. So, the AccessRole needs to provide read
+ * and write access to the parent directory of the file location used in the
+ * StartFileTransfer request. Additionally, you need to provide read and write
+ * access to the parent directory of the files that you intend to send with
+ * StartFileTransfer.
The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a connector to turn + * on CloudWatch logging for Amazon S3 events. When set, you can view connector + * activity in your CloudWatch logs.
+ */ + LoggingRole?: string; + + /** + *Key-value pairs that can be used to group and search for connectors. Tags are metadata attached to connectors for any purpose.
+ */ + Tags?: Tag[]; +} + +export interface CreateConnectorResponse { + /** + *The unique identifier for the connector, returned after the API call succeeds.
+ */ + ConnectorId: string | undefined; +} + +export enum ProfileType { + LOCAL = "LOCAL", + PARTNER = "PARTNER", +} + +export interface CreateProfileRequest { + /** + *The As2Id is the AS2-name, as defined in the defined in
+ * the RFC 4130. For inbound transfers, this is the AS2-From header for the AS2 messages
+ * sent from the partner. For outbound connectors, this is the AS2-To header for the
+ * AS2 messages sent to the partner using the StartFileTransfer API operation. This ID cannot include spaces.
Indicates whether to list only LOCAL type profiles or only PARTNER type profiles.
+ * If not supplied in the request, the command lists all types of profiles.
An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.
+ */ + CertificateIds?: string[]; + + /** + *Key-value pairs that can be used to group and search for AS2 profiles.
+ */ + Tags?: Tag[]; +} + +export interface CreateProfileResponse { + /** + *The unique identifier for the AS2 profile, returned after the API call succeeds.
+ */ + ProfileId: string | undefined; +} + export enum Domain { EFS = "EFS", S3 = "S3", @@ -532,7 +806,7 @@ export interface IdentityProviderDetails { InvocationRole?: string; /** - *The identifier of the Amazon Web Services Directory Service directory that you want to stop sharing.
+ *The identifier of the Directory Service directory that you want to stop sharing.
*/ DirectoryId?: string; @@ -632,35 +906,22 @@ export interface ProtocolDetails { * */ SetStatOption?: SetStatOption | string; + + /** + *Indicates the transport method for the AS2 messages. Currently, only HTTP is supported.
+ */ + As2Transports?: (As2Transport | string)[]; } export enum Protocol { + AS2 = "AS2", FTP = "FTP", FTPS = "FTPS", SFTP = "SFTP", } /** - *Creates a key-value pair for a specific resource. Tags are metadata that you can use to
- * search for and group a resource for various purposes. You can apply tags to servers, users,
- * and roles. A tag key can take more than one value. For example, to group servers for
- * accounting purposes, you might create a tag called Group and assign the values
- * Research and Accounting to that group.
The name assigned to the tag that you create.
- */ - Key: string | undefined; - - /** - *Contains one or more values that you assigned to the key name you create.
- */ - Value: string | undefined; -} - -/** - *Specifies the workflow ID for the workflow to assign and the execution role used for executing the workflow.
+ *Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow.
*/ export interface WorkflowDetail { /** @@ -692,17 +953,17 @@ export interface WorkflowDetails { export interface CreateServerRequest { /** - *The Amazon Resource Name (ARN) of the Amazon Web Services Certificate Manager (ACM) certificate. Required + *
The Amazon Resource Name (ARN) of the Certificate Manager (ACM) certificate. Required
* when Protocols is set to FTPS.
To request a new public certificate, see Request a public certificate - * in the Amazon Web Services Certificate Manager User Guide.
+ * in the Certificate Manager User Guide. * *To import an existing certificate into ACM, see Importing certificates into ACM - * in the Amazon Web Services Certificate Manager User Guide.
+ * in the Certificate Manager User Guide. * *To request a private certificate to use FTPS through private IP addresses, see Request a - * private certificate in the Amazon Web Services Certificate Manager User + * private certificate in the Certificate Manager User * Guide.
* *Certificates with the following cryptographic algorithms and key sizes are @@ -746,8 +1007,8 @@ export interface CreateServerRequest { /** *
The virtual private cloud (VPC) endpoint settings that are configured for your server. - * When you host your endpoint within your VPC, you can make it accessible only to resources - * within your VPC, or you can attach Elastic IP addresses and make it accessible to clients over + * When you host your endpoint within your VPC, you can make your endpoint accessible only to resources + * within your VPC, or you can attach Elastic IP addresses and make your endpoint accessible to clients over * the internet. Your VPC's default security groups are automatically assigned to your * endpoint.
*/ @@ -782,7 +1043,7 @@ export interface CreateServerRequest { *Use the following command to generate an RSA 2048 bit key with no passphrase:
*
* ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key.
Use a minimum value of 2048 for the -b option: you can create a stronger key using 3072 or 4096.
Use a minimum value of 2048 for the -b option. You can create a stronger key by using 3072 or 4096.
Use the following command to generate an ECDSA 256 bit key with no passphrase:
*@@ -803,8 +1064,7 @@ export interface CreateServerRequest { * * * - *
For more information, see Change the host key for your SFTP-enabled server in the Amazon Web Services Transfer - * Family User Guide.
+ *For more information, see Change the host key for your SFTP-enabled server in the Transfer Family User Guide.
*/ HostKey?: string; @@ -818,30 +1078,31 @@ export interface CreateServerRequest { IdentityProviderDetails?: IdentityProviderDetails; /** - *Specifies the mode of authentication for a server. The default value is + *
The mode of authentication for a server. The default value is
* SERVICE_MANAGED, which allows you to store and access user credentials within
- * the Amazon Web Services Transfer Family service.
Use AWS_DIRECTORY_SERVICE to provide access to
- * Active Directory groups in Amazon Web Services Managed Active Directory or Microsoft Active Directory in your
- * on-premises environment or in Amazon Web Services using AD Connectors. This option also requires you to
- * provide a Directory ID using the IdentityProviderDetails parameter.
IdentityProviderDetails parameter.
* Use the API_GATEWAY value to integrate with an identity provider of your choosing. The
- * API_GATEWAY setting requires you to provide an API Gateway endpoint URL to call
- * for authentication using the IdentityProviderDetails parameter.
Use the AWS_LAMBDA value to directly use a Lambda function as your identity provider. If you choose this value,
- * you must specify the ARN for the lambda function in the Function parameter for the IdentityProviderDetails data type.
API_GATEWAY setting requires you to provide an Amazon API Gateway endpoint URL to call
+ * for authentication by using the IdentityProviderDetails parameter.
+ * Use the AWS_LAMBDA value to directly use an Lambda function as your identity provider.
+ * If you choose this value, you must specify the ARN for the Lambda function in the Function parameter
+ * or the IdentityProviderDetails data type.
Specifies the Amazon Resource Name (ARN) of the Amazon Web Services Identity and Access Management (IAM) role that allows a server to turn - * on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, user activity can be viewed in + *
The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a server to turn + * on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in * your CloudWatch logs.
*/ LoggingRole?: string; /** - *Specify a string to display when users connect to a server. This string is displayed after the user authenticates.
+ *Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.
*The SFTP protocol does not support post-authentication display banners.
*Specify a string to display when users connect to a server. This string is displayed before the user authenticates. - * For example, the following banner displays details about using the system.
