diff --git a/clients/client-transfer/src/Transfer.ts b/clients/client-transfer/src/Transfer.ts index 03144d359a9f4..8c98d842da0f7 100644 --- a/clients/client-transfer/src/Transfer.ts +++ b/clients/client-transfer/src/Transfer.ts @@ -703,7 +703,6 @@ export class Transfer extends TransferClient { /** *

Deletes the file transfer protocol-enabled server that you specify.

- * *

No response returns from this operation.

*/ public deleteServer( @@ -766,9 +765,7 @@ export class Transfer extends TransferClient { /** *

Deletes the user belonging to a file transfer protocol-enabled server you specify.

- * *

No response returns from this operation.

- * * *

When you delete a user from a server, the user's information is lost.

*
@@ -832,7 +829,6 @@ export class Transfer extends TransferClient { *

Describes the access that is assigned to the specific file transfer protocol-enabled * server, as identified by its ServerId property and its * ExternalId.

- * *

The response from this call returns the properties of the access that is associated with * the ServerId value that was specified.

*/ @@ -1096,7 +1092,6 @@ export class Transfer extends TransferClient { /** *

Describes a file transfer protocol-enabled server that you specify by passing the * ServerId parameter.

- * *

The response contains a description of a server's properties. When you set * EndpointType to VPC, the response will contain the * EndpointDetails.

@@ -1133,7 +1128,6 @@ export class Transfer extends TransferClient { /** *

Describes the user assigned to the specific file transfer protocol-enabled server, as * identified by its ServerId property.

- * *

The response from this call returns the properties of the user associated with the * ServerId value that was specified.

*/ @@ -1266,7 +1260,6 @@ export class Transfer extends TransferClient { *

Adds a Secure Shell (SSH) public key to a user account identified by a * UserName value assigned to the specific file transfer protocol-enabled server, * identified by ServerId.

- * *

The response returns the UserName value, the ServerId value, and * the name of the SshPublicKeyId.

*/ @@ -1751,11 +1744,9 @@ export class Transfer extends TransferClient { *

Changes the state of a file transfer protocol-enabled server from OFFLINE to * ONLINE. It has no impact on a server that is already ONLINE. An * ONLINE server can accept and process file transfer jobs.

- * *

The state of STARTING indicates that the server is in an intermediate state, * either not fully able to respond, or not fully online. The values of START_FAILED * can indicate an error condition.

- * *

No response is returned from this call.

*/ public startServer(args: StartServerCommandInput, options?: __HttpHandlerOptions): Promise; @@ -1786,16 +1777,13 @@ export class Transfer extends TransferClient { * OFFLINE. An OFFLINE server cannot accept and process file transfer * jobs. Information tied to your server, such as server and user properties, are not affected by * stopping your server.

- * * *

Stopping the server does not reduce or impact your file transfer protocol endpoint * billing; you must delete the server to stop being billed.

*
- * *

The state of STOPPING indicates that the server is in an intermediate state, * either not fully able to respond, or not fully offline. The values of STOP_FAILED * can indicate an error condition.

- * *

No response is returned from this call.

*/ public stopServer(args: StopServerCommandInput, options?: __HttpHandlerOptions): Promise; @@ -1824,7 +1812,6 @@ export class Transfer extends TransferClient { /** *

Attaches a key-value pair to a resource, as identified by its Amazon Resource Name (ARN). * Resources are users, servers, roles, and other entities.

- * *

There is no response returned from this call.

*/ public tagResource(args: TagResourceCommandInput, options?: __HttpHandlerOptions): Promise; @@ -1923,7 +1910,6 @@ export class Transfer extends TransferClient { /** *

Detaches a key-value pair from a resource, as identified by its Amazon Resource Name * (ARN). Resources are users, servers, roles, and other entities.

- * *

No response is returned from this call.

*/ public untagResource( @@ -2155,7 +2141,6 @@ export class Transfer extends TransferClient { /** *

Updates the file transfer protocol-enabled server's properties after that server has * been created.

- * *

The UpdateServer call returns the ServerId of the server you * updated.

*/ @@ -2189,7 +2174,6 @@ export class Transfer extends TransferClient { *

Assigns new properties to a user. Parameters you pass modify any or all of the following: * the home directory, role, and policy for the UserName and ServerId * you specify.

- * *

The response returns the ServerId and the UserName for the * updated user.

*/ diff --git a/clients/client-transfer/src/commands/DeleteServerCommand.ts b/clients/client-transfer/src/commands/DeleteServerCommand.ts index 6ab976e252a94..d614b55a78e59 100644 --- a/clients/client-transfer/src/commands/DeleteServerCommand.ts +++ b/clients/client-transfer/src/commands/DeleteServerCommand.ts @@ -25,7 +25,6 @@ export interface DeleteServerCommandOutput extends __MetadataBearer {} /** *

Deletes the file transfer protocol-enabled server that you specify.

- * *

No response returns from this operation.

* @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-transfer/src/commands/DeleteUserCommand.ts b/clients/client-transfer/src/commands/DeleteUserCommand.ts index 98422e3c79f8f..99f6a522cbc9e 100644 --- a/clients/client-transfer/src/commands/DeleteUserCommand.ts +++ b/clients/client-transfer/src/commands/DeleteUserCommand.ts @@ -25,9 +25,7 @@ export interface DeleteUserCommandOutput extends __MetadataBearer {} /** *

Deletes the user belonging to a file transfer protocol-enabled server you specify.

- * *

No response returns from this operation.

- * * *

When you delete a user from a server, the user's information is lost.

*
diff --git a/clients/client-transfer/src/commands/DescribeAccessCommand.ts b/clients/client-transfer/src/commands/DescribeAccessCommand.ts index 0ae72580c1dbc..4917988fdcecc 100644 --- a/clients/client-transfer/src/commands/DescribeAccessCommand.ts +++ b/clients/client-transfer/src/commands/DescribeAccessCommand.ts @@ -32,7 +32,6 @@ export interface DescribeAccessCommandOutput extends DescribeAccessResponse, __M *

Describes the access that is assigned to the specific file transfer protocol-enabled * server, as identified by its ServerId property and its * ExternalId.

- * *

The response from this call returns the properties of the access that is associated with * the ServerId value that was specified.

* @example diff --git a/clients/client-transfer/src/commands/DescribeServerCommand.ts b/clients/client-transfer/src/commands/DescribeServerCommand.ts index 35dfddebe5188..dd3b36be4158e 100644 --- a/clients/client-transfer/src/commands/DescribeServerCommand.ts +++ b/clients/client-transfer/src/commands/DescribeServerCommand.ts @@ -31,7 +31,6 @@ export interface DescribeServerCommandOutput extends DescribeServerResponse, __M /** *

Describes a file transfer protocol-enabled server that you specify by passing the * ServerId parameter.

- * *

The response contains a description of a server's properties. When you set * EndpointType to VPC, the response will contain the * EndpointDetails.

diff --git a/clients/client-transfer/src/commands/DescribeUserCommand.ts b/clients/client-transfer/src/commands/DescribeUserCommand.ts index 5851e9c022500..a02607644a2c1 100644 --- a/clients/client-transfer/src/commands/DescribeUserCommand.ts +++ b/clients/client-transfer/src/commands/DescribeUserCommand.ts @@ -31,7 +31,6 @@ export interface DescribeUserCommandOutput extends DescribeUserResponse, __Metad /** *

Describes the user assigned to the specific file transfer protocol-enabled server, as * identified by its ServerId property.

- * *

The response from this call returns the properties of the user associated with the * ServerId value that was specified.

* @example diff --git a/clients/client-transfer/src/commands/ImportSshPublicKeyCommand.ts b/clients/client-transfer/src/commands/ImportSshPublicKeyCommand.ts index 53fdbcc5f156a..731ea6ee40818 100644 --- a/clients/client-transfer/src/commands/ImportSshPublicKeyCommand.ts +++ b/clients/client-transfer/src/commands/ImportSshPublicKeyCommand.ts @@ -32,7 +32,6 @@ export interface ImportSshPublicKeyCommandOutput extends ImportSshPublicKeyRespo *

Adds a Secure Shell (SSH) public key to a user account identified by a * UserName value assigned to the specific file transfer protocol-enabled server, * identified by ServerId.

- * *

The response returns the UserName value, the ServerId value, and * the name of the SshPublicKeyId.

* @example diff --git a/clients/client-transfer/src/commands/StartServerCommand.ts b/clients/client-transfer/src/commands/StartServerCommand.ts index eb43343f6408c..b29c3bd5d67cb 100644 --- a/clients/client-transfer/src/commands/StartServerCommand.ts +++ b/clients/client-transfer/src/commands/StartServerCommand.ts @@ -27,11 +27,9 @@ export interface StartServerCommandOutput extends __MetadataBearer {} *

Changes the state of a file transfer protocol-enabled server from OFFLINE to * ONLINE. It has no impact on a server that is already ONLINE. An * ONLINE server can accept and process file transfer jobs.

- * *

The state of STARTING indicates that the server is in an intermediate state, * either not fully able to respond, or not fully online. The values of START_FAILED * can indicate an error condition.

- * *

No response is returned from this call.

* @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-transfer/src/commands/StopServerCommand.ts b/clients/client-transfer/src/commands/StopServerCommand.ts index 9852c4502b8a6..5893a6b24413e 100644 --- a/clients/client-transfer/src/commands/StopServerCommand.ts +++ b/clients/client-transfer/src/commands/StopServerCommand.ts @@ -28,16 +28,13 @@ export interface StopServerCommandOutput extends __MetadataBearer {} * OFFLINE. An OFFLINE server cannot accept and process file transfer * jobs. Information tied to your server, such as server and user properties, are not affected by * stopping your server.

- * * *

Stopping the server does not reduce or impact your file transfer protocol endpoint * billing; you must delete the server to stop being billed.

*
- * *

The state of STOPPING indicates that the server is in an intermediate state, * either not fully able to respond, or not fully offline. The values of STOP_FAILED * can indicate an error condition.

- * *

No response is returned from this call.

* @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-transfer/src/commands/TagResourceCommand.ts b/clients/client-transfer/src/commands/TagResourceCommand.ts index 14372b4ff42f8..e7a0621c0859b 100644 --- a/clients/client-transfer/src/commands/TagResourceCommand.ts +++ b/clients/client-transfer/src/commands/TagResourceCommand.ts @@ -26,7 +26,6 @@ export interface TagResourceCommandOutput extends __MetadataBearer {} /** *

Attaches a key-value pair to a resource, as identified by its Amazon Resource Name (ARN). * Resources are users, servers, roles, and other entities.

- * *

There is no response returned from this call.

* @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-transfer/src/commands/UntagResourceCommand.ts b/clients/client-transfer/src/commands/UntagResourceCommand.ts index 56f481836a10e..0183b554117c2 100644 --- a/clients/client-transfer/src/commands/UntagResourceCommand.ts +++ b/clients/client-transfer/src/commands/UntagResourceCommand.ts @@ -26,7 +26,6 @@ export interface UntagResourceCommandOutput extends __MetadataBearer {} /** *

Detaches a key-value pair from a resource, as identified by its Amazon Resource Name * (ARN). Resources are users, servers, roles, and other entities.

- * *

No response is returned from this call.

* @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-transfer/src/commands/UpdateServerCommand.ts b/clients/client-transfer/src/commands/UpdateServerCommand.ts index e345bded00699..b86e4ffce31b0 100644 --- a/clients/client-transfer/src/commands/UpdateServerCommand.ts +++ b/clients/client-transfer/src/commands/UpdateServerCommand.ts @@ -31,7 +31,6 @@ export interface UpdateServerCommandOutput extends UpdateServerResponse, __Metad /** *

Updates the file transfer protocol-enabled server's properties after that server has * been created.

- * *

The UpdateServer call returns the ServerId of the server you * updated.

* @example diff --git a/clients/client-transfer/src/commands/UpdateUserCommand.ts b/clients/client-transfer/src/commands/UpdateUserCommand.ts index d9d88a649712f..83c24c3d1dc31 100644 --- a/clients/client-transfer/src/commands/UpdateUserCommand.ts +++ b/clients/client-transfer/src/commands/UpdateUserCommand.ts @@ -32,7 +32,6 @@ export interface UpdateUserCommandOutput extends UpdateUserResponse, __MetadataB *

Assigns new properties to a user. Parameters you pass modify any or all of the following: * the home directory, role, and policy for the UserName and ServerId * you specify.

- * *

The response returns the ServerId and the UserName for the * updated user.

* @example diff --git a/clients/client-transfer/src/endpoint/ruleset.ts b/clients/client-transfer/src/endpoint/ruleset.ts index cffa0438c1ad0..dd5c5f45eabe2 100644 --- a/clients/client-transfer/src/endpoint/ruleset.ts +++ b/clients/client-transfer/src/endpoint/ruleset.ts @@ -6,9 +6,9 @@ import { RuleSetObject } from "@aws-sdk/util-endpoints"; or see "smithy.rules#endpointRuleSet" in codegen/sdk-codegen/aws-models/transfer.json */ -const r="fn", -s="argv", -t="ref"; +const q="fn", +r="argv", +s="ref"; const a=true, b=false, c="String", @@ -17,14 +17,13 @@ e="tree", f="error", g="endpoint", h={"required":true,"default":false,"type":"Boolean"}, -i={[t]:"Endpoint"}, -j={[r]:"booleanEquals",[s]:[{[t]:"UseFIPS"},true]}, -k={[r]:"booleanEquals",[s]:[{[t]:"UseDualStack"},true]}, +i={[s]:"Endpoint"}, +j={[q]:"booleanEquals",[r]:[{[s]:"UseFIPS"},true]}, +k={[q]:"booleanEquals",[r]:[{[s]:"UseDualStack"},true]}, l={}, -m={[r]:"booleanEquals",[s]:[true,{[r]:"getAttr",[s]:[{[t]:d},"supportsFIPS"]}]}, -n={[r]:"booleanEquals",[s]:[true,{[r]:"getAttr",[s]:[{[t]:d},"supportsDualStack"]}]}, -o=[i], -p=[j], -q=[k]; -const _data={version:"1.0",parameters:{Region:{required:a,type:c},UseDualStack:h,UseFIPS:h,Endpoint:{required:b,type:c}},rules:[{conditions:[{[r]:"aws.partition",[s]:[{[t]:"Region"}],assign:d}],type:e,rules:[{conditions:[{[r]:"isSet",[s]:o},{[r]:"parseURL",[s]:o,assign:"url"}],type:e,rules:[{conditions:p,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:f},{type:e,rules:[{conditions:q,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:f},{endpoint:{url:i,properties:l,headers:l},type:g}]}]},{conditions:[j,k],type:e,rules:[{conditions:[m,n],type:e,rules:[{endpoint:{url:"https://transfer-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:l,headers:l},type:g}]},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:f}]},{conditions:p,type:e,rules:[{conditions:[m],type:e,rules:[{type:e,rules:[{endpoint:{url:"https://transfer-fips.{Region}.{PartitionResult#dnsSuffix}",properties:l,headers:l},type:g}]}]},{error:"FIPS is enabled but this partition does not support FIPS",type:f}]},{conditions:q,type:e,rules:[{conditions:[n],type:e,rules:[{endpoint:{url:"https://transfer.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:l,headers:l},type:g}]},{error:"DualStack is enabled but this partition does not support DualStack",type:f}]},{endpoint:{url:"https://transfer.{Region}.{PartitionResult#dnsSuffix}",properties:l,headers:l},type:g}]}]}; +m={[q]:"booleanEquals",[r]:[true,{[q]:"getAttr",[r]:[{[s]:d},"supportsFIPS"]}]}, +n={[q]:"booleanEquals",[r]:[true,{[q]:"getAttr",[r]:[{[s]:d},"supportsDualStack"]}]}, +o=[j], +p=[k]; +const _data={version:"1.0",parameters:{Region:{required:a,type:c},UseDualStack:h,UseFIPS:h,Endpoint:{required:b,type:c}},rules:[{conditions:[{[q]:"aws.partition",[r]:[{[s]:"Region"}],assign:d}],type:e,rules:[{conditions:[{[q]:"isSet",[r]:[i]}],type:e,rules:[{conditions:o,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:f},{type:e,rules:[{conditions:p,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:f},{endpoint:{url:i,properties:l,headers:l},type:g}]}]},{conditions:[j,k],type:e,rules:[{conditions:[m,n],type:e,rules:[{endpoint:{url:"https://transfer-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:l,headers:l},type:g}]},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:f}]},{conditions:o,type:e,rules:[{conditions:[m],type:e,rules:[{type:e,rules:[{endpoint:{url:"https://transfer-fips.{Region}.{PartitionResult#dnsSuffix}",properties:l,headers:l},type:g}]}]},{error:"FIPS is enabled but this partition does not support FIPS",type:f}]},{conditions:p,type:e,rules:[{conditions:[n],type:e,rules:[{endpoint:{url:"https://transfer.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:l,headers:l},type:g}]},{error:"DualStack is enabled but this partition does not support DualStack",type:f}]},{endpoint:{url:"https://transfer.{Region}.{PartitionResult#dnsSuffix}",properties:l,headers:l},type:g}]}]}; export const ruleSet: RuleSetObject = _data; diff --git a/clients/client-transfer/src/models/models_0.ts b/clients/client-transfer/src/models/models_0.ts index 45fdc3828487f..ad367adcaac1d 100644 --- a/clients/client-transfer/src/models/models_0.ts +++ b/clients/client-transfer/src/models/models_0.ts @@ -169,7 +169,6 @@ export class ConflictException extends __BaseException { /** *

Reserved for future use.

