Struct aws_sdk_transfer::client::Client
source · [−]pub struct Client { /* private fields */ }
Expand description
Client for AWS Transfer Family
Client for invoking operations on AWS Transfer Family. Each operation on AWS Transfer Family is a method on this
this struct. .send()
MUST be invoked on the generated operations to dispatch the request to the service.
Examples
Constructing a client and invoking an operation
// create a shared configuration. This can be used & shared between multiple service clients.
let shared_config = aws_config::load_from_env().await;
let client = aws_sdk_transfer::Client::new(&shared_config);
// invoke an operation
/* let rsp = client
.<operation_name>().
.<param>("some value")
.send().await; */
Constructing a client with custom configuration
use aws_config::RetryConfig;
let shared_config = aws_config::load_from_env().await;
let config = aws_sdk_transfer::config::Builder::from(&shared_config)
.retry_config(RetryConfig::disabled())
.build();
let client = aws_sdk_transfer::Client::from_conf(config);
Implementations
sourceimpl Client
impl Client
sourcepub fn with_config(
client: Client<DynConnector, DynMiddleware<DynConnector>>,
conf: Config
) -> Self
pub fn with_config(
client: Client<DynConnector, DynMiddleware<DynConnector>>,
conf: Config
) -> Self
Creates a client with the given service configuration.
sourceimpl Client
impl Client
sourcepub fn create_access(&self) -> CreateAccess
pub fn create_access(&self) -> CreateAccess
Constructs a fluent builder for the CreateAccess
operation.
- The fluent builder is configurable:
home_directory(impl Into<String>)
/set_home_directory(Option<String>)
:The landing directory (folder) for a user when they log in to the server using the client.
A
HomeDirectory
example is/bucket_name/home/mydirectory
.home_directory_type(HomeDirectoryType)
/set_home_directory_type(Option<HomeDirectoryType>)
:The type of landing directory (folder) you want your users’ home directory to be when they log into the server. If you set it to
PATH
, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer protocol clients. If you set itLOGICAL
, you need to provide mappings in theHomeDirectoryMappings
for how you want to make Amazon S3 or EFS paths visible to your users.home_directory_mappings(Vec<HomeDirectoryMapEntry>)
/set_home_directory_mappings(Option<Vec<HomeDirectoryMapEntry>>)
:Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the
Entry
andTarget
pair, whereEntry
shows how the path is made visible andTarget
is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your Amazon Web Services Identity and Access Management (IAM) role provides access to paths inTarget
. This value can only be set whenHomeDirectoryType
is set to LOGICAL.The following is an
Entry
andTarget
pair example.[ { “Entry”: “/directory1”, “Target”: “/bucket_name/home/mydirectory” } ]
In most cases, you can use this value instead of the session policy to lock down your user to the designated home directory (“
chroot
”). To do this, you can setEntry
to/
and setTarget
to theHomeDirectory
parameter value.The following is an
Entry
andTarget
pair example forchroot
.[ { “Entry”: “/”, “Target”: “/bucket_name/home/mydirectory” } ]
policy(impl Into<String>)
/set_policy(Option<String>)
:A session policy for your user so that you can use the same IAM role across multiple users. This policy scopes down user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
.This only applies when the domain of
ServerId
is S3. EFS does not use session policies.For session policies, Amazon Web Services Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the
Policy
argument.For an example of a session policy, see Example session policy.
For more information, see AssumeRole in the Amazon Web Services Security Token Service API Reference.
posix_profile(PosixProfile)
/set_posix_profile(Option<PosixProfile>)
:The full POSIX identity, including user ID (
Uid
), group ID (Gid
), and any secondary groups IDs (SecondaryGids
), that controls your users’ access to your Amazon EFS file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.role(impl Into<String>)
/set_role(Option<String>)
:Specifies the Amazon Resource Name (ARN) of the IAM role that controls your users’ access to your Amazon S3 bucket or EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users’ transfer requests.
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.
external_id(impl Into<String>)
/set_external_id(Option<String>)
:A unique identifier that is required to identify specific groups within your directory. The users of the group that you associate have access to your Amazon S3 or Amazon EFS resources over the enabled protocols using Amazon Web Services Transfer Family. If you know the group name, you can view the SID values by running the following command using Windows PowerShell.
Get-ADGroup -Filter {samAccountName -like “YourGroupName*”} -Properties * | Select SamAccountName,ObjectSid
In that command, replace YourGroupName with the name of your Active Directory group.