+ *Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. + * For example, the following banner displays details about using the system:
+ * *
*
*
+ * If you select If If If you select If If If If If
- * Use the Use the To ignore the error that is generated when the client attempts to use the To determine whether your Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the
+ * Use the
+ * Specifies the workflow ID for the workflow to assign and the execution role used for executing the workflow. Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow. The type of landing directory (folder) you want your users' home directory to be when they log into the server.
- * If you set it to The type of landing directory (folder) that you want your users' home directory to be when they log in to the server.
+ * If you set it to This system is for the use of authorized users only. Individuals using this computer system without authority,
* or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by
@@ -878,23 +1140,38 @@ export interface CreateServerRequest {
* FTP (File Transfer Protocol): Unencrypted file transferAS2 (Applicability Statement 2): used for transporting structured business-to-business dataFTPS, you must choose a certificate stored in Amazon Web Services Certificate
- * Manager (ACM) which is used to identify your server when clients connect to it over
- * FTPS.Protocol includes either FTP or FTPS, then the
- * EndpointType must be VPC and the
- * IdentityProviderType must be AWS_DIRECTORY_SERVICE or API_GATEWAY.Protocol includes FTP, then
+ *
+ *
* FTPS, you must choose a certificate stored in Certificate Manager (ACM)
+ * which is used to identify your server when clients connect to it over
+ * FTPS.Protocol includes either FTP or FTPS, then the
+ * EndpointType must be VPC and the
+ * IdentityProviderType must be AWS_DIRECTORY_SERVICE or API_GATEWAY.Protocol includes FTP, then
* AddressAllocationIds cannot be associated.Protocol is set only to SFTP, the EndpointType
- * can be set to PUBLIC and the IdentityProviderType can be set to
- * SERVICE_MANAGED.Protocol is set only to SFTP, the EndpointType
+ * can be set to PUBLIC and the IdentityProviderType can be set to
+ * SERVICE_MANAGED.Protocol includes AS2, then the
+ * EndpointType must be VPC, and domain must be Amazon S3.
*
*/
@@ -933,7 +1216,7 @@ export interface CreateServerRequest {
Tags?: Tag[];
/**
- * PassiveIp parameter to indicate passive mode (for FTP and FTPS protocols).
+ * To indicate passive mode (for FTP and FTPS protocols), use the PassiveIp parameter.
* Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.
* SetStatOption to ignore the error that is generated when the client attempts to use SETSTAT on a file you are uploading to an S3 bucket.
- * Set the value to ENABLE_NO_OP to have the Transfer Family server ignore the SETSTAT command, and upload files without needing to make any changes to your SFTP client.
- * Note that with SetStatOption set to ENABLE_NO_OP, Transfer generates a log entry to CloudWatch Logs, so you can determine when the client
- * is making a SETSTAT call.SETSTAT command on a file that you are
+ * uploading to an Amazon S3 bucket, use the SetStatOption parameter. To have the Transfer Family server ignore the
+ * SETSTAT command and upload files without needing to make any changes to your SFTP client, set the value to
+ * ENABLE_NO_OP. If you set the SetStatOption parameter to ENABLE_NO_OP, Transfer Family
+ * generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a SETSTAT
+ * call.TlsSessionResumptionMode parameter.TlsSessionResumptionMode parameter to determine whether or not your Transfer server
- * resumes recent, negotiated sessions through a unique session ID.As2Transports indicates the transport method for the AS2 messages. Currently, only HTTP is supported.PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer protocol clients.
- * If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for how you want to make Amazon
- * S3 or EFS paths visible to your users.PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer
+ * protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for
+ * how you want to make Amazon S3 or Amazon EFS paths visible to your users.Entry and Target pair, where Entry shows how the path
* is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you
- * only specify a target, it is displayed as is. You also must ensure that your Amazon Web Services Identity
- * and Access Management (IAM) role provides access to paths in Target. This value
- * can only be set when HomeDirectoryType is set to
+ * only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM)
+ * role provides access to paths in Target. This value
+ * can be set only when HomeDirectoryType is set to
* LOGICAL.
The following is an Entry and Target pair example.
A session policy for your user so that you can use the same IAM role across multiple users. This policy scopes down user + *
A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's
* access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName},
* ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.
This only applies when the domain of ServerId is S3. EFS does not use session policies.
For session policies, Amazon Web Services Transfer Family stores the policy as a JSON blob, instead + *
This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies.
For session policies, Transfer Family stores the policy as a JSON blob, instead
* of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass
* it in the Policy argument.
Specifies the Amazon Resource Name (ARN) of the IAM role that controls your users' access to your Amazon S3 bucket or EFS - * file system. The policies attached to this role determine the level of access that you want to provide your users when transferring - * files into and out of your Amazon S3 bucket or EFS file system. The IAM role should also contain a trust relationship that allows the - * server to access your resources when servicing your users' transfer requests.
+ *The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 + * bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users + * when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust + * relationship that allows the server to access your resources when servicing your users' transfer requests.
*/ Role: string | undefined; @@ -1217,19 +1500,19 @@ export interface WorkflowStep { *- * COPY: copy the file to another location
+ * COPY: Copy the file to another location. *- * CUSTOM: custom step with a lambda target
+ * CUSTOM: Perform a custom step with an Lambda function target. *- * DELETE: delete the file
+ * DELETE: Delete the file. *- * TAG: add a tag to the file
+ * TAG: Add a tag to the file. *- * COPY: copy the file to another location
+ * COPY: Copy the file to another location. *- * CUSTOM: custom step with a lambda target
+ * CUSTOM: Perform a custom step with an Lambda function target. *- * DELETE: delete the file
+ * DELETE: Delete the file. *- * TAG: add a tag to the file
+ * TAG: Add a tag to the file. *- * For file location, you specify either the S3 bucket and key, or the EFS filesystem ID and path. - *
+ *For file location, you specify either the S3 bucket and key, or the EFS file system ID + * and path.
*/ Steps: WorkflowStep[] | undefined; @@ -1353,7 +1635,7 @@ export interface DeleteAccessRequest { /** *A unique identifier that is required to identify specific groups within your directory. * The users of the group that you associate have access to your Amazon S3 or Amazon EFS - * resources over the enabled protocols using Amazon Web Services Transfer Family. If you know the group name, + * resources over the enabled protocols using Transfer Family. If you know the group name, * you can view the SID values by running the following command using Windows PowerShell.
* *@@ -1362,12 +1644,45 @@ export interface DeleteAccessRequest { * *
In that command, replace YourGroupName with the name of your Active Directory group.
* - *The regex used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. + *
The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. * You can also include underscores or any of the following characters: =,.@:/-
*/ ExternalId: string | undefined; } +export interface DeleteAgreementRequest { + /** + *A unique identifier for the agreement. This identifier is returned when you create an agreement.
+ */ + AgreementId: string | undefined; + + /** + *The server ID associated with the agreement that you are deleting.
+ */ + ServerId: string | undefined; +} + +export interface DeleteCertificateRequest { + /** + *The ID of the certificate object that you are deleting.
+ */ + CertificateId: string | undefined; +} + +export interface DeleteConnectorRequest { + /** + *The unique identifier for the connector.
+ */ + ConnectorId: string | undefined; +} + +export interface DeleteProfileRequest { + /** + *The ID of the profile that you are deleting.
+ */ + ProfileId: string | undefined; +} + export interface DeleteServerRequest { /** *A unique system-assigned identifier for a server instance.