*

- * *

*/ export interface EfsFileLocation { @@ -360,7 +359,6 @@ export interface CreateAccessRequest { *

A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's * access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName}, * ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.

- * * *

This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies.

*

For session policies, Transfer Family stores the policy as a JSON blob, instead @@ -401,13 +399,10 @@ export interface CreateAccessRequest { * The users of the group that you associate have access to your Amazon S3 or Amazon EFS * resources over the enabled protocols using Transfer Family. If you know the group name, * you can view the SID values by running the following command using Windows PowerShell.

- * *

* Get-ADGroup -Filter {samAccountName -like "YourGroupName*"} -Properties * | Select SamAccountName,ObjectSid *

- * *

In that command, replace YourGroupName with the name of your Active Directory group.

- * *

The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. * You can also include underscores or any of the following characters: =,.@:/-

*/ @@ -624,6 +619,27 @@ export interface CreateAgreementResponse { AgreementId: string | undefined; } +/** + *

The request was denied due to request throttling.

+ */ +export class ThrottlingException extends __BaseException { + readonly name: "ThrottlingException" = "ThrottlingException"; + readonly $fault: "client" = "client"; + RetryAfterSeconds?: string; + /** + * @internal + */ + constructor(opts: __ExceptionOptionType) { + super({ + name: "ThrottlingException", + $fault: "client", + ...opts, + }); + Object.setPrototypeOf(this, ThrottlingException.prototype); + this.RetryAfterSeconds = opts.RetryAfterSeconds; + } +} + export interface CreateConnectorRequest { /** *

The URL of the partner's AS2 endpoint.

@@ -732,7 +748,6 @@ export enum Domain { * EndpointType=VPC_ENDPOINT in your Amazon Web Servicesaccount on or before May 19, 2021, * you will not be affected. After this date, use * EndpointType=VPC.

- * *

For more information, see * https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.

*
@@ -741,9 +756,7 @@ export interface EndpointDetails { /** *

A list of address allocation IDs that are required to attach an Elastic IP address to your * server's endpoint.

- * * - * *

This property can only be set when EndpointType is set to VPC * and it is only valid in the UpdateServer API.

*
@@ -752,7 +765,6 @@ export interface EndpointDetails { /** *

A list of subnet IDs that are required to host your server endpoint in your VPC.

- * * *

This property can only be set when EndpointType is set to * VPC.

@@ -762,11 +774,9 @@ export interface EndpointDetails { /** *

The identifier of the VPC endpoint.

- * * *

This property can only be set when EndpointType is set to * VPC_ENDPOINT.

- * *

For more information, see * https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.

*
@@ -775,7 +785,6 @@ export interface EndpointDetails { /** *

The VPC identifier of the VPC in which a server's endpoint will be hosted.

- * * *

This property can only be set when EndpointType is set to * VPC.

@@ -786,11 +795,9 @@ export interface EndpointDetails { /** *

A list of security groups IDs that are available to attach to your server's * endpoint.

- * * *

This property can only be set when EndpointType is set to * VPC.

- * *

You can edit the SecurityGroupIds property in the UpdateServer API only if you are changing the EndpointType from * PUBLIC or VPC_ENDPOINT to VPC. To change security * groups associated with your server's VPC endpoint after creation, use the Amazon EC2 @@ -876,7 +883,6 @@ export interface ProtocolDetails { *

* Special values *

- * *

The AUTO and 0.0.0.0 are special values for the PassiveIp parameter. The value PassiveIp=AUTO * is assigned by default to FTP and FTPS type servers. In this case, the server automatically responds with one of the endpoint IPs within the PASV response. * PassiveIp=0.0.0.0 has a more unique application for its usage. For example, if you have a High Availability (HA) Network Load Balancer (NLB) environment, @@ -990,20 +996,15 @@ export interface CreateServerRequest { /** *

The Amazon Resource Name (ARN) of the Certificate Manager (ACM) certificate. Required * when Protocols is set to FTPS.

- * *

To request a new public certificate, see Request a public certificate * in the Certificate Manager User Guide.

- * *

To import an existing certificate into ACM, see Importing certificates into ACM * in the Certificate Manager User Guide.

- * *

To request a private certificate to use FTPS through private IP addresses, see Request a * private certificate in the Certificate Manager User * Guide.

- * *

Certificates with the following cryptographic algorithms and key sizes are * supported:

- * *
    *
  • *

    2048-bit RSA (RSA_2048)

    @@ -1021,7 +1022,6 @@ export interface CreateServerRequest { *

    Elliptic Prime Curve 521 bit (EC_secp521r1)

    *
  • *
- * * *

The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP * address specified and information about the issuer.

@@ -1033,7 +1033,6 @@ export interface CreateServerRequest { *

The domain of the storage system that is used for file transfers. There are two domains * available: Amazon Simple Storage Service (Amazon S3) and Amazon Elastic File System (Amazon EFS). The * default value is S3.

- * * *

After the server is created, the domain cannot be changed.

*
@@ -1060,7 +1059,6 @@ export interface CreateServerRequest { * EndpointType=VPC_ENDPOINT in your Amazon Web Services account on or before May 19, 2021, * you will not be affected. After this date, use * EndpointType=VPC.

- * *

For more information, see * https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.

*

It is recommended that you use VPC as the EndpointType. With @@ -1075,31 +1073,23 @@ export interface CreateServerRequest { /** *

The RSA, ECDSA, or ED25519 private key to use for your SFTP-enabled server. You can add multiple host keys, in case you want * to rotate keys, or have a set of active keys that use different algorithms.

- * *

Use the following command to generate an RSA 2048 bit key with no passphrase:

*

* ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key.

*

Use a minimum value of 2048 for the -b option. You can create a stronger key by using 3072 or 4096.

- * *

Use the following command to generate an ECDSA 256 bit key with no passphrase:

*

* ssh-keygen -t ecdsa -b 256 -N "" -m PEM -f my-new-server-key.

*

Valid values for the -b option for ECDSA are 256, 384, and 521.

- * *

Use the following command to generate an ED25519 key with no passphrase:

*

* ssh-keygen -t ed25519 -N "" -f my-new-server-key.

- * *

For all of these commands, you can replace my-new-server-key with a string of your choice.

- * * *

If you aren't planning to migrate existing users from an existing SFTP-enabled * server to a new server, don't update the host key. Accidentally changing a * server's host key can be disruptive.

*
- * - * - * *

For more information, see Update host keys for your SFTP-enabled server in the Transfer Family User Guide.

*/ HostKey?: string; @@ -1148,7 +1138,6 @@ export interface CreateServerRequest { /** *

Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. * For example, the following banner displays details about using the system:

- * *

* This system is for the use of authorized users only. Individuals using this computer system without authority, * or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by @@ -1180,7 +1169,6 @@ export interface CreateServerRequest { * AS2 (Applicability Statement 2): used for transporting structured business-to-business data

* * - * * *
    *
  • @@ -1266,27 +1254,6 @@ export interface CreateServerResponse { ServerId: string | undefined; } -/** - *

    The request was denied due to request throttling.

    - */ -export class ThrottlingException extends __BaseException { - readonly name: "ThrottlingException" = "ThrottlingException"; - readonly $fault: "client" = "client"; - RetryAfterSeconds?: string; - /** - * @internal - */ - constructor(opts: __ExceptionOptionType) { - super({ - name: "ThrottlingException", - $fault: "client", - ...opts, - }); - Object.setPrototypeOf(this, ThrottlingException.prototype); - this.RetryAfterSeconds = opts.RetryAfterSeconds; - } -} - export interface CreateUserRequest { /** *

    The landing directory (folder) for a user when they log in to the server using the client.

    @@ -1311,14 +1278,11 @@ export interface CreateUserRequest { * role provides access to paths in Target. This value * can be set only when HomeDirectoryType is set to * LOGICAL.

    - * *

    The following is an Entry and Target pair example.

    - * *

    * [ { "Entry": "/directory1", "Target": * "/bucket_name/home/mydirectory" } ] *

    - * *

    In most cases, you can use this value instead of the session policy to lock your user * down to the designated home directory ("chroot"). To do this, you can set * Entry to / and set Target to the HomeDirectory @@ -1334,20 +1298,13 @@ export interface CreateUserRequest { *

    A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's * access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName}, * ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.

    - * * *

    This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies.

    *

    For session policies, Transfer Family stores the policy as a JSON blob, instead * of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass * it in the Policy argument.

    - * - * - * *

    For an example of a session policy, see Example session * policy.

    - * - * - * *

    For more information, see AssumeRole in the Amazon Web Services * Security Token Service API Reference.

    *
    @@ -1693,13 +1650,10 @@ export interface DeleteAccessRequest { * The users of the group that you associate have access to your Amazon S3 or Amazon EFS * resources over the enabled protocols using Transfer Family. If you know the group name, * you can view the SID values by running the following command using Windows PowerShell.

    - * *

    * Get-ADGroup -Filter {samAccountName -like "YourGroupName*"} -Properties * | Select SamAccountName,ObjectSid *

    - * *

    In that command, replace YourGroupName with the name of your Active Directory group.

    - * *

    The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. * You can also include underscores or any of the following characters: =,.@:/-

    */ @@ -1807,13 +1761,10 @@ export interface DescribeAccessRequest { * The users of the group that you associate have access to your Amazon S3 or Amazon EFS * resources over the enabled protocols using Transfer Family. If you know the group name, * you can view the SID values by running the following command using Windows PowerShell.

    - * *

    * Get-ADGroup -Filter {samAccountName -like "YourGroupName*"} -Properties * | Select SamAccountName,ObjectSid *

    - * *

    In that command, replace YourGroupName with the name of your Active Directory group.

    - * *

    The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. * You can also include underscores or any of the following characters: =,.@:/-

    */ @@ -1839,7 +1790,6 @@ export interface DescribedAccess { * role provides access to paths in Target. This value * can be set only when HomeDirectoryType is set to * LOGICAL.

    - * *

    In most cases, you can use this value instead of the session policy to lock down the * associated access to the designated home directory ("chroot"). To do this, you * can set Entry to '/' and set Target to the @@ -1884,13 +1834,10 @@ export interface DescribedAccess { * The users of the group that you associate have access to your Amazon S3 or Amazon EFS * resources over the enabled protocols using Transfer Family. If you know the group name, * you can view the SID values by running the following command using Windows PowerShell.

    - * *

    * Get-ADGroup -Filter {samAccountName -like "YourGroupName*"} -Properties * | Select SamAccountName,ObjectSid *

    - * *

    In that command, replace YourGroupName with the name of your Active Directory group.

    - * *

    The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. * You can also include underscores or any of the following characters: =,.@:/-

    */ @@ -2696,7 +2643,6 @@ export interface DescribedServer { /** *

    Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. * For example, the following banner displays details about using the system:

    - * *

    * This system is for the use of authorized users only. Individuals using this computer system without authority, * or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by @@ -2728,7 +2674,6 @@ export interface DescribedServer { * AS2 (Applicability Statement 2): used for transporting structured business-to-business data

    *
  • *
- * * *
    *
  • @@ -2774,7 +2719,6 @@ export interface DescribedServer { * ONLINE indicates that the server can accept jobs and transfer files. A * State value of OFFLINE means that the server cannot perform file * transfer operations.

    - * *

    The states of STARTING and STOPPING indicate that the server is * in an intermediate state, either not fully able to respond, or not fully offline. The values * of START_FAILED or STOP_FAILED can indicate an error @@ -2855,7 +2799,6 @@ export interface DescribedUser { * role provides access to paths in Target. This value * can be set only when HomeDirectoryType is set to * LOGICAL.

    - * *

    In most cases, you can use this value instead of the session policy to lock your user * down to the designated home directory ("chroot"). To do this, you can set * Entry to '/' and set Target to the HomeDirectory @@ -3274,13 +3217,10 @@ export interface ListedAccess { * The users of the group that you associate have access to your Amazon S3 or Amazon EFS * resources over the enabled protocols using Transfer Family. If you know the group name, * you can view the SID values by running the following command using Windows PowerShell.

    - * *

    * Get-ADGroup -Filter {samAccountName -like "YourGroupName*"} -Properties * | Select SamAccountName,ObjectSid *

    - * *

    In that command, replace YourGroupName with the name of your Active Directory group.

    - * *

    The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. * You can also include underscores or any of the following characters: =,.@:/-

    */ @@ -3680,7 +3620,6 @@ export interface ListedServer { * ONLINE indicates that the server can accept jobs and transfer files. A * State value of OFFLINE means that the server cannot perform file * transfer operations.

    - * *

    The states of STARTING and STOPPING indicate that the server is * in an intermediate state, either not fully able to respond, or not fully offline. The values * of START_FAILED or STOP_FAILED can indicate an error @@ -3725,12 +3664,10 @@ export interface ListedUser { * when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust * relationship that allows the server to access your resources when servicing your users' transfer requests.

    * - * *

    The IAM role that controls your users' access to your Amazon S3 bucket for servers with Domain=S3, or your EFS file system for servers with Domain=EFS. *

    *

    The policies attached to this role determine the level of access you want to provide your users when * transferring files into and out of your S3 buckets or EFS file systems.

    - * *
    */ Role?: string; @@ -4175,9 +4112,7 @@ export interface TestIdentityProviderRequest { /** *

    The type of file transfer protocol to be tested.

    - * *

    The available protocols are:

    - * *
      *
    • *

      Secure Shell (SSH) File Transfer Protocol (SFTP)

      @@ -4290,7 +4225,6 @@ export interface UpdateAccessRequest { *

      A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's * access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName}, * ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.