The regex used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. You can also include underscores or any of the following characters: =,.@:/-
- On success, responds with
CreateAccessOutput
with field(s):server_id(Option<String>)
:The ID of the server that the user is attached to.
external_id(Option<String>)
:The external ID of the group whose users have access to your Amazon S3 or Amazon EFS resources over the enabled protocols using Amazon Web Services Transfer Family.
- On failure, responds with
SdkError<CreateAccessError>
sourcepub fn create_server(&self) -> CreateServer
pub fn create_server(&self) -> CreateServer
Constructs a fluent builder for the CreateServer
operation.
- The fluent builder is configurable:
certificate(impl Into<String>)
/set_certificate(Option<String>)
:The Amazon Resource Name (ARN) of the Amazon Web Services Certificate Manager (ACM) certificate. Required when
Protocols
is set toFTPS
.To request a new public certificate, see Request a public certificate in the Amazon Web Services Certificate Manager User Guide.
To import an existing certificate into ACM, see Importing certificates into ACM in the Amazon Web Services Certificate Manager User Guide.
To request a private certificate to use FTPS through private IP addresses, see Request a private certificate in the Amazon Web Services Certificate Manager User Guide.
Certificates with the following cryptographic algorithms and key sizes are supported:
-
2048-bit RSA (RSA_2048)
-
4096-bit RSA (RSA_4096)
-
Elliptic Prime Curve 256 bit (EC_prime256v1)
-
Elliptic Prime Curve 384 bit (EC_secp384r1)
-
Elliptic Prime Curve 521 bit (EC_secp521r1)
The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP address specified and information about the issuer.
-
domain(Domain)
/set_domain(Option<Domain>)
:The domain of the storage system that is used for file transfers. There are two domains available: Amazon Simple Storage Service (Amazon S3) and Amazon Elastic File System (Amazon EFS). The default value is S3.
After the server is created, the domain cannot be changed.
endpoint_details(EndpointDetails)
/set_endpoint_details(Option<EndpointDetails>)
:The virtual private cloud (VPC) endpoint settings that are configured for your server. When you host your endpoint within your VPC, you can make it accessible only to resources within your VPC, or you can attach Elastic IP addresses and make it accessible to clients over the internet. Your VPC’s default security groups are automatically assigned to your endpoint.
endpoint_type(EndpointType)
/set_endpoint_type(Option<EndpointType>)
:The type of endpoint that you want your server to use. You can choose to make your server’s endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.
After May 19, 2021, you won’t be able to create a server using
EndpointType=VPC_ENDPOINT
in your Amazon Web Services account if your account hasn’t already done so before May 19, 2021. If you have already created servers withEndpointType=VPC_ENDPOINT
in your Amazon Web Services account on or before May 19, 2021, you will not be affected. After this date, useEndpointType
=VPC
.For more information, see https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.
It is recommended that you use
VPC
as theEndpointType
. With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server’s endpoint and use VPC security groups to restrict traffic by the client’s public IP address. This is not possible withEndpointType
set toVPC_ENDPOINT
.host_key(impl Into<String>)
/set_host_key(Option<String>)
:The RSA private key as generated by the
ssh-keygen -N “” -m PEM -f my-new-server-key
command.If you aren’t planning to migrate existing users from an existing SFTP-enabled server to a new server, don’t update the host key. Accidentally changing a server’s host key can be disruptive.
For more information, see Change the host key for your SFTP-enabled server in the Amazon Web Services Transfer Family User Guide.
identity_provider_details(IdentityProviderDetails)
/set_identity_provider_details(Option<IdentityProviderDetails>)
:Required when
IdentityProviderType
is set toAWS_DIRECTORY_SERVICE
orAPI_GATEWAY
. Accepts an array containing all of the information required to use a directory inAWS_DIRECTORY_SERVICE
or invoke a customer-supplied authentication API, including the API Gateway URL. Not required whenIdentityProviderType
is set toSERVICE_MANAGED
.identity_provider_type(IdentityProviderType)
/set_identity_provider_type(Option<IdentityProviderType>)
:Specifies the mode of authentication for a server. The default value is
SERVICE_MANAGED
, which allows you to store and access user credentials within the Amazon Web Services Transfer Family service.Use
AWS_DIRECTORY_SERVICE
to provide access to Active Directory groups in Amazon Web Services Managed Active Directory or Microsoft Active Directory in your on-premises environment or in Amazon Web Services using AD Connectors. This option also requires you to provide a Directory ID using theIdentityProviderDetails
parameter.Use the
API_GATEWAY
value to integrate with an identity provider of your choosing. TheAPI_GATEWAY
setting requires you to provide an API Gateway endpoint URL to call for authentication using theIdentityProviderDetails
parameter.Use the
AWS_LAMBDA
value to directly use a Lambda function as your identity provider. If you choose this value, you must specify the ARN for the lambda function in theFunction
parameter for theIdentityProviderDetails
data type.logging_role(impl Into<String>)
/set_logging_role(Option<String>)
:Specifies the Amazon Resource Name (ARN) of the Amazon Web Services Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, user activity can be viewed in your CloudWatch logs.
post_authentication_login_banner(impl Into<String>)
/set_post_authentication_login_banner(Option<String>)
:Specify a string to display when users connect to a server. This string is displayed after the user authenticates.