@@ -1422,7 +1737,7 @@ export interface DescribeAccessRequest { /** *A unique identifier that is required to identify specific groups within your directory. * The users of the group that you associate have access to your Amazon S3 or Amazon EFS - * resources over the enabled protocols using Amazon Web Services Transfer Family. If you know the group name, + * resources over the enabled protocols using Transfer Family. If you know the group name, * you can view the SID values by running the following command using Windows PowerShell.
* *@@ -1431,7 +1746,7 @@ export interface DescribeAccessRequest { * *
In that command, replace YourGroupName with the name of your Active Directory group.
* - *The regex used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. + *
The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. * You can also include underscores or any of the following characters: =,.@:/-
*/ ExternalId: string | undefined; @@ -1452,9 +1767,9 @@ export interface DescribedAccess { * be visible to your user and how you want to make them visible. You must specify the *Entry and Target pair, where Entry shows how the path
* is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you
- * only specify a target, it is displayed as is. You also must ensure that your Amazon Web Services Identity
- * and Access Management (IAM) role provides access to paths in Target. This value
- * can only be set when HomeDirectoryType is set to
+ * only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM)
+ * role provides access to paths in Target. This value
+ * can be set only when HomeDirectoryType is set to
* LOGICAL.
*
* In most cases, you can use this value instead of the session policy to lock down the @@ -1465,15 +1780,15 @@ export interface DescribedAccess { HomeDirectoryMappings?: HomeDirectoryMapEntry[]; /** - *
The type of landing directory (folder) you want your users' home directory to be when they log into the server.
- * If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer protocol clients.
- * If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for how you want to make Amazon
- * S3 or EFS paths visible to your users.
The type of landing directory (folder) that you want your users' home directory to be when they log in to the server.
+ * If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer
+ * protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for
+ * how you want to make Amazon S3 or Amazon EFS paths visible to your users.
A session policy for your user so that you can use the same IAM role across multiple users. This policy scopes down user + *
A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's
* access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName},
* ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.
Specifies the Amazon Resource Name (ARN) of the IAM role that controls your users' access to your Amazon S3 bucket or EFS - * file system. The policies attached to this role determine the level of access that you want to provide your users when transferring - * files into and out of your Amazon S3 bucket or EFS file system. The IAM role should also contain a trust relationship that allows the - * server to access your resources when servicing your users' transfer requests.
+ *The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 + * bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users + * when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust + * relationship that allows the server to access your resources when servicing your users' transfer requests.
*/ Role?: string; /** *A unique identifier that is required to identify specific groups within your directory. * The users of the group that you associate have access to your Amazon S3 or Amazon EFS - * resources over the enabled protocols using Amazon Web Services Transfer Family. If you know the group name, + * resources over the enabled protocols using Transfer Family. If you know the group name, * you can view the SID values by running the following command using Windows PowerShell.
* *@@ -1508,7 +1823,7 @@ export interface DescribedAccess { * *
In that command, replace YourGroupName with the name of your Active Directory group.
* - *The regex used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. + *
The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. * You can also include underscores or any of the following characters: =,.@:/-
*/ ExternalId?: string; @@ -1526,65 +1841,303 @@ export interface DescribeAccessResponse { Access: DescribedAccess | undefined; } +export interface DescribeAgreementRequest { + /** + *A unique identifier for the agreement. This identifier is returned when you create an agreement.
+ */ + AgreementId: string | undefined; + + /** + *The server ID that's associated with the agreement.
+ */ + ServerId: string | undefined; +} + /** - *Specifies the details for the file location for the file being used in the workflow. Only applicable if you are using S3 storage.
+ *Describes the properties of an agreement.
*/ -export interface S3FileLocation { +export interface DescribedAgreement { /** - *Specifies the S3 bucket that contains the file being used.
+ *The unique Amazon Resource Name (ARN) for the agreement.
*/ - Bucket?: string; + Arn: string | undefined; /** - *The name assigned to the file when it was created in S3. You use the object key to retrieve the object.
+ *A unique identifier for the agreement. This identifier is returned when you create an agreement.
*/ - Key?: string; + AgreementId?: string; /** - *Specifies the file version.
+ *The name or short description that's used to identify the agreement.
*/ - VersionId?: string; + Description?: string; /** - *The entity tag is a hash of the object. The ETag reflects changes only to the contents of an object, not its metadata.
+ *The current status of the agreement, either ACTIVE or
+ * INACTIVE.
Specifies the Amazon S3 or EFS file details to be used in the step.
- */ -export interface FileLocation { /** - *Specifies the S3 details for the file being used, such as bucket, Etag, and so forth.
+ *A system-assigned unique identifier for a server instance. This identifier indicates the + * specific server that the agreement uses.
*/ - S3FileLocation?: S3FileLocation; + ServerId?: string; /** - *Specifies the Amazon EFS ID and the path for the file being used.
+ *A unique identifier for the AS2 process.
*/ - EfsFileLocation?: EfsFileLocation; -} + LocalProfileId?: string; -/** - *Consists of the logging role and the log group name.
- */ -export interface LoggingConfiguration { /** - *Specifies the Amazon Resource Name (ARN) of the Amazon Web Services Identity and Access Management (IAM) role that allows a server to turn - * on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, user activity can be viewed in - * your CloudWatch logs.
+ *A unique identifier for the partner in the agreement.
*/ - LoggingRole?: string; + PartnerProfileId?: string; /** - *The name of the CloudWatch logging group for the Amazon Web Services Transfer server to which this workflow belongs.
+ *The landing directory (folder) for files that are transferred by using the AS2 + * protocol.
*/ - LogGroupName?: string; + BaseDirectory?: string; + + /** + *The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that grants access to at least the
+ * HomeDirectory of your users' Amazon S3 buckets.
Key-value pairs that can be used to group and search for agreements.
+ */ + Tags?: Tag[]; } -export enum ExecutionErrorType { - ALREADY_EXISTS = "ALREADY_EXISTS", +export interface DescribeAgreementResponse { + /** + *The details for the specified agreement, returned as a DescribedAgreement
+ * object.
An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.
+ */ + CertificateId: string | undefined; +} + +/** + *Describes the properties of a certificate.
+ */ +export interface DescribedCertificate { + /** + *The unique Amazon Resource Name (ARN) for the certificate.
+ */ + Arn: string | undefined; + + /** + *An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.
+ */ + CertificateId?: string; + + /** + *Specifies whether this certificate is used for signing or encryption.
+ */ + Usage?: CertificateUsageType | string; + + /** + *The certificate can be either ACTIVE, PENDING_ROTATION, or
+ * INACTIVE. PENDING_ROTATION means that this certificate will
+ * replace the current certificate when it expires.
The file name for the certificate.
+ */ + Certificate?: string; + + /** + *The list of certificates that make up the chain for the certificate.
+ */ + CertificateChain?: string; + + /** + *An optional date that specifies when the certificate becomes active.
+ */ + ActiveDate?: Date; + + /** + *An optional date that specifies when the certificate becomes inactive.
+ */ + InactiveDate?: Date; + + /** + *The serial number for the certificate.
+ */ + Serial?: string; + + /** + *The earliest date that the certificate is valid.
+ */ + NotBeforeDate?: Date; + + /** + *The final date that the certificate is + * valid.