      - * * *

      This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies.

      *

      For session policies, Transfer Family stores the policy as a JSON blob, instead @@ -4331,13 +4265,10 @@ export interface UpdateAccessRequest { * The users of the group that you associate have access to your Amazon S3 or Amazon EFS * resources over the enabled protocols using Transfer Family. If you know the group name, * you can view the SID values by running the following command using Windows PowerShell.

      - * *

      * Get-ADGroup -Filter {samAccountName -like "YourGroupName*"} -Properties * | Select SamAccountName,ObjectSid *

      - * *

      In that command, replace YourGroupName with the name of your Active Directory group.

      - * *

      The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. * You can also include underscores or any of the following characters: =,.@:/-

      */ @@ -4548,20 +4479,15 @@ export interface UpdateServerRequest { /** *

      The Amazon Resource Name (ARN) of the Amazon Web ServicesCertificate Manager (ACM) certificate. Required * when Protocols is set to FTPS.

      - * *

      To request a new public certificate, see Request a public certificate * in the Amazon Web ServicesCertificate Manager User Guide.

      - * *

      To import an existing certificate into ACM, see Importing certificates into ACM * in the Amazon Web ServicesCertificate Manager User Guide.

      - * *

      To request a private certificate to use FTPS through private IP addresses, see Request a * private certificate in the Amazon Web ServicesCertificate Manager User * Guide.

      - * *

      Certificates with the following cryptographic algorithms and key sizes are * supported:

      - * *
        *
      • *

        2048-bit RSA (RSA_2048)

        @@ -4579,7 +4505,6 @@ export interface UpdateServerRequest { *

        Elliptic Prime Curve 521 bit (EC_secp521r1)

        *
      • *
      - * * *

      The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP * address specified and information about the issuer.

      @@ -4636,7 +4561,6 @@ export interface UpdateServerRequest { * EndpointType=VPC_ENDPOINT in your Amazon Web Servicesaccount on or before May 19, 2021, * you will not be affected. After this date, use * EndpointType=VPC.

      - * *

      For more information, see * https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.

      *

      It is recommended that you use VPC as the EndpointType. With @@ -4651,31 +4575,23 @@ export interface UpdateServerRequest { /** *

      The RSA, ECDSA, or ED25519 private key to use for your SFTP-enabled server. You can add multiple host keys, in case you want * to rotate keys, or have a set of active keys that use different algorithms.

      - * *

      Use the following command to generate an RSA 2048 bit key with no passphrase:

      *

      * ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key.

      *

      Use a minimum value of 2048 for the -b option. You can create a stronger key by using 3072 or 4096.

      - * *

      Use the following command to generate an ECDSA 256 bit key with no passphrase:

      *

      * ssh-keygen -t ecdsa -b 256 -N "" -m PEM -f my-new-server-key.

      *

      Valid values for the -b option for ECDSA are 256, 384, and 521.

      - * *

      Use the following command to generate an ED25519 key with no passphrase:

      *

      * ssh-keygen -t ed25519 -N "" -f my-new-server-key.

      - * *

      For all of these commands, you can replace my-new-server-key with a string of your choice.

      - * * *

      If you aren't planning to migrate existing users from an existing SFTP-enabled * server to a new server, don't update the host key. Accidentally changing a * server's host key can be disruptive.

      *
      - * - * - * *

      For more information, see Update host keys for your SFTP-enabled server in the Transfer Family User Guide.

      */ HostKey?: string; @@ -4704,7 +4620,6 @@ export interface UpdateServerRequest { /** *

      Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. * For example, the following banner displays details about using the system:

      - * *

      * This system is for the use of authorized users only. Individuals using this computer system without authority, * or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by @@ -4736,7 +4651,6 @@ export interface UpdateServerRequest { * AS2 (Applicability Statement 2): used for transporting structured business-to-business data

      *
    • *
    - * * *
      *
    • @@ -4823,17 +4737,14 @@ export interface UpdateUserRequest { * role provides access to paths in Target. This value * can be set only when HomeDirectoryType is set to * LOGICAL.

      - * *

      The following is an Entry and Target pair example.

      *

      * [ { "Entry": "/directory1", "Target": "/bucket_name/home/mydirectory" } ] *

      - * *

      In most cases, you can use this value instead of the session policy to lock down your * user to the designated home directory ("chroot"). To do this, you can set * Entry to '/' and set Target to the HomeDirectory * parameter value.

      - * *

      The following is an Entry and Target pair example for chroot.

      *

      * [ { "Entry": "/", "Target": "/bucket_name/home/mydirectory" } ] @@ -4845,20 +4756,13 @@ export interface UpdateUserRequest { *

      A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's * access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName}, * ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.

      - * * *

      This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies.

      *

      For session policies, Transfer Family stores the policy as a JSON blob, instead * of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass * it in the Policy argument.

      - * - * - * *

      For an example of a session policy, see Creating a session * policy.

      - * - * - * *

      For more information, see AssumeRole in the Amazon Web Services * Security Token Service API Reference.

      *
      diff --git a/clients/client-transfer/src/protocols/Aws_json1_1.ts b/clients/client-transfer/src/protocols/Aws_json1_1.ts index be92fb3a2812c..a9dd9e06420d2 100644 --- a/clients/client-transfer/src/protocols/Aws_json1_1.ts +++ b/clients/client-transfer/src/protocols/Aws_json1_1.ts @@ -1109,6 +1109,9 @@ const deserializeAws_json1_1CreateAgreementCommandError = async ( case "ServiceUnavailableException": case "com.amazonaws.transfer#ServiceUnavailableException": throw await deserializeAws_json1_1ServiceUnavailableExceptionResponse(parsedOutput, context); + case "ThrottlingException": + case "com.amazonaws.transfer#ThrottlingException": + throw await deserializeAws_json1_1ThrottlingExceptionResponse(parsedOutput, context); default: const parsedBody = parsedOutput.body; throwDefaultError({ @@ -1162,6 +1165,9 @@ const deserializeAws_json1_1CreateConnectorCommandError = async ( case "ServiceUnavailableException": case "com.amazonaws.transfer#ServiceUnavailableException": throw await deserializeAws_json1_1ServiceUnavailableExceptionResponse(parsedOutput, context); + case "ThrottlingException": + case "com.amazonaws.transfer#ThrottlingException": + throw await deserializeAws_json1_1ThrottlingExceptionResponse(parsedOutput, context); default: const parsedBody = parsedOutput.body; throwDefaultError({ @@ -1212,6 +1218,9 @@ const deserializeAws_json1_1CreateProfileCommandError = async ( case "ServiceUnavailableException": case "com.amazonaws.transfer#ServiceUnavailableException": throw await deserializeAws_json1_1ServiceUnavailableExceptionResponse(parsedOutput, context); + case "ThrottlingException": + case "com.amazonaws.transfer#ThrottlingException": + throw await deserializeAws_json1_1ThrottlingExceptionResponse(parsedOutput, context); default: const parsedBody = parsedOutput.body; throwDefaultError({ @@ -3604,6 +3613,9 @@ const deserializeAws_json1_1UpdateAccessCommandError = async ( case "ServiceUnavailableException": case "com.amazonaws.transfer#ServiceUnavailableException": throw await deserializeAws_json1_1ServiceUnavailableExceptionResponse(parsedOutput, context); + case "ThrottlingException": + case "com.amazonaws.transfer#ThrottlingException": + throw await deserializeAws_json1_1ThrottlingExceptionResponse(parsedOutput, context); default: const parsedBody = parsedOutput.body; throwDefaultError({ @@ -3657,6 +3669,9 @@ const deserializeAws_json1_1UpdateAgreementCommandError = async ( case "ServiceUnavailableException": case "com.amazonaws.transfer#ServiceUnavailableException": throw await deserializeAws_json1_1ServiceUnavailableExceptionResponse(parsedOutput, context); + case "ThrottlingException": + case "com.amazonaws.transfer#ThrottlingException": + throw await deserializeAws_json1_1ThrottlingExceptionResponse(parsedOutput, context); default: const parsedBody = parsedOutput.body; throwDefaultError({ @@ -3707,6 +3722,9 @@ const deserializeAws_json1_1UpdateCertificateCommandError = async ( case "ServiceUnavailableException": case "com.amazonaws.transfer#ServiceUnavailableException": throw await deserializeAws_json1_1ServiceUnavailableExceptionResponse(parsedOutput, context); + case "ThrottlingException": + case "com.amazonaws.transfer#ThrottlingException": + throw await deserializeAws_json1_1ThrottlingExceptionResponse(parsedOutput, context); default: const parsedBody = parsedOutput.body; throwDefaultError({ @@ -3760,6 +3778,9 @@ const deserializeAws_json1_1UpdateConnectorCommandError = async ( case "ServiceUnavailableException": case "com.amazonaws.transfer#ServiceUnavailableException": throw await deserializeAws_json1_1ServiceUnavailableExceptionResponse(parsedOutput, context); + case "ThrottlingException": + case "com.amazonaws.transfer#ThrottlingException": + throw await deserializeAws_json1_1ThrottlingExceptionResponse(parsedOutput, context); default: const parsedBody = parsedOutput.body; throwDefaultError({ @@ -3863,6 +3884,9 @@ const deserializeAws_json1_1UpdateProfileCommandError = async ( case "ServiceUnavailableException": case "com.amazonaws.transfer#ServiceUnavailableException": throw await deserializeAws_json1_1ServiceUnavailableExceptionResponse(parsedOutput, context); + case "ThrottlingException": + case "com.amazonaws.transfer#ThrottlingException": + throw await deserializeAws_json1_1ThrottlingExceptionResponse(parsedOutput, context); default: const parsedBody = parsedOutput.body; throwDefaultError({ diff --git a/codegen/sdk-codegen/aws-models/transfer.json b/codegen/sdk-codegen/aws-models/transfer.json index 756f87425188a..3a24b5d728bfc 100644 --- a/codegen/sdk-codegen/aws-models/transfer.json +++ b/codegen/sdk-codegen/aws-models/transfer.json @@ -436,7 +436,7 @@ "Policy": { "target": "com.amazonaws.transfer#Policy", "traits": { - "smithy.api#documentation": "

      A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's\n access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName},\n ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.

      \n \n \n

      This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies.

      \n

      For session policies, Transfer Family stores the policy as a JSON blob, instead\n of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass\n it in the Policy argument.

      \n

      For an example of a session policy, see Example\n session policy.

      \n

      For more information, see AssumeRole in the Security Token Service API\n Reference.

      \n
      " + "smithy.api#documentation": "

      A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's\n access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName},\n ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.

      \n \n

      This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies.

      \n

      For session policies, Transfer Family stores the policy as a JSON blob, instead\n of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass\n it in the Policy argument.

      \n

      For an example of a session policy, see Example\n session policy.

      \n

      For more information, see AssumeRole in the Security Token Service API\n Reference.

      \n
      " } }, "PosixProfile": { @@ -459,7 +459,7 @@ "ExternalId": { "target": "com.amazonaws.transfer#ExternalId", "traits": { - "smithy.api#documentation": "

      A unique identifier that is required to identify specific groups within your directory.\n The users of the group that you associate have access to your Amazon S3 or Amazon EFS\n resources over the enabled protocols using Transfer Family. If you know the group name,\n you can view the SID values by running the following command using Windows PowerShell.

      \n\n

      \n Get-ADGroup -Filter {samAccountName -like \"YourGroupName*\"} -Properties * | Select SamAccountName,ObjectSid\n

      \n \n

      In that command, replace YourGroupName with the name of your Active Directory group.

      \n\n

      The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces.\n You can also include underscores or any of the following characters: =,.@:/-

      ", + "smithy.api#documentation": "

      A unique identifier that is required to identify specific groups within your directory.\n The users of the group that you associate have access to your Amazon S3 or Amazon EFS\n resources over the enabled protocols using Transfer Family. If you know the group name,\n you can view the SID values by running the following command using Windows PowerShell.

      \n

      \n Get-ADGroup -Filter {samAccountName -like \"YourGroupName*\"} -Properties * | Select SamAccountName,ObjectSid\n

      \n

      In that command, replace YourGroupName with the name of your Active Directory group.

      \n

      The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces.\n You can also include underscores or any of the following characters: =,.@:/-

      ", "smithy.api#required": {} } } @@ -507,6 +507,9 @@ }, { "target": "com.amazonaws.transfer#ServiceUnavailableException" + }, + { + "target": "com.amazonaws.transfer#ThrottlingException" } ], "traits": { @@ -606,6 +609,9 @@ }, { "target": "com.amazonaws.transfer#ServiceUnavailableException" + }, + { + "target": "com.amazonaws.transfer#ThrottlingException" } ], "traits": { @@ -682,6 +688,9 @@ }, { "target": "com.amazonaws.transfer#ServiceUnavailableException" + }, + { + "target": "com.amazonaws.transfer#ThrottlingException" } ], "traits": { @@ -772,13 +781,13 @@ "Certificate": { "target": "com.amazonaws.transfer#Certificate", "traits": { - "smithy.api#documentation": "

      The Amazon Resource Name (ARN) of the Certificate Manager (ACM) certificate. Required\n when Protocols is set to FTPS.

      \n\n

      To request a new public certificate, see Request a public certificate\n in the Certificate Manager User Guide.

      \n\n

      To import an existing certificate into ACM, see Importing certificates into ACM\n in the Certificate Manager User Guide.

      \n\n

      To request a private certificate to use FTPS through private IP addresses, see Request a\n private certificate in the Certificate Manager User\n Guide.

      \n\n

      Certificates with the following cryptographic algorithms and key sizes are\n supported:

      \n\n
        \n
      • \n

        2048-bit RSA (RSA_2048)

        \n
      • \n
      • \n

        4096-bit RSA (RSA_4096)

        \n
      • \n
      • \n

        Elliptic Prime Curve 256 bit (EC_prime256v1)

        \n
      • \n
      • \n

        Elliptic Prime Curve 384 bit (EC_secp384r1)

        \n
      • \n
      • \n

        Elliptic Prime Curve 521 bit (EC_secp521r1)

        \n
      • \n
      \n\n \n

      The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP\n address specified and information about the issuer.

      \n
      " + "smithy.api#documentation": "

      The Amazon Resource Name (ARN) of the Certificate Manager (ACM) certificate. Required\n when Protocols is set to FTPS.

      \n

      To request a new public certificate, see Request a public certificate\n in the Certificate Manager User Guide.

      \n

      To import an existing certificate into ACM, see Importing certificates into ACM\n in the Certificate Manager User Guide.

      \n

      To request a private certificate to use FTPS through private IP addresses, see Request a\n private certificate in the Certificate Manager User\n Guide.

      \n

      Certificates with the following cryptographic algorithms and key sizes are\n supported:

      \n
        \n
      • \n

        2048-bit RSA (RSA_2048)

        \n
      • \n
      • \n

        4096-bit RSA (RSA_4096)

        \n
      • \n
      • \n

        Elliptic Prime Curve 256 bit (EC_prime256v1)

        \n
      • \n
      • \n

        Elliptic Prime Curve 384 bit (EC_secp384r1)

        \n
      • \n
      • \n

        Elliptic Prime Curve 521 bit (EC_secp521r1)

        \n
      • \n
      \n \n

      The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP\n address specified and information about the issuer.

      \n
      " } }, "Domain": { "target": "com.amazonaws.transfer#Domain", "traits": { - "smithy.api#documentation": "

      The domain of the storage system that is used for file transfers. There are two domains\n available: Amazon Simple Storage Service (Amazon S3) and Amazon Elastic File System (Amazon EFS). The\n default value is S3.