The SFTP protocol does not support post-authentication display banners.
pre_authentication_login_banner(impl Into<String>)
/set_pre_authentication_login_banner(Option<String>)
:Specify a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system.
This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.
protocols(Vec<Protocol>)
/set_protocols(Option<Vec<Protocol>>)
:Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server’s endpoint. The available protocols are:
-
SFTP
(Secure Shell (SSH) File Transfer Protocol): File transfer over SSH -
FTPS
(File Transfer Protocol Secure): File transfer with TLS encryption -
FTP
(File Transfer Protocol): Unencrypted file transfer
If you select
FTPS
, you must choose a certificate stored in Amazon Web Services Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.If
Protocol
includes eitherFTP
orFTPS
, then theEndpointType
must beVPC
and theIdentityProviderType
must beAWS_DIRECTORY_SERVICE
orAPI_GATEWAY
.If
Protocol
includesFTP
, thenAddressAllocationIds
cannot be associated.If
Protocol
is set only toSFTP
, theEndpointType
can be set toPUBLIC
and theIdentityProviderType
can be set toSERVICE_MANAGED
.-
protocol_details(ProtocolDetails)
/set_protocol_details(Option<ProtocolDetails>)
:The protocol settings that are configured for your server.
Use the
PassiveIp
parameter to indicate passive mode (for FTP and FTPS protocols). Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.Use the
TlsSessionResumptionMode
parameter to determine whether or not your Transfer server resumes recent, negotiated sessions through a unique session ID.security_policy_name(impl Into<String>)
/set_security_policy_name(Option<String>)
:Specifies the name of the security policy that is attached to the server.
tags(Vec<Tag>)
/set_tags(Option<Vec<Tag>>)
:Key-value pairs that can be used to group and search for servers.
workflow_details(WorkflowDetails)
/set_workflow_details(Option<WorkflowDetails>)
:Specifies the workflow ID for the workflow to assign and the execution role used for executing the workflow.
- On success, responds with
CreateServerOutput
with field(s):server_id(Option<String>)
:The service-assigned ID of the server that is created.
- On failure, responds with
SdkError<CreateServerError>
sourcepub fn create_user(&self) -> CreateUser
pub fn create_user(&self) -> CreateUser
Constructs a fluent builder for the CreateUser
operation.
- The fluent builder is configurable:
home_directory(impl Into<String>)
/set_home_directory(Option<String>)
:The landing directory (folder) for a user when they log in to the server using the client.
A
HomeDirectory
example is/bucket_name/home/mydirectory
.home_directory_type(HomeDirectoryType)
/set_home_directory_type(Option<HomeDirectoryType>)
:The type of landing directory (folder) you want your users’ home directory to be when they log into the server. If you set it to
PATH
, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer protocol clients. If you set itLOGICAL
, you need to provide mappings in theHomeDirectoryMappings
for how you want to make Amazon S3 or EFS paths visible to your users.home_directory_mappings(Vec<HomeDirectoryMapEntry>)
/set_home_directory_mappings(Option<Vec<HomeDirectoryMapEntry>>)
:Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the
Entry
andTarget
pair, whereEntry
shows how the path is made visible andTarget
is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your Amazon Web Services Identity and Access Management (IAM) role provides access to paths inTarget
. This value can only be set whenHomeDirectoryType
is set to LOGICAL.The following is an
Entry
andTarget
pair example.[ { “Entry”: “/directory1”, “Target”: “/bucket_name/home/mydirectory” } ]
In most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (“
chroot
”). To do this, you can setEntry
to/
and setTarget
to the HomeDirectory parameter value.The following is an
Entry
andTarget
pair example forchroot
.[ { “Entry”: “/”, “Target”: “/bucket_name/home/mydirectory” } ]
policy(impl Into<String>)
/set_policy(Option<String>)
:A session policy for your user so that you can use the same IAM role across multiple users. This policy scopes down user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
.This only applies when the domain of
ServerId
is S3. EFS does not use session policies.For session policies, Amazon Web Services Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the
Policy
argument.For an example of a session policy, see Example session policy.