+ */ + NotAfterDate?: Date; + + /** + *If a private key has been specified for the certificate, its type is CERTIFICATE_WITH_PRIVATE_KEY. If there is no private key, the type is CERTIFICATE.
The name or description that's used to identity the certificate.
+ */ + Description?: string; + + /** + *Key-value pairs that can be used to group and search for certificates.
+ */ + Tags?: Tag[]; +} + +export interface DescribeCertificateResponse { + /** + *The details for the specified certificate, returned as an object.
+ */ + Certificate: DescribedCertificate | undefined; +} + +export interface DescribeConnectorRequest { + /** + *The unique identifier for the connector.
+ */ + ConnectorId: string | undefined; +} + +/** + *Describes the parameters for the connector, as identified by the
+ * ConnectorId.
The unique Amazon Resource Name (ARN) for the connector.
+ */ + Arn: string | undefined; + + /** + *The unique identifier for the connector.
+ */ + ConnectorId?: string; + + /** + *The URL of the partner's AS2 endpoint.
+ */ + Url?: string; + + /** + *A structure that contains the parameters for a connector object.
+ */ + As2Config?: As2ConnectorConfig; + + /** + *With AS2, you can send files by calling StartFileTransfer and specifying the
+ * file paths in the request parameter, SendFilePaths. We use the file’s parent
+ * directory (for example, for --send-file-paths /bucket/dir/file.txt, parent
+ * directory is /bucket/dir/) to temporarily store a processed AS2 message file,
+ * store the MDN when we receive them from the partner, and write a final JSON file containing
+ * relevant metadata of the transmission. So, the AccessRole needs to provide read
+ * and write access to the parent directory of the file location used in the
+ * StartFileTransfer request. Additionally, you need to provide read and write
+ * access to the parent directory of the files that you intend to send with
+ * StartFileTransfer.
The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a connector to turn + * on CloudWatch logging for Amazon S3 events. When set, you can view connector + * activity in your CloudWatch logs.
+ */ + LoggingRole?: string; + + /** + *Key-value pairs that can be used to group and search for connectors.
+ */ + Tags?: Tag[]; +} + +export interface DescribeConnectorResponse { + /** + *The structure that contains the details of the connector.
+ */ + Connector: DescribedConnector | undefined; +} + +/** + *Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using S3 storage.
+ */ +export interface S3FileLocation { + /** + *Specifies the S3 bucket that contains the file being used.
+ */ + Bucket?: string; + + /** + *The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.
+ */ + Key?: string; + + /** + *Specifies the file version.
+ */ + VersionId?: string; + + /** + *The entity tag is a hash of the object. The ETag reflects changes only to the contents of an object, not its metadata.
+ */ + Etag?: string; +} + +/** + *Specifies the Amazon S3 or EFS file details to be used in the step.
+ */ +export interface FileLocation { + /** + *Specifies the S3 details for the file being used, such as bucket, ETag, and so + * forth.
+ */ + S3FileLocation?: S3FileLocation; + + /** + *Specifies the Amazon EFS ID and the path for the file being used.
+ */ + EfsFileLocation?: EfsFileLocation; +} + +/** + *Consists of the logging role and the log group name.
+ */ +export interface LoggingConfiguration { + /** + *The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a server to turn + * on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in + * your CloudWatch logs.
+ */ + LoggingRole?: string; + + /** + *The name of the CloudWatch logging group for the Transfer Family server to which this workflow belongs.
+ */ + LogGroupName?: string; +} + +export enum ExecutionErrorType { + ALREADY_EXISTS = "ALREADY_EXISTS", BAD_REQUEST = "BAD_REQUEST", CUSTOM_STEP_FAILED = "CUSTOM_STEP_FAILED", INTERNAL_SERVER_ERROR = "INTERNAL_SERVER_ERROR", @@ -1660,19 +2213,19 @@ export interface ExecutionStepResult { *- * COPY: copy the file to another location
+ * COPY: Copy the file to another location. *- * CUSTOM: custom step with a lambda target
+ * CUSTOM: Perform a custom step with an Lambda function target. *- * DELETE: delete the file
+ * DELETE: Delete the file. *- * TAG: add a tag to the file
+ * TAG: Add a tag to the file. *Specifies the details for an error, if it occurred during execution of the specified workfow step.
+ *Specifies the details for an error, if it occurred during execution of the specified + * workflow step.
*/ Error?: ExecutionError; } @@ -1725,7 +2279,7 @@ export interface UserDetails { } /** - *A container object for the session details associated with a workflow.
+ *A container object for the session details that are associated with a workflow.
*/ export interface ServiceMetadata { /** @@ -1758,7 +2312,7 @@ export interface DescribedExecution { InitialFileLocation?: FileLocation; /** - *A container object for the session details associated with a workflow.
+ *A container object for the session details that are associated with a workflow.
*/ ServiceMetadata?: ServiceMetadata; @@ -1794,6 +2348,43 @@ export interface DescribedExecution { Results?: ExecutionResults; } +/** + *The details for a local or partner AS2 profile. + * profile.
+ */ +export interface DescribedProfile { + /** + *The unique Amazon Resource Name (ARN) for the profile.
+ */ + Arn: string | undefined; + + /** + *A unique identifier for the local or partner AS2 profile.
+ */ + ProfileId?: string; + + /** + *Indicates whether to list only LOCAL type profiles or only PARTNER type profiles.
+ * If not supplied in the request, the command lists all types of profiles.
The unique identifier for the AS2 process.
+ */ + As2Id?: string; + + /** + *An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.
+ */ + CertificateIds?: string[]; + + /** + *Key-value pairs that can be used to group and search for profiles.
+ */ + Tags?: Tag[]; +} + /** * *Use AWS_DIRECTORY_SERVICE to provide access to
- * Active Directory groups in Amazon Web Services Managed Active Directory or Microsoft Active Directory in your
- * on-premises environment or in Amazon Web Services using AD Connectors. This option also requires you to
- * provide a Directory ID using the IdentityProviderDetails parameter.
IdentityProviderDetails parameter.
* Use the API_GATEWAY value to integrate with an identity provider of your choosing. The
- * API_GATEWAY setting requires you to provide an API Gateway endpoint URL to call
- * for authentication using the IdentityProviderDetails parameter.
Use the AWS_LAMBDA value to directly use a Lambda function as your identity provider. If you choose this value,
- * you must specify the ARN for the lambda function in the Function parameter for the IdentityProviderDetails data type.
API_GATEWAY setting requires you to provide an Amazon API Gateway endpoint URL to call
+ * for authentication by using the IdentityProviderDetails parameter.
+ * Use the AWS_LAMBDA value to directly use an Lambda function as your identity provider.
+ * If you choose this value, you must specify the ARN for the Lambda function in the Function parameter
+ * or the IdentityProviderDetails data type.
Specifies the Amazon Resource Name (ARN) of the Amazon Web Services Identity and Access Management (IAM) role that allows a server to turn - * on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, user activity can be viewed in + *
The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a server to turn + * on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in * your CloudWatch logs.
*/ LoggingRole?: string; /** - *Specify a string to display when users connect to a server. This string is displayed after the user authenticates.
+ *Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.
*The SFTP protocol does not support post-authentication display banners.
*Specify a string to display when users connect to a server. This string is displayed before the user authenticates. - * For example, the following banner displays details about using the system.