      \n\n \n

      After the server is created, the domain cannot be changed.

      \n
      " + "smithy.api#documentation": "

      The domain of the storage system that is used for file transfers. There are two domains\n available: Amazon Simple Storage Service (Amazon S3) and Amazon Elastic File System (Amazon EFS). The\n default value is S3.

      \n \n

      After the server is created, the domain cannot be changed.

      \n
      " } }, "EndpointDetails": { @@ -790,13 +799,13 @@ "EndpointType": { "target": "com.amazonaws.transfer#EndpointType", "traits": { - "smithy.api#documentation": "

      The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC)\n or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and \n resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.

      \n \n

      After May 19, 2021, you won't be able to create a server using\n EndpointType=VPC_ENDPOINT in your Amazon Web Services account if your account hasn't already\n done so before May 19, 2021. If you have already created servers with\n EndpointType=VPC_ENDPOINT in your Amazon Web Services account on or before May 19, 2021,\n you will not be affected. After this date, use\n EndpointType=VPC.

      \n \n

      For more information, see\n https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.

      \n

      It is recommended that you use VPC as the EndpointType. With\n this endpoint type, you have the option to directly associate up to three Elastic IPv4\n addresses (BYO IP included) with your server's endpoint and use VPC security groups to\n restrict traffic by the client's public IP address. This is not possible with\n EndpointType set to VPC_ENDPOINT.

      \n
      " + "smithy.api#documentation": "

      The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC)\n or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and \n resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.

      \n \n

      After May 19, 2021, you won't be able to create a server using\n EndpointType=VPC_ENDPOINT in your Amazon Web Services account if your account hasn't already\n done so before May 19, 2021. If you have already created servers with\n EndpointType=VPC_ENDPOINT in your Amazon Web Services account on or before May 19, 2021,\n you will not be affected. After this date, use\n EndpointType=VPC.

      \n

      For more information, see\n https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.

      \n

      It is recommended that you use VPC as the EndpointType. With\n this endpoint type, you have the option to directly associate up to three Elastic IPv4\n addresses (BYO IP included) with your server's endpoint and use VPC security groups to\n restrict traffic by the client's public IP address. This is not possible with\n EndpointType set to VPC_ENDPOINT.

      \n
      " } }, "HostKey": { "target": "com.amazonaws.transfer#HostKey", "traits": { - "smithy.api#documentation": "

      The RSA, ECDSA, or ED25519 private key to use for your SFTP-enabled server. You can add multiple host keys, in case you want\n to rotate keys, or have a set of active keys that use different algorithms.

      \n \n

      Use the following command to generate an RSA 2048 bit key with no passphrase:

      \n

      \n ssh-keygen -t rsa -b 2048 -N \"\" -m PEM -f my-new-server-key.

      \n

      Use a minimum value of 2048 for the -b option. You can create a stronger key by using 3072 or 4096.

      \n \n

      Use the following command to generate an ECDSA 256 bit key with no passphrase:

      \n

      \n ssh-keygen -t ecdsa -b 256 -N \"\" -m PEM -f my-new-server-key.

      \n

      Valid values for the -b option for ECDSA are 256, 384, and 521.

      \n \n

      Use the following command to generate an ED25519 key with no passphrase:

      \n

      \n ssh-keygen -t ed25519 -N \"\" -f my-new-server-key.

      \n \n

      For all of these commands, you can replace my-new-server-key with a string of your choice.

      \n\n \n

      If you aren't planning to migrate existing users from an existing SFTP-enabled\n server to a new server, don't update the host key. Accidentally changing a\n server's host key can be disruptive.

      \n
      \n\n \n\n

      For more information, see Update host keys for your SFTP-enabled server in the Transfer Family User Guide.

      " + "smithy.api#documentation": "

      The RSA, ECDSA, or ED25519 private key to use for your SFTP-enabled server. You can add multiple host keys, in case you want\n to rotate keys, or have a set of active keys that use different algorithms.

      \n

      Use the following command to generate an RSA 2048 bit key with no passphrase:

      \n

      \n ssh-keygen -t rsa -b 2048 -N \"\" -m PEM -f my-new-server-key.

      \n

      Use a minimum value of 2048 for the -b option. You can create a stronger key by using 3072 or 4096.

      \n

      Use the following command to generate an ECDSA 256 bit key with no passphrase:

      \n

      \n ssh-keygen -t ecdsa -b 256 -N \"\" -m PEM -f my-new-server-key.

      \n

      Valid values for the -b option for ECDSA are 256, 384, and 521.

      \n

      Use the following command to generate an ED25519 key with no passphrase:

      \n

      \n ssh-keygen -t ed25519 -N \"\" -f my-new-server-key.

      \n

      For all of these commands, you can replace my-new-server-key with a string of your choice.

      \n \n

      If you aren't planning to migrate existing users from an existing SFTP-enabled\n server to a new server, don't update the host key. Accidentally changing a\n server's host key can be disruptive.

      \n
      \n

      For more information, see Update host keys for your SFTP-enabled server in the Transfer Family User Guide.

      " } }, "IdentityProviderDetails": { @@ -826,13 +835,13 @@ "PreAuthenticationLoginBanner": { "target": "com.amazonaws.transfer#PreAuthenticationLoginBanner", "traits": { - "smithy.api#documentation": "

      Specifies a string to display when users connect to a server. This string is displayed before the user authenticates.\n For example, the following banner displays details about using the system:

      \n \n

      \n This system is for the use of authorized users only. Individuals using this computer system without authority,\n or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by\n system personnel.\n

      " + "smithy.api#documentation": "

      Specifies a string to display when users connect to a server. This string is displayed before the user authenticates.\n For example, the following banner displays details about using the system:

      \n

      \n This system is for the use of authorized users only. Individuals using this computer system without authority,\n or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by\n system personnel.\n

      " } }, "Protocols": { "target": "com.amazonaws.transfer#Protocols", "traits": { - "smithy.api#documentation": "

      Specifies the file transfer protocol or protocols over which your file transfer protocol\n client can connect to your server's endpoint. The available protocols are:

      \n
        \n
      • \n

        \n SFTP (Secure Shell (SSH) File Transfer Protocol): File transfer over\n SSH

        \n
      • \n
      • \n

        \n FTPS (File Transfer Protocol Secure): File transfer with TLS\n encryption

        \n
      • \n
      • \n

        \n FTP (File Transfer Protocol): Unencrypted file transfer

        \n
      • \n
      • \n

        \n AS2 (Applicability Statement 2): used for transporting structured business-to-business data

        \n
      • \n
      \n\n \n
        \n
      • \n

        If you select FTPS, you must choose a certificate stored in Certificate Manager (ACM) \n which is used to identify your server when clients connect to it over\n FTPS.

        \n
      • \n
      • \n

        If Protocol includes either FTP or FTPS, then the\n EndpointType must be VPC and the\n IdentityProviderType must be AWS_DIRECTORY_SERVICE or API_GATEWAY.

        \n
      • \n
      • \n

        If Protocol includes FTP, then\n AddressAllocationIds cannot be associated.

        \n
      • \n
      • \n

        If Protocol is set only to SFTP, the EndpointType\n can be set to PUBLIC and the IdentityProviderType can be set to\n SERVICE_MANAGED.

        \n
      • \n
      • \n

        If Protocol includes AS2, then the\n EndpointType must be VPC, and domain must be Amazon S3.

        \n
      • \n
      \n
      " + "smithy.api#documentation": "

      Specifies the file transfer protocol or protocols over which your file transfer protocol\n client can connect to your server's endpoint. The available protocols are:

      \n
        \n
      • \n

        \n SFTP (Secure Shell (SSH) File Transfer Protocol): File transfer over\n SSH

        \n
      • \n
      • \n

        \n FTPS (File Transfer Protocol Secure): File transfer with TLS\n encryption

        \n
      • \n
      • \n

        \n FTP (File Transfer Protocol): Unencrypted file transfer

        \n
      • \n
      • \n

        \n AS2 (Applicability Statement 2): used for transporting structured business-to-business data

        \n
      • \n
      \n \n
        \n
      • \n

        If you select FTPS, you must choose a certificate stored in Certificate Manager (ACM) \n which is used to identify your server when clients connect to it over\n FTPS.

        \n
      • \n
      • \n

        If Protocol includes either FTP or FTPS, then the\n EndpointType must be VPC and the\n IdentityProviderType must be AWS_DIRECTORY_SERVICE or API_GATEWAY.

        \n
      • \n
      • \n

        If Protocol includes FTP, then\n AddressAllocationIds cannot be associated.

        \n
      • \n
      • \n

        If Protocol is set only to SFTP, the EndpointType\n can be set to PUBLIC and the IdentityProviderType can be set to\n SERVICE_MANAGED.

        \n
      • \n
      • \n

        If Protocol includes AS2, then the\n EndpointType must be VPC, and domain must be Amazon S3.

        \n
      • \n
      \n
      " } }, "ProtocolDetails": { @@ -920,13 +929,13 @@ "HomeDirectoryMappings": { "target": "com.amazonaws.transfer#HomeDirectoryMappings", "traits": { - "smithy.api#documentation": "

      Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should\n be visible to your user and how you want to make them visible. You must specify the\n Entry and Target pair, where Entry shows how the path\n is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you\n only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM) \n role provides access to paths in Target. This value\n can be set only when HomeDirectoryType is set to\n LOGICAL.

      \n\n

      The following is an Entry and Target pair example.

      \n\n

      \n [ { \"Entry\": \"/directory1\", \"Target\":\n \"/bucket_name/home/mydirectory\" } ]\n

      \n\n

      In most cases, you can use this value instead of the session policy to lock your user\n down to the designated home directory (\"chroot\"). To do this, you can set\n Entry to / and set Target to the HomeDirectory\n parameter value.

      \n

      The following is an Entry and Target pair example for chroot.

      \n

      \n [ { \"Entry\": \"/\", \"Target\": \"/bucket_name/home/mydirectory\" } ]\n

      " + "smithy.api#documentation": "

      Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should\n be visible to your user and how you want to make them visible. You must specify the\n Entry and Target pair, where Entry shows how the path\n is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you\n only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM) \n role provides access to paths in Target. This value\n can be set only when HomeDirectoryType is set to\n LOGICAL.

      \n

      The following is an Entry and Target pair example.

      \n

      \n [ { \"Entry\": \"/directory1\", \"Target\":\n \"/bucket_name/home/mydirectory\" } ]\n

      \n

      In most cases, you can use this value instead of the session policy to lock your user\n down to the designated home directory (\"chroot\"). To do this, you can set\n Entry to / and set Target to the HomeDirectory\n parameter value.

      \n

      The following is an Entry and Target pair example for chroot.

      \n

      \n [ { \"Entry\": \"/\", \"Target\": \"/bucket_name/home/mydirectory\" } ]\n

      " } }, "Policy": { "target": "com.amazonaws.transfer#Policy", "traits": { - "smithy.api#documentation": "

      A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's\n access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName},\n ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.

      \n\n \n

      This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies.

      \n

      For session policies, Transfer Family stores the policy as a JSON blob, instead\n of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass\n it in the Policy argument.

      \n\n \n\n

      For an example of a session policy, see Example session\n policy.

      \n\n \n\n

      For more information, see AssumeRole in the Amazon Web Services\n Security Token Service API Reference.

      \n
      " + "smithy.api#documentation": "

      A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's\n access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName},\n ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.

      \n \n

      This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies.

      \n

      For session policies, Transfer Family stores the policy as a JSON blob, instead\n of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass\n it in the Policy argument.

      \n

      For an example of a session policy, see Example session\n policy.

      \n

      For more information, see AssumeRole in the Amazon Web Services\n Security Token Service API Reference.

      \n
      " } }, "PosixProfile": { @@ -1199,7 +1208,7 @@ "ExternalId": { "target": "com.amazonaws.transfer#ExternalId", "traits": { - "smithy.api#documentation": "

      A unique identifier that is required to identify specific groups within your directory.\n The users of the group that you associate have access to your Amazon S3 or Amazon EFS\n resources over the enabled protocols using Transfer Family. If you know the group name,\n you can view the SID values by running the following command using Windows PowerShell.

      \n\n

      \n Get-ADGroup -Filter {samAccountName -like \"YourGroupName*\"} -Properties * | Select SamAccountName,ObjectSid\n

      \n \n

      In that command, replace YourGroupName with the name of your Active Directory group.

      \n\n

      The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces.\n You can also include underscores or any of the following characters: =,.@:/-

      ", + "smithy.api#documentation": "

      A unique identifier that is required to identify specific groups within your directory.\n The users of the group that you associate have access to your Amazon S3 or Amazon EFS\n resources over the enabled protocols using Transfer Family. If you know the group name,\n you can view the SID values by running the following command using Windows PowerShell.

      \n

      \n Get-ADGroup -Filter {samAccountName -like \"YourGroupName*\"} -Properties * | Select SamAccountName,ObjectSid\n

      \n

      In that command, replace YourGroupName with the name of your Active Directory group.

      \n

      The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces.\n You can also include underscores or any of the following characters: =,.@:/-

      ", "smithy.api#required": {} } } @@ -1438,7 +1447,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Deletes the file transfer protocol-enabled server that you specify.

      \n\n

      No response returns from this operation.

      " + "smithy.api#documentation": "

      Deletes the file transfer protocol-enabled server that you specify.

      \n

      No response returns from this operation.

      " } }, "com.amazonaws.transfer#DeleteServerRequest": { @@ -1551,7 +1560,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Deletes the user belonging to a file transfer protocol-enabled server you specify.

      \n\n

      No response returns from this operation.

      \n\n \n

      When you delete a user from a server, the user's information is lost.

      \n
      " + "smithy.api#documentation": "

      Deletes the user belonging to a file transfer protocol-enabled server you specify.

      \n

      No response returns from this operation.

      \n \n

      When you delete a user from a server, the user's information is lost.

      \n
      " } }, "com.amazonaws.transfer#DeleteUserRequest": { @@ -1637,7 +1646,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Describes the access that is assigned to the specific file transfer protocol-enabled\n server, as identified by its ServerId property and its\n ExternalId.

      \n \n

      The response from this call returns the properties of the access that is associated with\n the ServerId value that was specified.

      " + "smithy.api#documentation": "

      Describes the access that is assigned to the specific file transfer protocol-enabled\n server, as identified by its ServerId property and its\n ExternalId.

      \n

      The response from this call returns the properties of the access that is associated with\n the ServerId value that was specified.

      " } }, "com.amazonaws.transfer#DescribeAccessRequest": { @@ -1653,7 +1662,7 @@ "ExternalId": { "target": "com.amazonaws.transfer#ExternalId", "traits": { - "smithy.api#documentation": "

      A unique identifier that is required to identify specific groups within your directory.\n The users of the group that you associate have access to your Amazon S3 or Amazon EFS\n resources over the enabled protocols using Transfer Family. If you know the group name,\n you can view the SID values by running the following command using Windows PowerShell.

      \n\n

      \n Get-ADGroup -Filter {samAccountName -like \"YourGroupName*\"} -Properties * | Select SamAccountName,ObjectSid\n

      \n \n

      In that command, replace YourGroupName with the name of your Active Directory group.

      \n\n

      The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces.\n You can also include underscores or any of the following characters: =,.@:/-

      ", + "smithy.api#documentation": "

      A unique identifier that is required to identify specific groups within your directory.\n The users of the group that you associate have access to your Amazon S3 or Amazon EFS\n resources over the enabled protocols using Transfer Family. If you know the group name,\n you can view the SID values by running the following command using Windows PowerShell.