For more information, see AssumeRole in the Amazon Web Services Security Token Service API Reference.
posix_profile(PosixProfile)
/set_posix_profile(Option<PosixProfile>)
:Specifies the full POSIX identity, including user ID (
Uid
), group ID (Gid
), and any secondary groups IDs (SecondaryGids
), that controls your users’ access to your Amazon EFS file systems. The POSIX permissions that are set on files and directories in Amazon EFS determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.role(impl Into<String>)
/set_role(Option<String>)
:Specifies the Amazon Resource Name (ARN) of the IAM role that controls your users’ access to your Amazon S3 bucket or EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users’ transfer requests.
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.
ssh_public_key_body(impl Into<String>)
/set_ssh_public_key_body(Option<String>)
:The public portion of the Secure Shell (SSH) key used to authenticate the user to the server.
Currently, Transfer Family does not accept elliptical curve keys (keys beginning with
ecdsa
).tags(Vec<Tag>)
/set_tags(Option<Vec<Tag>>)
:Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.
user_name(impl Into<String>)
/set_user_name(Option<String>)
:A unique string that identifies a user and is associated with a
ServerId
. This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore ‘_’, hyphen ‘-’, period ‘.’, and at sign ‘@’. The user name can’t start with a hyphen, period, or at sign.
- On success, responds with
CreateUserOutput
with field(s):server_id(Option<String>)
:The ID of the server that the user is attached to.
user_name(Option<String>)
:A unique string that identifies a user account associated with a server.
- On failure, responds with
SdkError<CreateUserError>
sourcepub fn create_workflow(&self) -> CreateWorkflow
pub fn create_workflow(&self) -> CreateWorkflow
Constructs a fluent builder for the CreateWorkflow
operation.
- The fluent builder is configurable:
description(impl Into<String>)
/set_description(Option<String>)
:A textual description for the workflow.
steps(Vec<WorkflowStep>)
/set_steps(Option<Vec<WorkflowStep>>)
:Specifies the details for the steps that are in the specified workflow.
The
TYPE
specifies which of the following actions is being taken for this step.-
COPY: copy the file to another location
-
CUSTOM: custom step with a lambda target
-
DELETE: delete the file
-
TAG: add a tag to the file
Currently, copying and tagging are supported only on S3.
For file location, you specify either the S3 bucket and key, or the EFS filesystem ID and path.
-
on_exception_steps(Vec<WorkflowStep>)
/set_on_exception_steps(Option<Vec<WorkflowStep>>)
:Specifies the steps (actions) to take if errors are encountered during execution of the workflow.
For custom steps, the lambda function needs to send
FAILURE
to the call back API to kick off the exception steps. Additionally, if the lambda does not sendSUCCESS
before it times out, the exception steps are executed.tags(Vec<Tag>)
/set_tags(Option<Vec<Tag>>)
:Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.
- On success, responds with
CreateWorkflowOutput
with field(s):workflow_id(Option<String>)
:A unique identifier for the workflow.
- On failure, responds with
SdkError<CreateWorkflowError>
sourcepub fn delete_access(&self) -> DeleteAccess
pub fn delete_access(&self) -> DeleteAccess
Constructs a fluent builder for the DeleteAccess
operation.
- The fluent builder is configurable:
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a server that has this user assigned.
external_id(impl Into<String>)
/set_external_id(Option<String>)
:A unique identifier that is required to identify specific groups within your directory. The users of the group that you associate have access to your Amazon S3 or Amazon EFS resources over the enabled protocols using Amazon Web Services Transfer Family. If you know the group name, you can view the SID values by running the following command using Windows PowerShell.
Get-ADGroup -Filter {samAccountName -like “YourGroupName*”} -Properties * | Select SamAccountName,ObjectSid
In that command, replace YourGroupName with the name of your Active Directory group.
The regex used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. You can also include underscores or any of the following characters: =,.@:/-
- On success, responds with
DeleteAccessOutput
- On failure, responds with
SdkError<DeleteAccessError>
sourcepub fn delete_server(&self) -> DeleteServer
pub fn delete_server(&self) -> DeleteServer
Constructs a fluent builder for the DeleteServer
operation.
- The fluent builder is configurable:
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A unique system-assigned identifier for a server instance.
- On success, responds with
DeleteServerOutput
- On failure, responds with
SdkError<DeleteServerError>
sourcepub fn delete_ssh_public_key(&self) -> DeleteSshPublicKey
pub fn delete_ssh_public_key(&self) -> DeleteSshPublicKey
Constructs a fluent builder for the DeleteSshPublicKey
operation.