+ *Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. + * For example, the following banner displays details about using the system:
+ * *
* Specifies the condition of a server for the server that was described. A value of
+ * The condition of the server that was described. A value of
* Specifies the workflow ID for the workflow to assign and the execution role used for executing the workflow. Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow.This system is for the use of authorized users only. Individuals using this computer system without authority,
* or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by
@@ -1982,7 +2575,7 @@ export interface DescribedServer {
ServerId?: string;
/**
- * ONLINE indicates that the server can accept jobs and transfer files. A
* State value of OFFLINE means that the server cannot perform file
* transfer operations.Entry and Target pair, where Entry shows how the path
* is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you
- * only specify a target, it is displayed as is. You also must ensure that your Amazon Web Services Identity
- * and Access Management (IAM) role provides access to paths in Target. This value
- * can only be set when HomeDirectoryType is set to
+ * only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM)
+ * role provides access to paths in Target. This value
+ * can be set only when HomeDirectoryType is set to
* LOGICAL.
In most cases, you can use this value instead of the session policy to lock your user @@ -2073,15 +2666,15 @@ export interface DescribedUser { HomeDirectoryMappings?: HomeDirectoryMapEntry[]; /** - *
The type of landing directory (folder) you want your users' home directory to be when they log into the server.
- * If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer protocol clients.
- * If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for how you want to make Amazon
- * S3 or EFS paths visible to your users.
The type of landing directory (folder) that you want your users' home directory to be when they log in to the server.
+ * If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer
+ * protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for
+ * how you want to make Amazon S3 or Amazon EFS paths visible to your users.
A session policy for your user so that you can use the same IAM role across multiple users. This policy scopes down user + *
A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's
* access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName},
* ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.
Specifies the Amazon Resource Name (ARN) of the IAM role that controls your users' access to your Amazon S3 bucket or EFS - * file system. The policies attached to this role determine the level of access that you want to provide your users when transferring - * files into and out of your Amazon S3 bucket or EFS file system. The IAM role should also contain a trust relationship that allows the - * server to access your resources when servicing your users' transfer requests.
+ *The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 + * bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users + * when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust + * relationship that allows the server to access your resources when servicing your users' transfer requests.
*/ Role?: string; @@ -2184,6 +2777,20 @@ export interface DescribeExecutionResponse { Execution: DescribedExecution | undefined; } +export interface DescribeProfileRequest { + /** + *The identifier of the profile that you want described.
+ */ + ProfileId: string | undefined; +} + +export interface DescribeProfileResponse { + /** + *The details of the specified profile, returned as an object.
+ */ + Profile: DescribedProfile | undefined; +} + export interface DescribeSecurityPolicyRequest { /** *Specifies the name of the security policy that is attached to the server.
@@ -2221,7 +2828,7 @@ export interface DescribeUserRequest { /** *The name of the user assigned to one or more servers. User names are part of the sign-in - * credentials to use the Amazon Web Services Transfer Family service and perform file transfer tasks.
+ * credentials to use the Transfer Family service and perform file transfer tasks. */ UserName: string | undefined; } @@ -2253,6 +2860,56 @@ export interface DescribeWorkflowResponse { Workflow: DescribedWorkflow | undefined; } +export interface ImportCertificateRequest { + /** + *Specifies whether this certificate is used for signing or encryption.
+ */ + Usage: CertificateUsageType | string | undefined; + + /** + *The file that contains the certificate to import.
+ */ + Certificate: string | undefined; + + /** + *An optional list of certificates that make up the chain for the certificate that's being + * imported.
+ */ + CertificateChain?: string; + + /** + *The file that contains the private key for the certificate that's being imported.
+ */ + PrivateKey?: string; + + /** + *An optional date that specifies when the certificate becomes active.
+ */ + ActiveDate?: Date; + + /** + *An optional date that specifies when the certificate becomes inactive.
+ */ + InactiveDate?: Date; + + /** + *A short description that helps identify the certificate.
+ */ + Description?: string; + + /** + *Key-value pairs that can be used to group and search for certificates.
+ */ + Tags?: Tag[]; +} + +export interface ImportCertificateResponse { + /** + *An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.
+ */ + CertificateId: string | undefined; +} + export interface ImportSshPublicKeyRequest { /** *A system-assigned unique identifier for a server.
@@ -2345,25 +3002,25 @@ export interface ListedAccess { HomeDirectory?: string; /** - *The type of landing directory (folder) you want your users' home directory to be when they log into the server.
- * If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer protocol clients.
- * If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for how you want to make Amazon
- * S3 or EFS paths visible to your users.
The type of landing directory (folder) that you want your users' home directory to be when they log in to the server.
+ * If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer
+ * protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for
+ * how you want to make Amazon S3 or Amazon EFS paths visible to your users.
Specifies the Amazon Resource Name (ARN) of the IAM role that controls your users' access to your Amazon S3 bucket or EFS - * file system. The policies attached to this role determine the level of access that you want to provide your users when transferring - * files into and out of your Amazon S3 bucket or EFS file system. The IAM role should also contain a trust relationship that allows the - * server to access your resources when servicing your users' transfer requests.
+ *The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 + * bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users + * when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust + * relationship that allows the server to access your resources when servicing your users' transfer requests.
*/ Role?: string; /** *A unique identifier that is required to identify specific groups within your directory. * The users of the group that you associate have access to your Amazon S3 or Amazon EFS - * resources over the enabled protocols using Amazon Web Services Transfer Family. If you know the group name, + * resources over the enabled protocols using Transfer Family. If you know the group name, * you can view the SID values by running the following command using Windows PowerShell.
* *@@ -2372,7 +3029,7 @@ export interface ListedAccess { * *
In that command, replace YourGroupName with the name of your Active Directory group.
* - *The regex used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. + *
The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. * You can also include underscores or any of the following characters: =,.@:/-
*/ ExternalId?: string; @@ -2399,85 +3056,311 @@ export interface ListAccessesResponse { Accesses: ListedAccess[] | undefined; } -/** - *Returns properties of the execution that is specified.
- */ -export interface ListedExecution { - /** - *A unique identifier for the execution of a workflow.
- */ - ExecutionId?: string; - +export interface ListAgreementsRequest { /** - *A structure that describes the Amazon S3 or EFS file location. - * This is the file location when the execution begins: if the file is being copied, - * this is the initial (as opposed to destination) file location.
+ *The maximum number of agreements to return.
*/ - InitialFileLocation?: FileLocation; + MaxResults?: number; /** - *A container object for the session details associated with a workflow.
+ *When you can get additional results from the ListAgreements call, a
+ * NextToken parameter is returned in the output. You can then pass in a
+ * subsequent command to the NextToken parameter to continue listing additional
+ * agreements.
The status is one of the execution. Can be in progress, completed, exception encountered, or handling the exception.
+ *The identifier of the server for which you want a list of agreements.
*/ - Status?: ExecutionStatus | string; + ServerId: string | undefined; } /** - *Returns properties of a file transfer protocol-enabled server that was specified.
+ *Describes the properties of an agreement.
*/ -export interface ListedServer { +export interface ListedAgreement { /** - *Specifies the unique Amazon Resource Name (ARN) for a server to be listed.
+ *The Amazon Resource Name (ARN) of the specified agreement.
*/ - Arn: string | undefined; + Arn?: string; /** - *Specifies the domain of the storage system that is used for file transfers.