      \n

      \n Get-ADGroup -Filter {samAccountName -like \"YourGroupName*\"} -Properties * | Select SamAccountName,ObjectSid\n

      \n

      In that command, replace YourGroupName with the name of your Active Directory group.

      \n

      The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces.\n You can also include underscores or any of the following characters: =,.@:/-

      ", "smithy.api#required": {} } } @@ -2079,7 +2088,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Describes a file transfer protocol-enabled server that you specify by passing the\n ServerId parameter.

      \n\n

      The response contains a description of a server's properties. When you set\n EndpointType to VPC, the response will contain the\n EndpointDetails.

      ", + "smithy.api#documentation": "

      Describes a file transfer protocol-enabled server that you specify by passing the\n ServerId parameter.

      \n

      The response contains a description of a server's properties. When you set\n EndpointType to VPC, the response will contain the\n EndpointDetails.

      ", "smithy.waiters#waitable": { "ServerOffline": { "acceptors": [ @@ -2181,7 +2190,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Describes the user assigned to the specific file transfer protocol-enabled server, as\n identified by its ServerId property.

      \n\n

      The response from this call returns the properties of the user associated with the\n ServerId value that was specified.

      " + "smithy.api#documentation": "

      Describes the user assigned to the specific file transfer protocol-enabled server, as\n identified by its ServerId property.

      \n

      The response from this call returns the properties of the user associated with the\n ServerId value that was specified.

      " } }, "com.amazonaws.transfer#DescribeUserRequest": { @@ -2284,7 +2293,7 @@ "HomeDirectoryMappings": { "target": "com.amazonaws.transfer#HomeDirectoryMappings", "traits": { - "smithy.api#documentation": "

      Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should\n be visible to your user and how you want to make them visible. You must specify the\n Entry and Target pair, where Entry shows how the path\n is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you\n only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM) \n role provides access to paths in Target. This value\n can be set only when HomeDirectoryType is set to\n LOGICAL.

      \n \n

      In most cases, you can use this value instead of the session policy to lock down the\n associated access to the designated home directory (\"chroot\"). To do this, you\n can set Entry to '/' and set Target to the\n HomeDirectory parameter value.

      " + "smithy.api#documentation": "

      Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should\n be visible to your user and how you want to make them visible. You must specify the\n Entry and Target pair, where Entry shows how the path\n is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you\n only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM) \n role provides access to paths in Target. This value\n can be set only when HomeDirectoryType is set to\n LOGICAL.

      \n

      In most cases, you can use this value instead of the session policy to lock down the\n associated access to the designated home directory (\"chroot\"). To do this, you\n can set Entry to '/' and set Target to the\n HomeDirectory parameter value.

      " } }, "HomeDirectoryType": { @@ -2311,7 +2320,7 @@ "ExternalId": { "target": "com.amazonaws.transfer#ExternalId", "traits": { - "smithy.api#documentation": "

      A unique identifier that is required to identify specific groups within your directory.\n The users of the group that you associate have access to your Amazon S3 or Amazon EFS\n resources over the enabled protocols using Transfer Family. If you know the group name,\n you can view the SID values by running the following command using Windows PowerShell.

      \n\n

      \n Get-ADGroup -Filter {samAccountName -like \"YourGroupName*\"} -Properties * | Select SamAccountName,ObjectSid\n

      \n \n

      In that command, replace YourGroupName with the name of your Active Directory group.

      \n\n

      The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces.\n You can also include underscores or any of the following characters: =,.@:/-

      " + "smithy.api#documentation": "

      A unique identifier that is required to identify specific groups within your directory.\n The users of the group that you associate have access to your Amazon S3 or Amazon EFS\n resources over the enabled protocols using Transfer Family. If you know the group name,\n you can view the SID values by running the following command using Windows PowerShell.

      \n

      \n Get-ADGroup -Filter {samAccountName -like \"YourGroupName*\"} -Properties * | Select SamAccountName,ObjectSid\n

      \n

      In that command, replace YourGroupName with the name of your Active Directory group.

      \n

      The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces.\n You can also include underscores or any of the following characters: =,.@:/-

      " } } }, @@ -2799,13 +2808,13 @@ "PreAuthenticationLoginBanner": { "target": "com.amazonaws.transfer#PreAuthenticationLoginBanner", "traits": { - "smithy.api#documentation": "

      Specifies a string to display when users connect to a server. This string is displayed before the user authenticates.\n For example, the following banner displays details about using the system:

      \n \n

      \n This system is for the use of authorized users only. Individuals using this computer system without authority,\n or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by\n system personnel.\n

      " + "smithy.api#documentation": "

      Specifies a string to display when users connect to a server. This string is displayed before the user authenticates.\n For example, the following banner displays details about using the system:

      \n

      \n This system is for the use of authorized users only. Individuals using this computer system without authority,\n or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by\n system personnel.\n

      " } }, "Protocols": { "target": "com.amazonaws.transfer#Protocols", "traits": { - "smithy.api#documentation": "

      Specifies the file transfer protocol or protocols over which your file transfer protocol\n client can connect to your server's endpoint. The available protocols are:

      \n
        \n
      • \n

        \n SFTP (Secure Shell (SSH) File Transfer Protocol): File transfer over\n SSH

        \n
      • \n
      • \n

        \n FTPS (File Transfer Protocol Secure): File transfer with TLS\n encryption

        \n
      • \n
      • \n

        \n FTP (File Transfer Protocol): Unencrypted file transfer

        \n
      • \n
      • \n

        \n AS2 (Applicability Statement 2): used for transporting structured business-to-business data

        \n
      • \n
      \n\n \n
        \n
      • \n

        If you select FTPS, you must choose a certificate stored in Certificate Manager (ACM) \n which is used to identify your server when clients connect to it over\n FTPS.

        \n
      • \n
      • \n

        If Protocol includes either FTP or FTPS, then the\n EndpointType must be VPC and the\n IdentityProviderType must be AWS_DIRECTORY_SERVICE or API_GATEWAY.

        \n
      • \n
      • \n

        If Protocol includes FTP, then\n AddressAllocationIds cannot be associated.

        \n
      • \n
      • \n

        If Protocol is set only to SFTP, the EndpointType\n can be set to PUBLIC and the IdentityProviderType can be set to\n SERVICE_MANAGED.

        \n
      • \n
      • \n

        If Protocol includes AS2, then the\n EndpointType must be VPC, and domain must be Amazon S3.

        \n
      • \n
      \n
      " + "smithy.api#documentation": "

      Specifies the file transfer protocol or protocols over which your file transfer protocol\n client can connect to your server's endpoint. The available protocols are:

      \n
        \n
      • \n

        \n SFTP (Secure Shell (SSH) File Transfer Protocol): File transfer over\n SSH

        \n
      • \n
      • \n

        \n FTPS (File Transfer Protocol Secure): File transfer with TLS\n encryption

        \n
      • \n
      • \n

        \n FTP (File Transfer Protocol): Unencrypted file transfer

        \n
      • \n
      • \n

        \n AS2 (Applicability Statement 2): used for transporting structured business-to-business data

        \n
      • \n
      \n \n
        \n
      • \n

        If you select FTPS, you must choose a certificate stored in Certificate Manager (ACM) \n which is used to identify your server when clients connect to it over\n FTPS.

        \n
      • \n
      • \n

        If Protocol includes either FTP or FTPS, then the\n EndpointType must be VPC and the\n IdentityProviderType must be AWS_DIRECTORY_SERVICE or API_GATEWAY.

        \n
      • \n
      • \n

        If Protocol includes FTP, then\n AddressAllocationIds cannot be associated.

        \n
      • \n
      • \n

        If Protocol is set only to SFTP, the EndpointType\n can be set to PUBLIC and the IdentityProviderType can be set to\n SERVICE_MANAGED.

        \n
      • \n
      • \n

        If Protocol includes AS2, then the\n EndpointType must be VPC, and domain must be Amazon S3.

        \n
      • \n
      \n
      " } }, "SecurityPolicyName": { @@ -2823,7 +2832,7 @@ "State": { "target": "com.amazonaws.transfer#State", "traits": { - "smithy.api#documentation": "

      The condition of the server that was described. A value of\n ONLINE indicates that the server can accept jobs and transfer files. A\n State value of OFFLINE means that the server cannot perform file\n transfer operations.

      \n\n

      The states of STARTING and STOPPING indicate that the server is\n in an intermediate state, either not fully able to respond, or not fully offline. The values\n of START_FAILED or STOP_FAILED can indicate an error\n condition.

      " + "smithy.api#documentation": "

      The condition of the server that was described. A value of\n ONLINE indicates that the server can accept jobs and transfer files. A\n State value of OFFLINE means that the server cannot perform file\n transfer operations.

      \n

      The states of STARTING and STOPPING indicate that the server is\n in an intermediate state, either not fully able to respond, or not fully offline. The values\n of START_FAILED or STOP_FAILED can indicate an error\n condition.

      " } }, "Tags": { @@ -2868,7 +2877,7 @@ "HomeDirectoryMappings": { "target": "com.amazonaws.transfer#HomeDirectoryMappings", "traits": { - "smithy.api#documentation": "

      Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should\n be visible to your user and how you want to make them visible. You must specify the\n Entry and Target pair, where Entry shows how the path\n is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you\n only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM) \n role provides access to paths in Target. This value\n can be set only when HomeDirectoryType is set to\n LOGICAL.

      \n\n

      In most cases, you can use this value instead of the session policy to lock your user\n down to the designated home directory (\"chroot\"). To do this, you can set\n Entry to '/' and set Target to the HomeDirectory\n parameter value.

      " + "smithy.api#documentation": "

      Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should\n be visible to your user and how you want to make them visible. You must specify the\n Entry and Target pair, where Entry shows how the path\n is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you\n only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM) \n role provides access to paths in Target. This value\n can be set only when HomeDirectoryType is set to\n LOGICAL.

      \n

      In most cases, you can use this value instead of the session policy to lock your user\n down to the designated home directory (\"chroot\"). To do this, you can set\n Entry to '/' and set Target to the HomeDirectory\n parameter value.

      " } }, "HomeDirectoryType": { @@ -3017,7 +3026,7 @@ } }, "traits": { - "smithy.api#documentation": "

      Reserved for future use.

      \n

      \n \n

      " + "smithy.api#documentation": "

      Reserved for future use.

      \n

      \n

      " } }, "com.amazonaws.transfer#EfsFileSystemId": { @@ -3086,36 +3095,36 @@ "AddressAllocationIds": { "target": "com.amazonaws.transfer#AddressAllocationIds", "traits": { - "smithy.api#documentation": "

      A list of address allocation IDs that are required to attach an Elastic IP address to your\n server's endpoint.

      \n\n \n\n

      This property can only be set when EndpointType is set to VPC\n and it is only valid in the UpdateServer API.

      \n
      " + "smithy.api#documentation": "

      A list of address allocation IDs that are required to attach an Elastic IP address to your\n server's endpoint.

      \n \n

      This property can only be set when EndpointType is set to VPC\n and it is only valid in the UpdateServer API.

      \n
      " } }, "SubnetIds": { "target": "com.amazonaws.transfer#SubnetIds", "traits": { - "smithy.api#documentation": "

      A list of subnet IDs that are required to host your server endpoint in your VPC.

      \n\n \n

      This property can only be set when EndpointType is set to\n VPC.

      \n
      " + "smithy.api#documentation": "

      A list of subnet IDs that are required to host your server endpoint in your VPC.

      \n \n

      This property can only be set when EndpointType is set to\n VPC.

      \n
      " } }, "VpcEndpointId": { "target": "com.amazonaws.transfer#VpcEndpointId", "traits": { - "smithy.api#documentation": "

      The identifier of the VPC endpoint.

      \n\n \n

      This property can only be set when EndpointType is set to\n VPC_ENDPOINT.

      \n \n

      For more information, see\n https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.

      \n
      " + "smithy.api#documentation": "

      The identifier of the VPC endpoint.

      \n \n

      This property can only be set when EndpointType is set to\n VPC_ENDPOINT.

      \n

      For more information, see\n https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.

      \n
      " } }, "VpcId": { "target": "com.amazonaws.transfer#VpcId", "traits": { - "smithy.api#documentation": "

      The VPC identifier of the VPC in which a server's endpoint will be hosted.

      \n\n \n

      This property can only be set when EndpointType is set to\n VPC.

      \n
      " + "smithy.api#documentation": "

      The VPC identifier of the VPC in which a server's endpoint will be hosted.

      \n \n

      This property can only be set when EndpointType is set to\n VPC.

      \n
      " } }, "SecurityGroupIds": { "target": "com.amazonaws.transfer#SecurityGroupIds", "traits": { - "smithy.api#documentation": "

      A list of security groups IDs that are available to attach to your server's\n endpoint.

      \n\n \n

      This property can only be set when EndpointType is set to\n VPC.

      \n\n

      You can edit the SecurityGroupIds property in the UpdateServer API only if you are changing the EndpointType from\n PUBLIC or VPC_ENDPOINT to VPC. To change security\n groups associated with your server's VPC endpoint after creation, use the Amazon EC2\n ModifyVpcEndpoint API.

      \n
      " + "smithy.api#documentation": "

      A list of security groups IDs that are available to attach to your server's\n endpoint.

      \n \n

      This property can only be set when EndpointType is set to\n VPC.

      \n

      You can edit the SecurityGroupIds property in the UpdateServer API only if you are changing the EndpointType from\n PUBLIC or VPC_ENDPOINT to VPC. To change security\n groups associated with your server's VPC endpoint after creation, use the Amazon EC2\n ModifyVpcEndpoint API.

      \n
      " } } }, "traits": { - "smithy.api#documentation": "

      The virtual private cloud (VPC) endpoint settings that are configured for your file\n transfer protocol-enabled server. With a VPC endpoint, you can restrict access to your server\n and resources only within your VPC. To control incoming internet traffic, invoke the\n UpdateServer API and attach an Elastic IP address to your server's\n endpoint.

      \n \n

      After May 19, 2021, you won't be able to create a server using\n EndpointType=VPC_ENDPOINT in your Amazon Web Servicesaccount if your account hasn't already\n done so before May 19, 2021. If you have already created servers with\n EndpointType=VPC_ENDPOINT in your Amazon Web Servicesaccount on or before May 19, 2021,\n you will not be affected. After this date, use\n EndpointType=VPC.

      \n \n

      For more information, see\n https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.

      \n
      " + "smithy.api#documentation": "

      The virtual private cloud (VPC) endpoint settings that are configured for your file\n transfer protocol-enabled server. With a VPC endpoint, you can restrict access to your server\n and resources only within your VPC. To control incoming internet traffic, invoke the\n UpdateServer API and attach an Elastic IP address to your server's\n endpoint.

      \n \n

      After May 19, 2021, you won't be able to create a server using\n EndpointType=VPC_ENDPOINT in your Amazon Web Servicesaccount if your account hasn't already\n done so before May 19, 2021. If you have already created servers with\n EndpointType=VPC_ENDPOINT in your Amazon Web Servicesaccount on or before May 19, 2021,\n you will not be affected. After this date, use\n EndpointType=VPC.

      \n

      For more information, see\n https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.

      \n
      " } }, "com.amazonaws.transfer#EndpointType": { @@ -3746,7 +3755,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Adds a Secure Shell (SSH) public key to a user account identified by a\n UserName value assigned to the specific file transfer protocol-enabled server,\n identified by ServerId.