- The fluent builder is configurable:
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a file transfer protocol-enabled server instance that has the user assigned to it.
ssh_public_key_id(impl Into<String>)
/set_ssh_public_key_id(Option<String>)
:A unique identifier used to reference your user’s specific SSH key.
user_name(impl Into<String>)
/set_user_name(Option<String>)
:A unique string that identifies a user whose public key is being deleted.
- On success, responds with
DeleteSshPublicKeyOutput
- On failure, responds with
SdkError<DeleteSshPublicKeyError>
sourcepub fn delete_user(&self) -> DeleteUser
pub fn delete_user(&self) -> DeleteUser
Constructs a fluent builder for the DeleteUser
operation.
- The fluent builder is configurable:
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a server instance that has the user assigned to it.
user_name(impl Into<String>)
/set_user_name(Option<String>)
:A unique string that identifies a user that is being deleted from a server.
- On success, responds with
DeleteUserOutput
- On failure, responds with
SdkError<DeleteUserError>
sourcepub fn delete_workflow(&self) -> DeleteWorkflow
pub fn delete_workflow(&self) -> DeleteWorkflow
Constructs a fluent builder for the DeleteWorkflow
operation.
- The fluent builder is configurable:
workflow_id(impl Into<String>)
/set_workflow_id(Option<String>)
:A unique identifier for the workflow.
- On success, responds with
DeleteWorkflowOutput
- On failure, responds with
SdkError<DeleteWorkflowError>
sourcepub fn describe_access(&self) -> DescribeAccess
pub fn describe_access(&self) -> DescribeAccess
Constructs a fluent builder for the DescribeAccess
operation.
- The fluent builder is configurable:
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a server that has this access assigned.
external_id(impl Into<String>)
/set_external_id(Option<String>)
:A unique identifier that is required to identify specific groups within your directory. The users of the group that you associate have access to your Amazon S3 or Amazon EFS resources over the enabled protocols using Amazon Web Services Transfer Family. If you know the group name, you can view the SID values by running the following command using Windows PowerShell.
Get-ADGroup -Filter {samAccountName -like “YourGroupName*”} -Properties * | Select SamAccountName,ObjectSid
In that command, replace YourGroupName with the name of your Active Directory group.
The regex used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. You can also include underscores or any of the following characters: =,.@:/-
- On success, responds with
DescribeAccessOutput
with field(s):server_id(Option<String>)
:A system-assigned unique identifier for a server that has this access assigned.
access(Option<DescribedAccess>)
:The external ID of the server that the access is attached to.
- On failure, responds with
SdkError<DescribeAccessError>
sourcepub fn describe_execution(&self) -> DescribeExecution
pub fn describe_execution(&self) -> DescribeExecution
Constructs a fluent builder for the DescribeExecution
operation.
- The fluent builder is configurable:
execution_id(impl Into<String>)
/set_execution_id(Option<String>)
:A unique identifier for the execution of a workflow.
workflow_id(impl Into<String>)
/set_workflow_id(Option<String>)
:A unique identifier for the workflow.
- On success, responds with
DescribeExecutionOutput
with field(s):workflow_id(Option<String>)
:A unique identifier for the workflow.
execution(Option<DescribedExecution>)
:The structure that contains the details of the workflow’ execution.
- On failure, responds with
SdkError<DescribeExecutionError>
sourcepub fn describe_security_policy(&self) -> DescribeSecurityPolicy
pub fn describe_security_policy(&self) -> DescribeSecurityPolicy
Constructs a fluent builder for the DescribeSecurityPolicy
operation.
- The fluent builder is configurable:
security_policy_name(impl Into<String>)
/set_security_policy_name(Option<String>)
:Specifies the name of the security policy that is attached to the server.
- On success, responds with
DescribeSecurityPolicyOutput
with field(s):security_policy(Option<DescribedSecurityPolicy>)
:An array containing the properties of the security policy.
- On failure, responds with
SdkError<DescribeSecurityPolicyError>
sourcepub fn describe_server(&self) -> DescribeServer
pub fn describe_server(&self) -> DescribeServer
Constructs a fluent builder for the DescribeServer
operation.
- The fluent builder is configurable:
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a server.
- On success, responds with
DescribeServerOutput
with field(s):server(Option<DescribedServer>)
:An array containing the properties of a server with the
ServerID
you specified.