+ *A unique identifier for the agreement. This identifier is returned when you create an agreement.
*/ - Domain?: Domain | string; + AgreementId?: string; /** - *Specifies the mode of authentication for a server. The default value is
- * SERVICE_MANAGED, which allows you to store and access user credentials within
- * the Amazon Web Services Transfer Family service.
Use AWS_DIRECTORY_SERVICE to provide access to
- * Active Directory groups in Amazon Web Services Managed Active Directory or Microsoft Active Directory in your
- * on-premises environment or in Amazon Web Services using AD Connectors. This option also requires you to
- * provide a Directory ID using the IdentityProviderDetails parameter.
Use the API_GATEWAY value to integrate with an identity provider of your choosing. The
- * API_GATEWAY setting requires you to provide an API Gateway endpoint URL to call
- * for authentication using the IdentityProviderDetails parameter.
Use the AWS_LAMBDA value to directly use a Lambda function as your identity provider. If you choose this value,
- * you must specify the ARN for the lambda function in the Function parameter for the IdentityProviderDetails data type.
The current description for the agreement. You can change it by calling the
+ * UpdateAgreement operation and providing a new description.
Specifies the type of VPC endpoint that your server is connected to. If your server is - * connected to a VPC endpoint, your server isn't accessible over the public internet.
+ *The agreement can be either ACTIVE or INACTIVE.
Specifies the Amazon Resource Name (ARN) of the Amazon Web Services Identity and Access Management (IAM) role that allows a server to turn - * on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, user activity can be viewed in - * your CloudWatch logs.
+ *The unique identifier for the agreement.
*/ - LoggingRole?: string; + ServerId?: string; /** - *Specifies the unique system assigned identifier for the servers that were listed.
+ *A unique identifier for the AS2 process.
*/ - ServerId?: string; + LocalProfileId?: string; /** - *Specifies the condition of a server for the server that was described. A value of
- * ONLINE indicates that the server can accept jobs and transfer files. A
- * State value of OFFLINE means that the server cannot perform file
+ *
A unique identifier for the partner process.
+ */ + PartnerProfileId?: string; +} + +export interface ListAgreementsResponse { + /** + *Returns a token that you can use to call ListAgreements again and receive
+ * additional results, if there are any.
Returns an array, where each item contains the details of an agreement.
+ */ + Agreements: ListedAgreement[] | undefined; +} + +export interface ListCertificatesRequest { + /** + *The maximum number of certificates to return.
+ */ + MaxResults?: number; + + /** + *When you can get additional results from the ListCertificates call, a
+ * NextToken parameter is returned in the output. You can then pass in a
+ * subsequent command to the NextToken parameter to continue listing additional
+ * certificates.
Describes the properties of a certificate.
+ */ +export interface ListedCertificate { + /** + *The Amazon Resource Name (ARN) of the specified certificate.
+ */ + Arn?: string; + + /** + *An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.
+ */ + CertificateId?: string; + + /** + *Specifies whether this certificate is used for signing or encryption.
+ */ + Usage?: CertificateUsageType | string; + + /** + *The certificate can be either ACTIVE, PENDING_ROTATION, or
+ * INACTIVE. PENDING_ROTATION means that this certificate will
+ * replace the current certificate when it expires.
An optional date that specifies when the certificate becomes active.
+ */ + ActiveDate?: Date; + + /** + *An optional date that specifies when the certificate becomes inactive.
+ */ + InactiveDate?: Date; + + /** + *The type for the certificate. If a private key has been specified for the certificate, its
+ * type is CERTIFICATE_WITH_PRIVATE_KEY. If there is no private key, the type is
+ * CERTIFICATE.
The name or short description that's used to identify the certificate.
+ */ + Description?: string; +} + +export interface ListCertificatesResponse { + /** + *Returns the next token, which you can use to list the next certificate.
+ */ + NextToken?: string; + + /** + *Returns an array of the certificates that are specified in the
+ * ListCertificates call.
The maximum number of connectors to return.
+ */ + MaxResults?: number; + + /** + *When you can get additional results from the ListConnectors call, a
+ * NextToken parameter is returned in the output. You can then pass in a
+ * subsequent command to the NextToken parameter to continue listing additional
+ * connectors.
Returns details of the connector that is specified.
+ */ +export interface ListedConnector { + /** + *The Amazon Resource Name (ARN) of the specified connector.
+ */ + Arn?: string; + + /** + *The unique identifier for the connector.
+ */ + ConnectorId?: string; + + /** + *The URL of the partner's AS2 endpoint.
+ */ + Url?: string; +} + +export interface ListConnectorsResponse { + /** + *Returns a token that you can use to call ListConnectors again and receive
+ * additional results, if there are any.
Returns an array, where each item contains the details of a connector.
+ */ + Connectors: ListedConnector[] | undefined; +} + +/** + *Returns properties of the execution that is specified.
+ */ +export interface ListedExecution { + /** + *A unique identifier for the execution of a workflow.
+ */ + ExecutionId?: string; + + /** + *A structure that describes the Amazon S3 or EFS file location. + * This is the file location when the execution begins: if the file is being copied, + * this is the initial (as opposed to destination) file location.
+ */ + InitialFileLocation?: FileLocation; + + /** + *A container object for the session details that are associated with a workflow.
+ */ + ServiceMetadata?: ServiceMetadata; + + /** + *The status is one of the execution. Can be in progress, completed, exception encountered, or handling the exception.
+ */ + Status?: ExecutionStatus | string; +} + +/** + *Returns the properties of the profile that was specified.
+ */ +export interface ListedProfile { + /** + *The Amazon Resource Name (ARN) of the specified profile.
+ */ + Arn?: string; + + /** + *A unique identifier for the local or partner AS2 profile.
+ */ + ProfileId?: string; + + /** + *The unique identifier for the AS2 process.
+ */ + As2Id?: string; + + /** + *Indicates whether to list only LOCAL type profiles or only PARTNER type profiles.
+ * If not supplied in the request, the command lists all types of profiles.
Returns properties of a file transfer protocol-enabled server that was specified.
+ */ +export interface ListedServer { + /** + *Specifies the unique Amazon Resource Name (ARN) for a server to be listed.
+ */ + Arn: string | undefined; + + /** + *Specifies the domain of the storage system that is used for file transfers.
+ */ + Domain?: Domain | string; + + /** + *The mode of authentication for a server. The default value is
+ * SERVICE_MANAGED, which allows you to store and access user credentials within
+ * the Transfer Family service.
Use AWS_DIRECTORY_SERVICE to provide access to
+ * Active Directory groups in Directory Service for Microsoft Active Directory or Microsoft Active Directory in your
+ * on-premises environment or in Amazon Web Services using AD Connector. This option also requires you to
+ * provide a Directory ID by using the IdentityProviderDetails parameter.
Use the API_GATEWAY value to integrate with an identity provider of your choosing. The
+ * API_GATEWAY setting requires you to provide an Amazon API Gateway endpoint URL to call
+ * for authentication by using the IdentityProviderDetails parameter.
Use the AWS_LAMBDA value to directly use an Lambda function as your identity provider.
+ * If you choose this value, you must specify the ARN for the Lambda function in the Function parameter
+ * or the IdentityProviderDetails data type.
Specifies the type of VPC endpoint that your server is connected to. If your server is + * connected to a VPC endpoint, your server isn't accessible over the public internet.