      \n\n

      The response returns the UserName value, the ServerId value, and\n the name of the SshPublicKeyId.

      " + "smithy.api#documentation": "

      Adds a Secure Shell (SSH) public key to a user account identified by a\n UserName value assigned to the specific file transfer protocol-enabled server,\n identified by ServerId.

      \n

      The response returns the UserName value, the ServerId value, and\n the name of the SshPublicKeyId.

      " } }, "com.amazonaws.transfer#ImportSshPublicKeyRequest": { @@ -4799,7 +4808,7 @@ "ExternalId": { "target": "com.amazonaws.transfer#ExternalId", "traits": { - "smithy.api#documentation": "

      A unique identifier that is required to identify specific groups within your directory.\n The users of the group that you associate have access to your Amazon S3 or Amazon EFS\n resources over the enabled protocols using Transfer Family. If you know the group name,\n you can view the SID values by running the following command using Windows PowerShell.

      \n\n

      \n Get-ADGroup -Filter {samAccountName -like \"YourGroupName*\"} -Properties * | Select SamAccountName,ObjectSid\n

      \n \n

      In that command, replace YourGroupName with the name of your Active Directory group.

      \n\n

      The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces.\n You can also include underscores or any of the following characters: =,.@:/-

      " + "smithy.api#documentation": "

      A unique identifier that is required to identify specific groups within your directory.\n The users of the group that you associate have access to your Amazon S3 or Amazon EFS\n resources over the enabled protocols using Transfer Family. If you know the group name,\n you can view the SID values by running the following command using Windows PowerShell.

      \n

      \n Get-ADGroup -Filter {samAccountName -like \"YourGroupName*\"} -Properties * | Select SamAccountName,ObjectSid\n

      \n

      In that command, replace YourGroupName with the name of your Active Directory group.

      \n

      The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces.\n You can also include underscores or any of the following characters: =,.@:/-

      " } } }, @@ -5133,7 +5142,7 @@ "State": { "target": "com.amazonaws.transfer#State", "traits": { - "smithy.api#documentation": "

      The condition of the server that was described. A value of\n ONLINE indicates that the server can accept jobs and transfer files. A\n State value of OFFLINE means that the server cannot perform file\n transfer operations.

      \n\n

      The states of STARTING and STOPPING indicate that the server is\n in an intermediate state, either not fully able to respond, or not fully offline. The values\n of START_FAILED or STOP_FAILED can indicate an error\n condition.

      " + "smithy.api#documentation": "

      The condition of the server that was described. A value of\n ONLINE indicates that the server can accept jobs and transfer files. A\n State value of OFFLINE means that the server cannot perform file\n transfer operations.

      \n

      The states of STARTING and STOPPING indicate that the server is\n in an intermediate state, either not fully able to respond, or not fully offline. The values\n of START_FAILED or STOP_FAILED can indicate an error\n condition.

      " } }, "UserCount": { @@ -5178,7 +5187,7 @@ "Role": { "target": "com.amazonaws.transfer#Role", "traits": { - "smithy.api#documentation": "

      The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 \n bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users \n when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust \n relationship that allows the server to access your resources when servicing your users' transfer requests.

      \n \n\n

      The IAM role that controls your users' access to your Amazon S3 bucket for servers with Domain=S3, or your EFS file system for servers with Domain=EFS. \n

      \n

      The policies attached to this role determine the level of access you want to provide your users when \n transferring files into and out of your S3 buckets or EFS file systems.

      \n\n
      " + "smithy.api#documentation": "

      The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 \n bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users \n when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust \n relationship that allows the server to access your resources when servicing your users' transfer requests.

      \n \n

      The IAM role that controls your users' access to your Amazon S3 bucket for servers with Domain=S3, or your EFS file system for servers with Domain=EFS. \n

      \n

      The policies attached to this role determine the level of access you want to provide your users when \n transferring files into and out of your S3 buckets or EFS file systems.

      \n
      " } }, "SshPublicKeyCount": { @@ -5574,7 +5583,7 @@ "PassiveIp": { "target": "com.amazonaws.transfer#PassiveIp", "traits": { - "smithy.api#documentation": "

      \n Indicates passive mode, for FTP and FTPS protocols.\n Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer.\n For example:\n

      \n

      \n aws transfer update-server --protocol-details PassiveIp=0.0.0.0\n

      \n

      Replace 0.0.0.0 in the example above with the actual IP address you want to use.

      \n \n

      \n If you change the PassiveIp value, you must stop and then restart your Transfer Family server for the change to take effect. For details on using passive mode (PASV) in a NAT environment, see Configuring your FTPS server behind a firewall or NAT with Transfer Family.\n

      \n
      \n

      \n Special values\n

      \n \n

      The AUTO and 0.0.0.0 are special values for the PassiveIp parameter. The value PassiveIp=AUTO\n is assigned by default to FTP and FTPS type servers. In this case, the server automatically responds with one of the endpoint IPs within the PASV response.\n PassiveIp=0.0.0.0 has a more unique application for its usage. For example, if you have a High Availability (HA) Network Load Balancer (NLB) environment,\n where you have 3 subnets, you can only specify a single IP address using the PassiveIp parameter. This reduces the effectiveness of having High Availability.\n In this case, you can specify PassiveIp=0.0.0.0. This tells the client to use the same IP address as the Control connection and utilize all AZs for their\n connections. Note, however, that not all FTP clients support the PassiveIp=0.0.0.0 response. FileZilla and WinSCP do support it. If you are using other\n clients, check to see if your client supports the PassiveIp=0.0.0.0 response.

      " + "smithy.api#documentation": "

      \n Indicates passive mode, for FTP and FTPS protocols.\n Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer.\n For example:\n

      \n

      \n aws transfer update-server --protocol-details PassiveIp=0.0.0.0\n

      \n

      Replace 0.0.0.0 in the example above with the actual IP address you want to use.

      \n \n

      \n If you change the PassiveIp value, you must stop and then restart your Transfer Family server for the change to take effect. For details on using passive mode (PASV) in a NAT environment, see Configuring your FTPS server behind a firewall or NAT with Transfer Family.\n

      \n
      \n

      \n Special values\n

      \n

      The AUTO and 0.0.0.0 are special values for the PassiveIp parameter. The value PassiveIp=AUTO\n is assigned by default to FTP and FTPS type servers. In this case, the server automatically responds with one of the endpoint IPs within the PASV response.\n PassiveIp=0.0.0.0 has a more unique application for its usage. For example, if you have a High Availability (HA) Network Load Balancer (NLB) environment,\n where you have 3 subnets, you can only specify a single IP address using the PassiveIp parameter. This reduces the effectiveness of having High Availability.\n In this case, you can specify PassiveIp=0.0.0.0. This tells the client to use the same IP address as the Control connection and utilize all AZs for their\n connections. Note, however, that not all FTP clients support the PassiveIp=0.0.0.0 response. FileZilla and WinSCP do support it. If you are using other\n clients, check to see if your client supports the PassiveIp=0.0.0.0 response.

      " } }, "TlsSessionResumptionMode": { @@ -5586,7 +5595,7 @@ "SetStatOption": { "target": "com.amazonaws.transfer#SetStatOption", "traits": { - "smithy.api#documentation": "

      Use the SetStatOption to ignore the error that is generated when the client attempts to use SETSTAT on a file you are uploading to an S3 bucket.

      \n

      Some SFTP file transfer clients can attempt to change the attributes of remote files, including timestamp and permissions, using commands, such as SETSTAT when uploading the file.\n However, these commands are not compatible with object storage systems, such as Amazon S3. Due to this incompatibility, file uploads from these clients can result in errors even when \n the file is otherwise successfully uploaded.

      \n

      Set the value to ENABLE_NO_OP to have the Transfer Family server ignore the SETSTAT command, and upload files without needing to make any changes to your SFTP client.\n While the SetStatOption \n ENABLE_NO_OP setting ignores the error, it does generate a log entry in Amazon CloudWatch Logs, so you can determine when the client is making a SETSTAT call.

      \n \n

      If you want to preserve the original timestamp for your file, and modify other file attributes using SETSTAT, you can use Amazon EFS as backend storage with Transfer Family.

      \n
      " + "smithy.api#documentation": "

      Use the SetStatOption to ignore the error that is generated when the client attempts to use SETSTAT on a file you are uploading to an S3 bucket.

      \n

      Some SFTP file transfer clients can attempt to change the attributes of remote files, including timestamp and permissions, using commands, such as SETSTAT when uploading the file.\n However, these commands are not compatible with object storage systems, such as Amazon S3. Due to this incompatibility, file uploads from these clients can result in errors even when \n the file is otherwise successfully uploaded.

      \n

      Set the value to ENABLE_NO_OP to have the Transfer Family server ignore the SETSTAT command, and upload files without needing to make any changes to your SFTP client.\n While the SetStatOption\n ENABLE_NO_OP setting ignores the error, it does generate a log entry in Amazon CloudWatch Logs, so you can determine when the client is making a SETSTAT call.

      \n \n

      If you want to preserve the original timestamp for your file, and modify other file attributes using SETSTAT, you can use Amazon EFS as backend storage with Transfer Family.

      \n
      " } }, "As2Transports": { @@ -6240,7 +6249,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Changes the state of a file transfer protocol-enabled server from OFFLINE to\n ONLINE. It has no impact on a server that is already ONLINE. An\n ONLINE server can accept and process file transfer jobs.

      \n\n

      The state of STARTING indicates that the server is in an intermediate state,\n either not fully able to respond, or not fully online. The values of START_FAILED\n can indicate an error condition.

      \n\n

      No response is returned from this call.

      " + "smithy.api#documentation": "

      Changes the state of a file transfer protocol-enabled server from OFFLINE to\n ONLINE. It has no impact on a server that is already ONLINE. An\n ONLINE server can accept and process file transfer jobs.

      \n

      The state of STARTING indicates that the server is in an intermediate state,\n either not fully able to respond, or not fully online. The values of START_FAILED\n can indicate an error condition.

      \n

      No response is returned from this call.

      " } }, "com.amazonaws.transfer#StartServerRequest": { @@ -6296,7 +6305,7 @@ } }, "traits": { - "smithy.api#documentation": "

      Describes the condition of a file transfer protocol-enabled server with respect to its\n ability to perform file operations. There are six possible states: OFFLINE,\n ONLINE, STARTING, STOPPING,\n START_FAILED, and STOP_FAILED.

      \n\n

      \n OFFLINE indicates that the server exists, but that it is not available for\n file operations. ONLINE indicates that the server is available to perform file\n operations. STARTING indicates that the server's was instantiated, but the\n server is not yet available to perform file operations. Under normal conditions, it can take a\n couple of minutes for the server to be completely operational. Both START_FAILED\n and STOP_FAILED are error conditions.

      " + "smithy.api#documentation": "

      Describes the condition of a file transfer protocol-enabled server with respect to its\n ability to perform file operations. There are six possible states: OFFLINE,\n ONLINE, STARTING, STOPPING,\n START_FAILED, and STOP_FAILED.

      \n

      \n OFFLINE indicates that the server exists, but that it is not available for\n file operations. ONLINE indicates that the server is available to perform file\n operations. STARTING indicates that the server's was instantiated, but the\n server is not yet available to perform file operations. Under normal conditions, it can take a\n couple of minutes for the server to be completely operational. Both START_FAILED\n and STOP_FAILED are error conditions.

      " } }, "com.amazonaws.transfer#StatusCode": { @@ -6340,7 +6349,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Changes the state of a file transfer protocol-enabled server from ONLINE to\n OFFLINE. An OFFLINE server cannot accept and process file transfer\n jobs. Information tied to your server, such as server and user properties, are not affected by\n stopping your server.

      \n\n \n

      Stopping the server does not reduce or impact your file transfer protocol endpoint\n billing; you must delete the server to stop being billed.

      \n
      \n\n

      The state of STOPPING indicates that the server is in an intermediate state,\n either not fully able to respond, or not fully offline. The values of STOP_FAILED\n can indicate an error condition.

      \n\n

      No response is returned from this call.

      " + "smithy.api#documentation": "

      Changes the state of a file transfer protocol-enabled server from ONLINE to\n OFFLINE. An OFFLINE server cannot accept and process file transfer\n jobs. Information tied to your server, such as server and user properties, are not affected by\n stopping your server.

      \n \n

      Stopping the server does not reduce or impact your file transfer protocol endpoint\n billing; you must delete the server to stop being billed.

      \n
      \n

      The state of STOPPING indicates that the server is in an intermediate state,\n either not fully able to respond, or not fully offline. The values of STOP_FAILED\n can indicate an error condition.

      \n

      No response is returned from this call.

      " } }, "com.amazonaws.transfer#StopServerRequest": { @@ -6430,7 +6439,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Attaches a key-value pair to a resource, as identified by its Amazon Resource Name (ARN).\n Resources are users, servers, roles, and other entities.

      \n\n

      There is no response returned from this call.

      " + "smithy.api#documentation": "

      Attaches a key-value pair to a resource, as identified by its Amazon Resource Name (ARN).\n Resources are users, servers, roles, and other entities.

      \n

      There is no response returned from this call.

      " } }, "com.amazonaws.transfer#TagResourceRequest": { @@ -6538,7 +6547,7 @@ "ServerProtocol": { "target": "com.amazonaws.transfer#Protocol", "traits": { - "smithy.api#documentation": "

      The type of file transfer protocol to be tested.

      \n\n

      The available protocols are:

      \n\n
        \n
      • \n

        Secure Shell (SSH) File Transfer Protocol (SFTP)

        \n
      • \n
      • \n

        File Transfer Protocol Secure (FTPS)

        \n
      • \n
      • \n

        File Transfer Protocol (FTP)

        \n
      • \n
      " + "smithy.api#documentation": "

      The type of file transfer protocol to be tested.