- On failure, responds with
SdkError<DescribeServerError>
sourcepub fn describe_user(&self) -> DescribeUser
pub fn describe_user(&self) -> DescribeUser
Constructs a fluent builder for the DescribeUser
operation.
- The fluent builder is configurable:
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a server that has this user assigned.
user_name(impl Into<String>)
/set_user_name(Option<String>)
:The name of the user assigned to one or more servers. User names are part of the sign-in credentials to use the Amazon Web Services Transfer Family service and perform file transfer tasks.
- On success, responds with
DescribeUserOutput
with field(s):server_id(Option<String>)
:A system-assigned unique identifier for a server that has this user assigned.
user(Option<DescribedUser>)
:An array containing the properties of the user account for the
ServerID
value that you specified.
- On failure, responds with
SdkError<DescribeUserError>
sourcepub fn describe_workflow(&self) -> DescribeWorkflow
pub fn describe_workflow(&self) -> DescribeWorkflow
Constructs a fluent builder for the DescribeWorkflow
operation.
- The fluent builder is configurable:
workflow_id(impl Into<String>)
/set_workflow_id(Option<String>)
:A unique identifier for the workflow.
- On success, responds with
DescribeWorkflowOutput
with field(s):workflow(Option<DescribedWorkflow>)
:The structure that contains the details of the workflow.
- On failure, responds with
SdkError<DescribeWorkflowError>
sourcepub fn import_ssh_public_key(&self) -> ImportSshPublicKey
pub fn import_ssh_public_key(&self) -> ImportSshPublicKey
Constructs a fluent builder for the ImportSshPublicKey
operation.
- The fluent builder is configurable:
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a server.
ssh_public_key_body(impl Into<String>)
/set_ssh_public_key_body(Option<String>)
:The public key portion of an SSH key pair.
user_name(impl Into<String>)
/set_user_name(Option<String>)
:The name of the user account that is assigned to one or more servers.
- On success, responds with
ImportSshPublicKeyOutput
with field(s):server_id(Option<String>)
:A system-assigned unique identifier for a server.
ssh_public_key_id(Option<String>)
:The name given to a public key by the system that was imported.
user_name(Option<String>)
:A user name assigned to the
ServerID
value that you specified.
- On failure, responds with
SdkError<ImportSshPublicKeyError>
sourcepub fn list_accesses(&self) -> ListAccesses
pub fn list_accesses(&self) -> ListAccesses
Constructs a fluent builder for the ListAccesses
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
max_results(i32)
/set_max_results(Option<i32>)
:Specifies the maximum number of access SIDs to return.
next_token(impl Into<String>)
/set_next_token(Option<String>)
:When you can get additional results from the
ListAccesses
call, aNextToken
parameter is returned in the output. You can then pass in a subsequent command to theNextToken
parameter to continue listing additional accesses.server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a server that has users assigned to it.
- On success, responds with
ListAccessesOutput
with field(s):next_token(Option<String>)
:When you can get additional results from the
ListAccesses
call, aNextToken
parameter is returned in the output. You can then pass in a subsequent command to theNextToken
parameter to continue listing additional accesses.server_id(Option<String>)
:A system-assigned unique identifier for a server that has users assigned to it.
accesses(Option<Vec<ListedAccess>>)
:Returns the accesses and their properties for the
ServerId
value that you specify.
- On failure, responds with
SdkError<ListAccessesError>
sourcepub fn list_executions(&self) -> ListExecutions
pub fn list_executions(&self) -> ListExecutions
Constructs a fluent builder for the ListExecutions
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
max_results(i32)
/set_max_results(Option<i32>)
:Specifies the aximum number of executions to return.
next_token(impl Into<String>)
/set_next_token(Option<String>)
:ListExecutions
returns theNextToken
parameter in the output. You can then pass theNextToken
parameter in a subsequent command to continue listing additional executions.This is useful for pagination, for instance. If you have 100 executions for a workflow, you might only want to list first 10. If so, callthe API by specifing the
max-results
:aws transfer list-executions –max-results 10
This returns details for the first 10 executions, as well as the pointer (
NextToken
) to the eleventh execution. You can now call the API again, suppling theNextToken
value you received:aws transfer list-executions –max-results 10 –next-token $somePointerReturnedFromPreviousListResult
This call returns the next 10 executions, the 11th through the 20th. You can then repeat the call until the details for all 100 executions have been returned.
workflow_id(impl Into<String>)
/set_workflow_id(Option<String>)
:A unique identifier for the workflow.