+ */ + EndpointType?: EndpointType | string; + + /** + *The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a server to turn + * on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in + * your CloudWatch logs.
+ */ + LoggingRole?: string; + + /** + *Specifies the unique system assigned identifier for the servers that were listed.
+ */ + ServerId?: string; + + /** + *The condition of the server that was described. A value of
+ * ONLINE indicates that the server can accept jobs and transfer files. A
+ * State value of OFFLINE means that the server cannot perform file
* transfer operations.
The states of STARTING and STOPPING indicate that the server is
@@ -2511,18 +3394,18 @@ export interface ListedUser {
HomeDirectory?: string;
/**
- *
The type of landing directory (folder) you want your users' home directory to be when they log into the server.
- * If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer protocol clients.
- * If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for how you want to make Amazon
- * S3 or EFS paths visible to your users.
The type of landing directory (folder) that you want your users' home directory to be when they log in to the server.
+ * If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer
+ * protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for
+ * how you want to make Amazon S3 or Amazon EFS paths visible to your users.
Specifies the Amazon Resource Name (ARN) of the IAM role that controls your users' access to your Amazon S3 bucket or EFS - * file system. The policies attached to this role determine the level of access that you want to provide your users when transferring - * files into and out of your Amazon S3 bucket or EFS file system. The IAM role should also contain a trust relationship that allows the - * server to access your resources when servicing your users' transfer requests.
+ *The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 + * bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users + * when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust + * relationship that allows the server to access your resources when servicing your users' transfer requests.
*The IAM role that controls your users' access to your Amazon S3 bucket for servers with Domain=S3, or your EFS file system for servers with Domain=EFS.
@@ -2568,7 +3451,7 @@ export interface ListedWorkflow {
export interface ListExecutionsRequest {
/**
- *
Specifies the aximum number of executions to return.
+ *Specifies the maximum number of executions to return.
*/ MaxResults?: number; @@ -2579,14 +3462,14 @@ export interface ListExecutionsRequest { * continue listing additional executions. *
* This is useful for pagination, for instance.
- * If you have 100 executions for a workflow, you might only want to list first 10. If so, callthe API by specifing the max-results:
+ * If you have 100 executions for a workflow, you might only want to list first 10. If so, call the API by specifying the max-results:
*
* aws transfer list-executions --max-results 10
*
* This returns details for the first 10 executions, as well as the pointer (NextToken) to the eleventh execution.
- * You can now call the API again, suppling the NextToken value you received:
+ * You can now call the API again, supplying the NextToken value you received:
*
* aws transfer list-executions --max-results 10 --next-token $somePointerReturnedFromPreviousListResult
@@ -2646,6 +3529,39 @@ export interface ListExecutionsResponse {
Executions: ListedExecution[] | undefined;
}
+export interface ListProfilesRequest {
+ /**
+ *
The maximum number of profiles to return.
+ */ + MaxResults?: number; + + /** + *When there are additional results that were not returned, a NextToken
+ * parameter is returned. You can use that value for a subsequent call to
+ * ListProfiles to continue listing results.
Indicates whether to list only LOCAL type profiles or only PARTNER type profiles.
+ * If not supplied in the request, the command lists all types of profiles.
Returns a token that you can use to call ListProfiles again and receive
+ * additional results, if there are any.
Returns an array, where each item contains the details of a profile.
+ */ + Profiles: ListedProfile[] | undefined; +} + export interface ListSecurityPoliciesRequest { /** *Specifies the number of security policies to return as a response to the @@ -2844,6 +3760,28 @@ export interface SendWorkflowStepStateRequest { export interface SendWorkflowStepStateResponse {} +export interface StartFileTransferRequest { + /** + *
The unique identifier for the connector.
+ */ + ConnectorId: string | undefined; + + /** + *An array of strings. Each string represents the absolute path for one outbound file transfer. For example,
+ *
+ * DOC-EXAMPLE-BUCKET/myfile.txt
+ * .
Returns the unique identifier for this file transfer.
+ */ + TransferId: string | undefined; +} + export interface StartServerRequest { /** *A system-assigned unique identifier for a server that you start.
@@ -2961,10 +3899,10 @@ export interface UpdateAccessRequest { HomeDirectory?: string; /** - *The type of landing directory (folder) you want your users' home directory to be when they log into the server.
- * If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer protocol clients.
- * If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for how you want to make Amazon
- * S3 or EFS paths visible to your users.
The type of landing directory (folder) that you want your users' home directory to be when they log in to the server.
+ * If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer
+ * protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for
+ * how you want to make Amazon S3 or Amazon EFS paths visible to your users.
Entry and Target pair, where Entry shows how the path
* is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you
- * only specify a target, it is displayed as is. You also must ensure that your Amazon Web Services Identity
- * and Access Management (IAM) role provides access to paths in Target. This value
- * can only be set when HomeDirectoryType is set to
+ * only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM)
+ * role provides access to paths in Target. This value
+ * can be set only when HomeDirectoryType is set to
* LOGICAL.
* The following is an Entry and Target pair example.
@@ -2993,14 +3931,13 @@ export interface UpdateAccessRequest { HomeDirectoryMappings?: HomeDirectoryMapEntry[]; /** - *
A session policy for your user so that you can use the same IAM role across multiple users. This policy scopes down user + *
A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's
* access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName},
* ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.
This only applies when the domain of ServerId is S3. EFS does not use session policies.
For session policies, Amazon Web Services Transfer Family stores the policy as a JSON blob, instead + *
This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies.
For session policies, Transfer Family stores the policy as a JSON blob, instead
* of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass
* it in the Policy argument.
For an example of a session policy, see Example
@@ -3021,10 +3958,10 @@ export interface UpdateAccessRequest {
PosixProfile?: PosixProfile;
/**
- * Specifies the Amazon Resource Name (ARN) of the IAM role that controls your users' access to your Amazon S3 bucket or EFS
- * file system. The policies attached to this role determine the level of access that you want to provide your users when transferring
- * files into and out of your Amazon S3 bucket or EFS file system. The IAM role should also contain a trust relationship that allows the
- * server to access your resources when servicing your users' transfer requests. The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3
+ * bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users
+ * when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust
+ * relationship that allows the server to access your resources when servicing your users' transfer requests. A unique identifier that is required to identify specific groups within your directory.
* The users of the group that you associate have access to your Amazon S3 or Amazon EFS
- * resources over the enabled protocols using Amazon Web Services Transfer Family. If you know the group name,
+ * resources over the enabled protocols using Transfer Family. If you know the group name,
* you can view the SID values by running the following command using Windows PowerShell.
@@ -3045,7 +3982,7 @@ export interface UpdateAccessRequest {
*
* In that command, replace YourGroupName with the name of your Active Directory group. The regex used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces.
+ * The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces.