      \n

      The available protocols are:

      \n
        \n
      • \n

        Secure Shell (SSH) File Transfer Protocol (SFTP)

        \n
      • \n
      • \n

        File Transfer Protocol Secure (FTPS)

        \n
      • \n
      • \n

        File Transfer Protocol (FTP)

        \n
      • \n
      " } }, "SourceIp": { @@ -6890,15 +6899,6 @@ "ref": "Endpoint" } ] - }, - { - "fn": "parseURL", - "argv": [ - { - "ref": "Endpoint" - } - ], - "assign": "url" } ], "type": "tree", @@ -7161,9 +7161,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "ap-south-1" + "Region": "ap-south-1", + "UseDualStack": true } }, { @@ -7174,9 +7174,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "ap-south-1" + "Region": "ap-south-1", + "UseDualStack": false } }, { @@ -7187,9 +7187,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "ap-south-1" + "Region": "ap-south-1", + "UseDualStack": true } }, { @@ -7200,9 +7200,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "ap-south-1" + "Region": "ap-south-1", + "UseDualStack": false } }, { @@ -7213,9 +7213,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "eu-south-1" + "Region": "eu-south-1", + "UseDualStack": true } }, { @@ -7226,9 +7226,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "eu-south-1" + "Region": "eu-south-1", + "UseDualStack": false } }, { @@ -7239,9 +7239,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "eu-south-1" + "Region": "eu-south-1", + "UseDualStack": true } }, { @@ -7252,9 +7252,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "eu-south-1" + "Region": "eu-south-1", + "UseDualStack": false } }, { @@ -7265,9 +7265,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "us-gov-east-1" + "Region": "us-gov-east-1", + "UseDualStack": true } }, { @@ -7278,9 +7278,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "us-gov-east-1" + "Region": "us-gov-east-1", + "UseDualStack": false } }, { @@ -7291,9 +7291,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "us-gov-east-1" + "Region": "us-gov-east-1", + "UseDualStack": true } }, { @@ -7304,9 +7304,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "us-gov-east-1" + "Region": "us-gov-east-1", + "UseDualStack": false } }, { @@ -7317,9 +7317,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "ca-central-1" + "Region": "ca-central-1", + "UseDualStack": true } }, { @@ -7330,9 +7330,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "ca-central-1" + "Region": "ca-central-1", + "UseDualStack": false } }, { @@ -7343,9 +7343,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "ca-central-1" + "Region": "ca-central-1", + "UseDualStack": true } }, { @@ -7356,9 +7356,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "ca-central-1" + "Region": "ca-central-1", + "UseDualStack": false } }, { @@ -7369,9 +7369,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "eu-central-1" + "Region": "eu-central-1", + "UseDualStack": true } }, { @@ -7382,9 +7382,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "eu-central-1" + "Region": "eu-central-1", + "UseDualStack": false } }, { @@ -7395,9 +7395,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "eu-central-1" + "Region": "eu-central-1", + "UseDualStack": true } }, { @@ -7408,9 +7408,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "eu-central-1" + "Region": "eu-central-1", + "UseDualStack": false } }, { @@ -7421,9 +7421,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "us-west-1" + "Region": "us-west-1", + "UseDualStack": true } }, { @@ -7434,9 +7434,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "us-west-1" + "Region": "us-west-1", + "UseDualStack": false } }, { @@ -7447,9 +7447,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "us-west-1" + "Region": "us-west-1", + "UseDualStack": true } }, { @@ -7460,9 +7460,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "us-west-1" + "Region": "us-west-1", + "UseDualStack": false } }, { @@ -7473,9 +7473,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "us-west-2" + "Region": "us-west-2", + "UseDualStack": true } }, { @@ -7486,9 +7486,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "us-west-2" + "Region": "us-west-2", + "UseDualStack": false } }, { @@ -7499,9 +7499,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "us-west-2" + "Region": "us-west-2", + "UseDualStack": true } }, { @@ -7512,9 +7512,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "us-west-2" + "Region": "us-west-2", + "UseDualStack": false } }, { @@ -7525,9 +7525,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "af-south-1" + "Region": "af-south-1", + "UseDualStack": true } }, { @@ -7538,9 +7538,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "af-south-1" + "Region": "af-south-1", + "UseDualStack": false } }, { @@ -7551,9 +7551,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "af-south-1" + "Region": "af-south-1", + "UseDualStack": true } }, { @@ -7564,9 +7564,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "af-south-1" + "Region": "af-south-1", + "UseDualStack": false } }, { @@ -7577,9 +7577,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "eu-north-1" + "Region": "eu-north-1", + "UseDualStack": true } }, { @@ -7590,9 +7590,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "eu-north-1" + "Region": "eu-north-1", + "UseDualStack": false } }, { @@ -7603,9 +7603,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "eu-north-1" + "Region": "eu-north-1", + "UseDualStack": true } }, { @@ -7616,9 +7616,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "eu-north-1" + "Region": "eu-north-1", + "UseDualStack": false } }, { @@ -7629,9 +7629,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "eu-west-3" + "Region": "eu-west-3", + "UseDualStack": true } }, { @@ -7642,9 +7642,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "eu-west-3" + "Region": "eu-west-3", + "UseDualStack": false } }, { @@ -7655,9 +7655,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "eu-west-3" + "Region": "eu-west-3", + "UseDualStack": true } }, { @@ -7668,9 +7668,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "eu-west-3" + "Region": "eu-west-3", + "UseDualStack": false } }, { @@ -7681,9 +7681,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "eu-west-2" + "Region": "eu-west-2", + "UseDualStack": true } }, { @@ -7694,9 +7694,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "eu-west-2" + "Region": "eu-west-2", + "UseDualStack": false } }, { @@ -7707,9 +7707,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "eu-west-2" + "Region": "eu-west-2", + "UseDualStack": true } }, { @@ -7720,9 +7720,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "eu-west-2" + "Region": "eu-west-2", + "UseDualStack": false } }, { @@ -7733,9 +7733,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "eu-west-1" + "Region": "eu-west-1", + "UseDualStack": true } }, { @@ -7746,9 +7746,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "eu-west-1" + "Region": "eu-west-1", + "UseDualStack": false } }, { @@ -7759,9 +7759,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "eu-west-1" + "Region": "eu-west-1", + "UseDualStack": true } }, { @@ -7772,9 +7772,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "eu-west-1" + "Region": "eu-west-1", + "UseDualStack": false } }, { @@ -7785,9 +7785,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "ap-northeast-3" + "Region": "ap-northeast-3", + "UseDualStack": true } }, { @@ -7798,9 +7798,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "ap-northeast-3" + "Region": "ap-northeast-3", + "UseDualStack": false } }, { @@ -7811,9 +7811,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "ap-northeast-3" + "Region": "ap-northeast-3", + "UseDualStack": true } }, { @@ -7824,9 +7824,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "ap-northeast-3" + "Region": "ap-northeast-3", + "UseDualStack": false } }, { @@ -7837,9 +7837,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "ap-northeast-2" + "Region": "ap-northeast-2", + "UseDualStack": true } }, { @@ -7850,9 +7850,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "ap-northeast-2" + "Region": "ap-northeast-2", + "UseDualStack": false } }, { @@ -7863,9 +7863,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "ap-northeast-2" + "Region": "ap-northeast-2", + "UseDualStack": true } }, { @@ -7876,9 +7876,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "ap-northeast-2" + "Region": "ap-northeast-2", + "UseDualStack": false } }, { @@ -7889,9 +7889,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "ap-northeast-1" + "Region": "ap-northeast-1", + "UseDualStack": true } }, { @@ -7902,9 +7902,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "ap-northeast-1" + "Region": "ap-northeast-1", + "UseDualStack": false } }, { @@ -7915,9 +7915,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "ap-northeast-1" + "Region": "ap-northeast-1", + "UseDualStack": true } }, { @@ -7928,9 +7928,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "ap-northeast-1" + "Region": "ap-northeast-1", + "UseDualStack": false } }, { @@ -7941,9 +7941,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "me-south-1" + "Region": "me-south-1", + "UseDualStack": true } }, { @@ -7954,9 +7954,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "me-south-1" + "Region": "me-south-1", + "UseDualStack": false } }, { @@ -7967,9 +7967,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "me-south-1" + "Region": "me-south-1", + "UseDualStack": true } }, { @@ -7980,9 +7980,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "me-south-1" + "Region": "me-south-1", + "UseDualStack": false } }, { @@ -7993,9 +7993,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "sa-east-1" + "Region": "sa-east-1", + "UseDualStack": true } }, { @@ -8006,9 +8006,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "sa-east-1" + "Region": "sa-east-1", + "UseDualStack": false } }, { @@ -8019,9 +8019,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "sa-east-1" + "Region": "sa-east-1", + "UseDualStack": true } }, { @@ -8032,9 +8032,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "sa-east-1" + "Region": "sa-east-1", + "UseDualStack": false } }, { @@ -8045,9 +8045,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "ap-east-1" + "Region": "ap-east-1", + "UseDualStack": true } }, { @@ -8058,9 +8058,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "ap-east-1" + "Region": "ap-east-1", + "UseDualStack": false } }, { @@ -8071,9 +8071,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "ap-east-1" + "Region": "ap-east-1", + "UseDualStack": true } }, { @@ -8084,9 +8084,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "ap-east-1" + "Region": "ap-east-1", + "UseDualStack": false } }, { @@ -8097,9 +8097,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "cn-north-1" + "Region": "cn-north-1", + "UseDualStack": true } }, { @@ -8110,9 +8110,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "cn-north-1" + "Region": "cn-north-1", + "UseDualStack": false } }, { @@ -8123,9 +8123,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "cn-north-1" + "Region": "cn-north-1", + "UseDualStack": true } }, { @@ -8136,9 +8136,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "cn-north-1" + "Region": "cn-north-1", + "UseDualStack": false } }, { @@ -8149,9 +8149,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "us-gov-west-1" + "Region": "us-gov-west-1", + "UseDualStack": true } }, { @@ -8162,9 +8162,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "us-gov-west-1" + "Region": "us-gov-west-1", + "UseDualStack": false } }, { @@ -8175,9 +8175,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "us-gov-west-1" + "Region": "us-gov-west-1", + "UseDualStack": true } }, { @@ -8188,9 +8188,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "us-gov-west-1" + "Region": "us-gov-west-1", + "UseDualStack": false } }, { @@ -8201,9 +8201,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "ap-southeast-1" + "Region": "ap-southeast-1", + "UseDualStack": true } }, { @@ -8214,9 +8214,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "ap-southeast-1" + "Region": "ap-southeast-1", + "UseDualStack": false } }, { @@ -8227,9 +8227,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "ap-southeast-1" + "Region": "ap-southeast-1", + "UseDualStack": true } }, { @@ -8240,9 +8240,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "ap-southeast-1" + "Region": "ap-southeast-1", + "UseDualStack": false } }, { @@ -8253,9 +8253,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "ap-southeast-2" + "Region": "ap-southeast-2", + "UseDualStack": true } }, { @@ -8266,9 +8266,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "ap-southeast-2" + "Region": "ap-southeast-2", + "UseDualStack": false } }, { @@ -8279,9 +8279,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "ap-southeast-2" + "Region": "ap-southeast-2", + "UseDualStack": true } }, { @@ -8292,9 +8292,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "ap-southeast-2" + "Region": "ap-southeast-2", + "UseDualStack": false } }, { @@ -8305,9 +8305,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "ap-southeast-3" + "Region": "ap-southeast-3", + "UseDualStack": true } }, { @@ -8318,9 +8318,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "ap-southeast-3" + "Region": "ap-southeast-3", + "UseDualStack": false } }, { @@ -8331,9 +8331,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "ap-southeast-3" + "Region": "ap-southeast-3", + "UseDualStack": true } }, { @@ -8344,9 +8344,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "ap-southeast-3" + "Region": "ap-southeast-3", + "UseDualStack": false } }, { @@ -8357,9 +8357,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "us-east-1" + "Region": "us-east-1", + "UseDualStack": true } }, { @@ -8370,9 +8370,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "us-east-1" + "Region": "us-east-1", + "UseDualStack": false } }, { @@ -8383,9 +8383,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "us-east-1" + "Region": "us-east-1", + "UseDualStack": true } }, { @@ -8396,9 +8396,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "us-east-1" + "Region": "us-east-1", + "UseDualStack": false } }, { @@ -8409,9 +8409,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "us-east-2" + "Region": "us-east-2", + "UseDualStack": true } }, { @@ -8422,9 +8422,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "us-east-2" + "Region": "us-east-2", + "UseDualStack": false } }, { @@ -8435,9 +8435,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "us-east-2" + "Region": "us-east-2", + "UseDualStack": true } }, { @@ -8448,9 +8448,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "us-east-2" + "Region": "us-east-2", + "UseDualStack": false } }, { @@ -8461,9 +8461,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": true, - "Region": "cn-northwest-1" + "Region": "cn-northwest-1", + "UseDualStack": true } }, { @@ -8474,9 +8474,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": true, - "Region": "cn-northwest-1" + "Region": "cn-northwest-1", + "UseDualStack": false } }, { @@ -8487,9 +8487,9 @@ } }, "params": { - "UseDualStack": true, "UseFIPS": false, - "Region": "cn-northwest-1" + "Region": "cn-northwest-1", + "UseDualStack": true } }, { @@ -8500,9 +8500,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, - "Region": "cn-northwest-1" + "Region": "cn-northwest-1", + "UseDualStack": false } }, { @@ -8513,9 +8513,9 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, "Region": "us-east-1", + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -8525,9 +8525,9 @@ "error": "Invalid Configuration: FIPS and custom endpoint are not supported" }, "params": { - "UseDualStack": false, "UseFIPS": true, "Region": "us-east-1", + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -8537,9 +8537,9 @@ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" }, "params": { - "UseDualStack": true, "UseFIPS": false, "Region": "us-east-1", + "UseDualStack": true, "Endpoint": "https://example.com" } } @@ -8571,7 +8571,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Detaches a key-value pair from a resource, as identified by its Amazon Resource Name\n (ARN). Resources are users, servers, roles, and other entities.

      \n\n

      No response is returned from this call.

      " + "smithy.api#documentation": "

      Detaches a key-value pair from a resource, as identified by its Amazon Resource Name\n (ARN). Resources are users, servers, roles, and other entities.

      \n

      No response is returned from this call.

      " } }, "com.amazonaws.transfer#UntagResourceRequest": { @@ -8616,6 +8616,9 @@ }, { "target": "com.amazonaws.transfer#ServiceUnavailableException" + }, + { + "target": "com.amazonaws.transfer#ThrottlingException" } ], "traits": { @@ -8646,7 +8649,7 @@ "Policy": { "target": "com.amazonaws.transfer#Policy", "traits": { - "smithy.api#documentation": "

      A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's\n access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName},\n ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.

      \n \n \n

      This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies.

      \n

      For session policies, Transfer Family stores the policy as a JSON blob, instead\n of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass\n it in the Policy argument.

      \n

      For an example of a session policy, see Example\n session policy.

      \n

      For more information, see AssumeRole in the Amazon Web ServicesSecurity Token Service API\n Reference.

      \n
      " + "smithy.api#documentation": "

      A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's\n access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName},\n ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.

      \n \n

      This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies.

      \n

      For session policies, Transfer Family stores the policy as a JSON blob, instead\n of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass\n it in the Policy argument.

      \n

      For an example of a session policy, see Example\n session policy.

      \n

      For more information, see AssumeRole in the Amazon Web ServicesSecurity Token Service API\n Reference.

      \n
      " } }, "PosixProfile": { @@ -8668,7 +8671,7 @@ "ExternalId": { "target": "com.amazonaws.transfer#ExternalId", "traits": { - "smithy.api#documentation": "

      A unique identifier that is required to identify specific groups within your directory.\n The users of the group that you associate have access to your Amazon S3 or Amazon EFS\n resources over the enabled protocols using Transfer Family. If you know the group name,\n you can view the SID values by running the following command using Windows PowerShell.

      \n\n

      \n Get-ADGroup -Filter {samAccountName -like \"YourGroupName*\"} -Properties * | Select SamAccountName,ObjectSid\n

      \n \n

      In that command, replace YourGroupName with the name of your Active Directory group.

      \n\n

      The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces.\n You can also include underscores or any of the following characters: =,.@:/-

      ", + "smithy.api#documentation": "

      A unique identifier that is required to identify specific groups within your directory.\n The users of the group that you associate have access to your Amazon S3 or Amazon EFS\n resources over the enabled protocols using Transfer Family. If you know the group name,\n you can view the SID values by running the following command using Windows PowerShell.

      \n

      \n Get-ADGroup -Filter {samAccountName -like \"YourGroupName*\"} -Properties * | Select SamAccountName,ObjectSid\n

      \n

      In that command, replace YourGroupName with the name of your Active Directory group.