- On success, responds with
ListExecutionsOutput
with field(s):next_token(Option<String>)
:ListExecutions
returns theNextToken
parameter in the output. You can then pass theNextToken
parameter in a subsequent command to continue listing additional executions.workflow_id(Option<String>)
:A unique identifier for the workflow.
executions(Option<Vec<ListedExecution>>)
:Returns the details for each execution.
-
NextToken: returned from a call to several APIs, you can use pass it to a subsequent command to continue listing additional executions.
-
StartTime: timestamp indicating when the execution began.
-
Executions: details of the execution, including the execution ID, initial file location, and Service metadata.
-
Status: one of the following values:
IN_PROGRESS
,COMPLETED
,EXCEPTION
,HANDLING_EXEPTION
.
-
- On failure, responds with
SdkError<ListExecutionsError>
sourcepub fn list_security_policies(&self) -> ListSecurityPolicies
pub fn list_security_policies(&self) -> ListSecurityPolicies
Constructs a fluent builder for the ListSecurityPolicies
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
max_results(i32)
/set_max_results(Option<i32>)
:Specifies the number of security policies to return as a response to the
ListSecurityPolicies
query.next_token(impl Into<String>)
/set_next_token(Option<String>)
:When additional results are obtained from the
ListSecurityPolicies
command, aNextToken
parameter is returned in the output. You can then pass theNextToken
parameter in a subsequent command to continue listing additional security policies.
- On success, responds with
ListSecurityPoliciesOutput
with field(s):next_token(Option<String>)
:When you can get additional results from the
ListSecurityPolicies
operation, aNextToken
parameter is returned in the output. In a following command, you can pass in theNextToken
parameter to continue listing security policies.security_policy_names(Option<Vec<String>>)
:An array of security policies that were listed.
- On failure, responds with
SdkError<ListSecurityPoliciesError>
sourcepub fn list_servers(&self) -> ListServers
pub fn list_servers(&self) -> ListServers
Constructs a fluent builder for the ListServers
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
max_results(i32)
/set_max_results(Option<i32>)
:Specifies the number of servers to return as a response to the
ListServers
query.next_token(impl Into<String>)
/set_next_token(Option<String>)
:When additional results are obtained from the
ListServers
command, aNextToken
parameter is returned in the output. You can then pass theNextToken
parameter in a subsequent command to continue listing additional servers.
- On success, responds with
ListServersOutput
with field(s):next_token(Option<String>)
:When you can get additional results from the
ListServers
operation, aNextToken
parameter is returned in the output. In a following command, you can pass in theNextToken
parameter to continue listing additional servers.servers(Option<Vec<ListedServer>>)
:An array of servers that were listed.
- On failure, responds with
SdkError<ListServersError>
Constructs a fluent builder for the ListTagsForResource
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
arn(impl Into<String>)
/set_arn(Option<String>)
:Requests the tags associated with a particular Amazon Resource Name (ARN). An ARN is an identifier for a specific Amazon Web Services resource, such as a server, user, or role.
max_results(i32)
/set_max_results(Option<i32>)
:Specifies the number of tags to return as a response to the
ListTagsForResource
request.next_token(impl Into<String>)
/set_next_token(Option<String>)
:When you request additional results from the
ListTagsForResource
operation, aNextToken
parameter is returned in the input. You can then pass in a subsequent command to theNextToken
parameter to continue listing additional tags.
- On success, responds with
ListTagsForResourceOutput
with field(s):arn(Option<String>)
:The ARN you specified to list the tags of.
next_token(Option<String>)
:When you can get additional results from the
ListTagsForResource
call, aNextToken
parameter is returned in the output. You can then pass in a subsequent command to theNextToken
parameter to continue listing additional tags.tags(Option<Vec<Tag>>)
:Key-value pairs that are assigned to a resource, usually for the purpose of grouping and searching for items. Tags are metadata that you define.
- On failure, responds with
SdkError<ListTagsForResourceError>
sourcepub fn list_users(&self) -> ListUsers
pub fn list_users(&self) -> ListUsers
Constructs a fluent builder for the ListUsers
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
max_results(i32)
/set_max_results(Option<i32>)
:Specifies the number of users to return as a response to the
ListUsers
request.next_token(impl Into<String>)
/set_next_token(Option<String>)
:When you can get additional results from the
ListUsers
call, aNextToken
parameter is returned in the output. You can then pass in a subsequent command to theNextToken
parameter to continue listing additional users.server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a server that has users assigned to it.