* You can also include underscores or any of the following characters: =,.@:/- A unique identifier for the agreement. This identifier is returned when you create an agreement. A system-assigned unique identifier for a server instance. This is the specific server that the agreement uses. To replace the existing description, provide a short description for the agreement. You can update the status for the agreement, either activating an inactive agreement or
+ * the reverse. To change the local profile identifier, provide a new value
+ * here. To change the partner profile identifier, provide a new value here. To change the landing directory (folder) for files that are transferred, provide the
+ * bucket folder that you want to use; for example,
+ * The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that grants access to at least the
+ * A unique identifier for the agreement. This identifier is returned when you create an agreement. The identifier of the certificate object that you are updating. An optional date that specifies when the certificate becomes active. An optional date that specifies when the certificate becomes inactive. A short description to help identify the certificate. Returns the identifier of the certificate object that you are updating. The unique identifier for the connector. The URL of the partner's AS2 endpoint. A structure that contains the parameters for a connector object. With AS2, you can send files by calling The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a connector to turn
+ * on CloudWatch logging for Amazon S3 events. When set, you can view connector
+ * activity in your CloudWatch logs. Returns the identifier of the connector object that you are updating. The identifier of the profile object that you are updating. An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles. Returns the identifier for the profile that's being updated. The Amazon Resource Name (ARN) of the Amazon Web ServicesCertificate Manager (ACM) certificate. Required
@@ -3112,19 +4197,25 @@ export interface UpdateServerRequest {
*
- * Use the Use the To ignore the error that is generated when the client attempts to use the Use the To determine whether your Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the
+ *
+ * The virtual private cloud (VPC) endpoint settings that are configured for your server.
- * When you host your endpoint within your VPC, you can make it accessible only to resources
- * within your VPC, or you can attach Elastic IP addresses and make it accessible to clients over
+ * When you host your endpoint within your VPC, you can make your endpoint accessible only to resources
+ * within your VPC, or you can attach Elastic IP addresses and make your endpoint accessible to clients over
* the internet. Your VPC's default security groups are automatically assigned to your
* endpoint. Use the following command to generate an RSA 2048 bit key with no passphrase:
* Use a minimum value of 2048 for the Use a minimum value of 2048 for the Use the following command to generate an ECDSA 256 bit key with no passphrase:
@@ -3189,8 +4280,7 @@ export interface UpdateServerRequest {
*
*
*
- * For more information, see Change the host key for your SFTP-enabled server in the Amazon Web Services Transfer
- * Family User Guide. For more information, see Change the host key for your SFTP-enabled server in the Transfer Family User Guide. Specifies the Amazon Resource Name (ARN) of the Amazon Web Services Identity and Access Management (IAM) role that allows a server to turn
- * on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, user activity can be viewed in
+ * The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a server to turn
+ * on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in
* your CloudWatch logs. Specify a string to display when users connect to a server. This string is displayed after the user authenticates. Specifies a string to display when users connect to a server. This string is displayed after the user authenticates. The SFTP protocol does not support post-authentication display banners. Specify a string to display when users connect to a server. This string is displayed before the user authenticates.
- * For example, the following banner displays details about using the system. Specifies a string to display when users connect to a server. This string is displayed before the user authenticates.
+ * For example, the following banner displays details about using the system:
* Specifies the workflow ID for the workflow to assign and the execution role used for executing the workflow. Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow. To remove an associated workflow from a server, you can provide an empty
* The type of landing directory (folder) you want your users' home directory to be when they log into the server.
- * If you set it to The type of landing directory (folder) that you want your users' home directory to be when they log in to the server.
+ * If you set it to The following is an A session policy for your user so that you can use the same IAM role across multiple users. This policy scopes down user
+ * A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's
* access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include This only applies when the domain of For session policies, Amazon Web Services Transfer Family stores the policy as a JSON blob, instead
+ * This policy applies only when the domain of For session policies, Transfer Family stores the policy as a JSON blob, instead
* of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass
* it in the Specifies the Amazon Resource Name (ARN) of the IAM role that controls your users' access to your Amazon S3 bucket or EFS
- * file system. The policies attached to this role determine the level of access that you want to provide your users when transferring
- * files into and out of your Amazon S3 bucket or EFS file system. The IAM role should also contain a trust relationship that allows the
- * server to access your resources when servicing your users' transfer requests. The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3
+ * bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users
+ * when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust
+ * relationship that allows the server to access your resources when servicing your users' transfer requests./DOC-EXAMPLE-BUCKET/home/mydirectory
+ * .HomeDirectory of your users' Amazon S3 buckets.StartFileTransfer and specifying the
+ * file paths in the request parameter, SendFilePaths. We use the file’s parent
+ * directory (for example, for --send-file-paths /bucket/dir/file.txt, parent
+ * directory is /bucket/dir/) to temporarily store a processed AS2 message file,
+ * store the MDN when we receive them from the partner, and write a final JSON file containing
+ * relevant metadata of the transmission. So, the AccessRole needs to provide read
+ * and write access to the parent directory of the file location used in the
+ * StartFileTransfer request. Additionally, you need to provide read and write
+ * access to the parent directory of the files that you intend to send with
+ * StartFileTransfer.
*
*/
@@ -3132,8 +4223,8 @@ export interface UpdateServerRequest {
/**
* PassiveIp parameter to indicate passive mode (for FTP and FTPS protocols).
+ * To indicate passive mode (for FTP and FTPS protocols), use the PassiveIp parameter.
* Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.
* SetStatOption to ignore the error that is generated when the client attempts to use SETSTAT on a file you are uploading to an S3 bucket.
- * Set the value to ENABLE_NO_OP to have the Transfer Family server ignore the SETSTAT command, and upload files without needing to make any changes to your SFTP client.
- * Note that with SetStatOption set to ENABLE_NO_OP, Transfer generates a log entry to CloudWatch Logs, so you can determine when the client
- * is making a SETSTAT call.SETSTAT command on a file that you are
+ * uploading to an Amazon S3 bucket, use the SetStatOption parameter. To have the Transfer Family server ignore the
+ * SETSTAT command and upload files without needing to make any changes to your SFTP client, set the value to
+ * ENABLE_NO_OP. If you set the SetStatOption parameter to ENABLE_NO_OP, Transfer Family
+ * generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a SETSTAT
+ * call.TlsSessionResumptionMode parameter to determine whether or not your Transfer server
- * resumes recent, negotiated sessions through a unique session ID.TlsSessionResumptionMode parameter.As2Transports indicates the transport method for the AS2 messages. Currently, only HTTP is supported.ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key.-b option: you can create a stronger key using 3072 or 4096.-b option. You can create a stronger key by using 3072 or 4096.This system is for the use of authorized users only. Individuals using this computer system without authority,
* or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by
@@ -3274,7 +4365,7 @@ export interface UpdateServerRequest {
ServerId: string | undefined;
/**
- * OnUpload object, as in the following example.aws transfer update-server --server-id s-01234567890abcdef --workflow-details '{"OnUpload":[]}'
@@ -3299,10 +4390,10 @@ export interface UpdateUserRequest {
HomeDirectory?: string;
/**
- * PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer protocol clients.
- * If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for how you want to make Amazon
- * S3 or EFS paths visible to your users.PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer
+ * protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for
+ * how you want to make Amazon S3 or Amazon EFS paths visible to your users.Entry and Target pair, where Entry shows how the path
* is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you
- * only specify a target, it is displayed as is. You also must ensure that your Amazon Web Services Identity
- * and Access Management (IAM) role provides access to paths in Target. This value
- * can only be set when HomeDirectoryType is set to
+ * only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM)
+ * role provides access to paths in Target. This value
+ * can be set only when HomeDirectoryType is set to
* LOGICAL.Entry and Target pair example.${Transfer:UserName},
* ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.ServerId is S3. EFS does not use session policies.ServerId is Amazon S3. Amazon EFS does not use session policies.Policy argument.