      \n

      The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces.\n You can also include underscores or any of the following characters: =,.@:/-

      ", "smithy.api#required": {} } } @@ -8716,6 +8719,9 @@ }, { "target": "com.amazonaws.transfer#ServiceUnavailableException" + }, + { + "target": "com.amazonaws.transfer#ThrottlingException" } ], "traits": { @@ -8809,6 +8815,9 @@ }, { "target": "com.amazonaws.transfer#ServiceUnavailableException" + }, + { + "target": "com.amazonaws.transfer#ThrottlingException" } ], "traits": { @@ -8880,6 +8889,9 @@ }, { "target": "com.amazonaws.transfer#ServiceUnavailableException" + }, + { + "target": "com.amazonaws.transfer#ThrottlingException" } ], "traits": { @@ -9028,6 +9040,9 @@ }, { "target": "com.amazonaws.transfer#ServiceUnavailableException" + }, + { + "target": "com.amazonaws.transfer#ThrottlingException" } ], "traits": { @@ -9099,7 +9114,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Updates the file transfer protocol-enabled server's properties after that server has\n been created.

      \n\n

      The UpdateServer call returns the ServerId of the server you\n updated.

      " + "smithy.api#documentation": "

      Updates the file transfer protocol-enabled server's properties after that server has\n been created.

      \n

      The UpdateServer call returns the ServerId of the server you\n updated.

      " } }, "com.amazonaws.transfer#UpdateServerRequest": { @@ -9108,7 +9123,7 @@ "Certificate": { "target": "com.amazonaws.transfer#Certificate", "traits": { - "smithy.api#documentation": "

      The Amazon Resource Name (ARN) of the Amazon Web ServicesCertificate Manager (ACM) certificate. Required\n when Protocols is set to FTPS.

      \n\n

      To request a new public certificate, see Request a public certificate\n in the Amazon Web ServicesCertificate Manager User Guide.

      \n\n

      To import an existing certificate into ACM, see Importing certificates into ACM\n in the Amazon Web ServicesCertificate Manager User Guide.

      \n\n

      To request a private certificate to use FTPS through private IP addresses, see Request a\n private certificate in the Amazon Web ServicesCertificate Manager User\n Guide.

      \n\n

      Certificates with the following cryptographic algorithms and key sizes are\n supported:

      \n\n
        \n
      • \n

        2048-bit RSA (RSA_2048)

        \n
      • \n
      • \n

        4096-bit RSA (RSA_4096)

        \n
      • \n
      • \n

        Elliptic Prime Curve 256 bit (EC_prime256v1)

        \n
      • \n
      • \n

        Elliptic Prime Curve 384 bit (EC_secp384r1)

        \n
      • \n
      • \n

        Elliptic Prime Curve 521 bit (EC_secp521r1)

        \n
      • \n
      \n\n \n

      The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP\n address specified and information about the issuer.

      \n
      " + "smithy.api#documentation": "

      The Amazon Resource Name (ARN) of the Amazon Web ServicesCertificate Manager (ACM) certificate. Required\n when Protocols is set to FTPS.

      \n

      To request a new public certificate, see Request a public certificate\n in the Amazon Web ServicesCertificate Manager User Guide.

      \n

      To import an existing certificate into ACM, see Importing certificates into ACM\n in the Amazon Web ServicesCertificate Manager User Guide.

      \n

      To request a private certificate to use FTPS through private IP addresses, see Request a\n private certificate in the Amazon Web ServicesCertificate Manager User\n Guide.

      \n

      Certificates with the following cryptographic algorithms and key sizes are\n supported:

      \n
        \n
      • \n

        2048-bit RSA (RSA_2048)

        \n
      • \n
      • \n

        4096-bit RSA (RSA_4096)

        \n
      • \n
      • \n

        Elliptic Prime Curve 256 bit (EC_prime256v1)

        \n
      • \n
      • \n

        Elliptic Prime Curve 384 bit (EC_secp384r1)

        \n
      • \n
      • \n

        Elliptic Prime Curve 521 bit (EC_secp521r1)

        \n
      • \n
      \n \n

      The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP\n address specified and information about the issuer.

      \n
      " } }, "ProtocolDetails": { @@ -9126,13 +9141,13 @@ "EndpointType": { "target": "com.amazonaws.transfer#EndpointType", "traits": { - "smithy.api#documentation": "

      The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC)\n or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and \n resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.

      \n \n

      After May 19, 2021, you won't be able to create a server using\n EndpointType=VPC_ENDPOINT in your Amazon Web Servicesaccount if your account hasn't already\n done so before May 19, 2021. If you have already created servers with\n EndpointType=VPC_ENDPOINT in your Amazon Web Servicesaccount on or before May 19, 2021,\n you will not be affected. After this date, use\n EndpointType=VPC.

      \n \n

      For more information, see\n https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.

      \n

      It is recommended that you use VPC as the EndpointType. With\n this endpoint type, you have the option to directly associate up to three Elastic IPv4\n addresses (BYO IP included) with your server's endpoint and use VPC security groups to\n restrict traffic by the client's public IP address. This is not possible with\n EndpointType set to VPC_ENDPOINT.

      \n
      " + "smithy.api#documentation": "

      The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC)\n or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and \n resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.

      \n \n

      After May 19, 2021, you won't be able to create a server using\n EndpointType=VPC_ENDPOINT in your Amazon Web Servicesaccount if your account hasn't already\n done so before May 19, 2021. If you have already created servers with\n EndpointType=VPC_ENDPOINT in your Amazon Web Servicesaccount on or before May 19, 2021,\n you will not be affected. After this date, use\n EndpointType=VPC.

      \n

      For more information, see\n https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.

      \n

      It is recommended that you use VPC as the EndpointType. With\n this endpoint type, you have the option to directly associate up to three Elastic IPv4\n addresses (BYO IP included) with your server's endpoint and use VPC security groups to\n restrict traffic by the client's public IP address. This is not possible with\n EndpointType set to VPC_ENDPOINT.

      \n
      " } }, "HostKey": { "target": "com.amazonaws.transfer#HostKey", "traits": { - "smithy.api#documentation": "

      The RSA, ECDSA, or ED25519 private key to use for your SFTP-enabled server. You can add multiple host keys, in case you want\n to rotate keys, or have a set of active keys that use different algorithms.

      \n \n

      Use the following command to generate an RSA 2048 bit key with no passphrase:

      \n

      \n ssh-keygen -t rsa -b 2048 -N \"\" -m PEM -f my-new-server-key.

      \n

      Use a minimum value of 2048 for the -b option. You can create a stronger key by using 3072 or 4096.

      \n \n

      Use the following command to generate an ECDSA 256 bit key with no passphrase:

      \n

      \n ssh-keygen -t ecdsa -b 256 -N \"\" -m PEM -f my-new-server-key.

      \n

      Valid values for the -b option for ECDSA are 256, 384, and 521.

      \n \n

      Use the following command to generate an ED25519 key with no passphrase:

      \n

      \n ssh-keygen -t ed25519 -N \"\" -f my-new-server-key.

      \n \n

      For all of these commands, you can replace my-new-server-key with a string of your choice.

      \n\n \n

      If you aren't planning to migrate existing users from an existing SFTP-enabled\n server to a new server, don't update the host key. Accidentally changing a\n server's host key can be disruptive.

      \n
      \n\n \n\n

      For more information, see Update host keys for your SFTP-enabled server in the Transfer Family User Guide.

      " + "smithy.api#documentation": "

      The RSA, ECDSA, or ED25519 private key to use for your SFTP-enabled server. You can add multiple host keys, in case you want\n to rotate keys, or have a set of active keys that use different algorithms.

      \n

      Use the following command to generate an RSA 2048 bit key with no passphrase:

      \n

      \n ssh-keygen -t rsa -b 2048 -N \"\" -m PEM -f my-new-server-key.

      \n

      Use a minimum value of 2048 for the -b option. You can create a stronger key by using 3072 or 4096.

      \n

      Use the following command to generate an ECDSA 256 bit key with no passphrase:

      \n

      \n ssh-keygen -t ecdsa -b 256 -N \"\" -m PEM -f my-new-server-key.

      \n

      Valid values for the -b option for ECDSA are 256, 384, and 521.

      \n

      Use the following command to generate an ED25519 key with no passphrase:

      \n

      \n ssh-keygen -t ed25519 -N \"\" -f my-new-server-key.

      \n

      For all of these commands, you can replace my-new-server-key with a string of your choice.

      \n \n

      If you aren't planning to migrate existing users from an existing SFTP-enabled\n server to a new server, don't update the host key. Accidentally changing a\n server's host key can be disruptive.

      \n
      \n

      For more information, see Update host keys for your SFTP-enabled server in the Transfer Family User Guide.

      " } }, "IdentityProviderDetails": { @@ -9156,13 +9171,13 @@ "PreAuthenticationLoginBanner": { "target": "com.amazonaws.transfer#PreAuthenticationLoginBanner", "traits": { - "smithy.api#documentation": "

      Specifies a string to display when users connect to a server. This string is displayed before the user authenticates.\n For example, the following banner displays details about using the system:

      \n \n

      \n This system is for the use of authorized users only. Individuals using this computer system without authority,\n or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by\n system personnel.\n

      " + "smithy.api#documentation": "

      Specifies a string to display when users connect to a server. This string is displayed before the user authenticates.\n For example, the following banner displays details about using the system:

      \n

      \n This system is for the use of authorized users only. Individuals using this computer system without authority,\n or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by\n system personnel.\n

      " } }, "Protocols": { "target": "com.amazonaws.transfer#Protocols", "traits": { - "smithy.api#documentation": "

      Specifies the file transfer protocol or protocols over which your file transfer protocol\n client can connect to your server's endpoint. The available protocols are:

      \n
        \n
      • \n

        \n SFTP (Secure Shell (SSH) File Transfer Protocol): File transfer over\n SSH

        \n
      • \n
      • \n

        \n FTPS (File Transfer Protocol Secure): File transfer with TLS\n encryption

        \n
      • \n
      • \n

        \n FTP (File Transfer Protocol): Unencrypted file transfer

        \n
      • \n
      • \n

        \n AS2 (Applicability Statement 2): used for transporting structured business-to-business data

        \n
      • \n
      \n\n \n
        \n
      • \n

        If you select FTPS, you must choose a certificate stored in Certificate Manager (ACM) \n which is used to identify your server when clients connect to it over\n FTPS.

        \n
      • \n
      • \n

        If Protocol includes either FTP or FTPS, then the\n EndpointType must be VPC and the\n IdentityProviderType must be AWS_DIRECTORY_SERVICE or API_GATEWAY.

        \n
      • \n
      • \n

        If Protocol includes FTP, then\n AddressAllocationIds cannot be associated.

        \n
      • \n
      • \n

        If Protocol is set only to SFTP, the EndpointType\n can be set to PUBLIC and the IdentityProviderType can be set to\n SERVICE_MANAGED.

        \n
      • \n
      • \n

        If Protocol includes AS2, then the\n EndpointType must be VPC, and domain must be Amazon S3.

        \n
      • \n
      \n
      " + "smithy.api#documentation": "

      Specifies the file transfer protocol or protocols over which your file transfer protocol\n client can connect to your server's endpoint. The available protocols are:

      \n
        \n
      • \n

        \n SFTP (Secure Shell (SSH) File Transfer Protocol): File transfer over\n SSH

        \n
      • \n
      • \n

        \n FTPS (File Transfer Protocol Secure): File transfer with TLS\n encryption

        \n
      • \n
      • \n

        \n FTP (File Transfer Protocol): Unencrypted file transfer

        \n
      • \n
      • \n

        \n AS2 (Applicability Statement 2): used for transporting structured business-to-business data

        \n
      • \n
      \n \n
        \n
      • \n

        If you select FTPS, you must choose a certificate stored in Certificate Manager (ACM) \n which is used to identify your server when clients connect to it over\n FTPS.

        \n
      • \n
      • \n

        If Protocol includes either FTP or FTPS, then the\n EndpointType must be VPC and the\n IdentityProviderType must be AWS_DIRECTORY_SERVICE or API_GATEWAY.

        \n
      • \n
      • \n

        If Protocol includes FTP, then\n AddressAllocationIds cannot be associated.

        \n
      • \n
      • \n

        If Protocol is set only to SFTP, the EndpointType\n can be set to PUBLIC and the IdentityProviderType can be set to\n SERVICE_MANAGED.

        \n
      • \n
      • \n

        If Protocol includes AS2, then the\n EndpointType must be VPC, and domain must be Amazon S3.

        \n
      • \n
      \n
      " } }, "SecurityPolicyName": { @@ -9224,7 +9239,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Assigns new properties to a user. Parameters you pass modify any or all of the following:\n the home directory, role, and policy for the UserName and ServerId\n you specify.

      \n\n

      The response returns the ServerId and the UserName for the\n updated user.

      " + "smithy.api#documentation": "

      Assigns new properties to a user. Parameters you pass modify any or all of the following:\n the home directory, role, and policy for the UserName and ServerId\n you specify.

      \n

      The response returns the ServerId and the UserName for the\n updated user.

      " } }, "com.amazonaws.transfer#UpdateUserRequest": { @@ -9245,13 +9260,13 @@ "HomeDirectoryMappings": { "target": "com.amazonaws.transfer#HomeDirectoryMappings", "traits": { - "smithy.api#documentation": "

      Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should\n be visible to your user and how you want to make them visible. You must specify the\n Entry and Target pair, where Entry shows how the path\n is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you\n only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM) \n role provides access to paths in Target. This value\n can be set only when HomeDirectoryType is set to\n LOGICAL.

      \n\n

      The following is an Entry and Target pair example.

      \n

      \n [ { \"Entry\": \"/directory1\", \"Target\": \"/bucket_name/home/mydirectory\" } ]\n

      \n\n

      In most cases, you can use this value instead of the session policy to lock down your\n user to the designated home directory (\"chroot\"). To do this, you can set\n Entry to '/' and set Target to the HomeDirectory\n parameter value.

      \n\n

      The following is an Entry and Target pair example for chroot.

      \n

      \n [ { \"Entry\": \"/\", \"Target\": \"/bucket_name/home/mydirectory\" } ]\n

      " + "smithy.api#documentation": "

      Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should\n be visible to your user and how you want to make them visible. You must specify the\n Entry and Target pair, where Entry shows how the path\n is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you\n only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM) \n role provides access to paths in Target. This value\n can be set only when HomeDirectoryType is set to\n LOGICAL.

      \n

      The following is an Entry and Target pair example.

      \n

      \n [ { \"Entry\": \"/directory1\", \"Target\": \"/bucket_name/home/mydirectory\" } ]\n

      \n

      In most cases, you can use this value instead of the session policy to lock down your\n user to the designated home directory (\"chroot\"). To do this, you can set\n Entry to '/' and set Target to the HomeDirectory\n parameter value.

      \n

      The following is an Entry and Target pair example for chroot.

      \n

      \n [ { \"Entry\": \"/\", \"Target\": \"/bucket_name/home/mydirectory\" } ]\n

      " } }, "Policy": { "target": "com.amazonaws.transfer#Policy", "traits": { - "smithy.api#documentation": "

      A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's\n access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName},\n ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.

      \n \n \n

      This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies.

      \n

      For session policies, Transfer Family stores the policy as a JSON blob, instead\n of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass\n it in the Policy argument.

      \n \n \n\n

      For an example of a session policy, see Creating a session\n policy.

      \n\n \n\n

      For more information, see AssumeRole in the Amazon Web Services\n Security Token Service API Reference.

      \n
      " + "smithy.api#documentation": "

      A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's\n access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName},\n ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.

      \n \n

      This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies.

      \n

      For session policies, Transfer Family stores the policy as a JSON blob, instead\n of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass\n it in the Policy argument.

      \n

      For an example of a session policy, see Creating a session\n policy.

      \n

      For more information, see AssumeRole in the Amazon Web Services\n Security Token Service API Reference.

      \n
      " } }, "PosixProfile": {