- On success, responds with
ListUsersOutput
with field(s):next_token(Option<String>)
:When you can get additional results from the
ListUsers
call, aNextToken
parameter is returned in the output. You can then pass in a subsequent command to theNextToken
parameter to continue listing additional users.server_id(Option<String>)
:A system-assigned unique identifier for a server that the users are assigned to.
users(Option<Vec<ListedUser>>)
:Returns the user accounts and their properties for the
ServerId
value that you specify.
- On failure, responds with
SdkError<ListUsersError>
sourcepub fn list_workflows(&self) -> ListWorkflows
pub fn list_workflows(&self) -> ListWorkflows
Constructs a fluent builder for the ListWorkflows
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
max_results(i32)
/set_max_results(Option<i32>)
:Specifies the maximum number of workflows to return.
next_token(impl Into<String>)
/set_next_token(Option<String>)
:ListWorkflows
returns theNextToken
parameter in the output. You can then pass theNextToken
parameter in a subsequent command to continue listing additional workflows.
- On success, responds with
ListWorkflowsOutput
with field(s):next_token(Option<String>)
:ListWorkflows
returns theNextToken
parameter in the output. You can then pass theNextToken
parameter in a subsequent command to continue listing additional workflows.workflows(Option<Vec<ListedWorkflow>>)
:Returns the
Arn
,WorkflowId
, andDescription
for each workflow.
- On failure, responds with
SdkError<ListWorkflowsError>
sourcepub fn send_workflow_step_state(&self) -> SendWorkflowStepState
pub fn send_workflow_step_state(&self) -> SendWorkflowStepState
Constructs a fluent builder for the SendWorkflowStepState
operation.
- The fluent builder is configurable:
workflow_id(impl Into<String>)
/set_workflow_id(Option<String>)
:A unique identifier for the workflow.
execution_id(impl Into<String>)
/set_execution_id(Option<String>)
:A unique identifier for the execution of a workflow.
token(impl Into<String>)
/set_token(Option<String>)
:Used to distinguish between multiple callbacks for multiple Lambda steps within the same execution.
status(CustomStepStatus)
/set_status(Option<CustomStepStatus>)
:Indicates whether the specified step succeeded or failed.
- On success, responds with
SendWorkflowStepStateOutput
- On failure, responds with
SdkError<SendWorkflowStepStateError>
sourcepub fn start_server(&self) -> StartServer
pub fn start_server(&self) -> StartServer
Constructs a fluent builder for the StartServer
operation.
- The fluent builder is configurable:
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a server that you start.
- On success, responds with
StartServerOutput
- On failure, responds with
SdkError<StartServerError>
sourcepub fn stop_server(&self) -> StopServer
pub fn stop_server(&self) -> StopServer
Constructs a fluent builder for the StopServer
operation.
- The fluent builder is configurable:
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a server that you stopped.
- On success, responds with
StopServerOutput
- On failure, responds with
SdkError<StopServerError>
sourcepub fn tag_resource(&self) -> TagResource
pub fn tag_resource(&self) -> TagResource
Constructs a fluent builder for the TagResource
operation.
- The fluent builder is configurable:
arn(impl Into<String>)
/set_arn(Option<String>)
:An Amazon Resource Name (ARN) for a specific Amazon Web Services resource, such as a server, user, or role.
tags(Vec<Tag>)
/set_tags(Option<Vec<Tag>>)
:Key-value pairs assigned to ARNs that you can use to group and search for resources by type. You can attach this metadata to user accounts for any purpose.
- On success, responds with
TagResourceOutput
- On failure, responds with
SdkError<TagResourceError>
sourcepub fn test_identity_provider(&self) -> TestIdentityProvider
pub fn test_identity_provider(&self) -> TestIdentityProvider
Constructs a fluent builder for the TestIdentityProvider
operation.
- The fluent builder is configurable:
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned identifier for a specific server. That server’s user authentication method is tested with a user name and password.
server_protocol(Protocol)
/set_server_protocol(Option<Protocol>)
:The type of file transfer protocol to be tested.
The available protocols are:
-
Secure Shell (SSH) File Transfer Protocol (SFTP)
-
File Transfer Protocol Secure (FTPS)
-
File Transfer Protocol (FTP)
-
source_ip(impl Into<String>)
/set_source_ip(Option<String>)
:The source IP address of the user account to be tested.
user_name(impl Into<String>)
/set_user_name(Option<String>)
:The name of the user account to be tested.
user_password(impl Into<String>)
/set_user_password(Option<String>)
:The password of the user account to be tested.
- On success, responds with
TestIdentityProviderOutput
with field(s):response(Option<String>)
:The response that is returned from your API Gateway.
status_code(i32)
:The HTTP status code that is the response from your API Gateway.
message(Option<String>)
:A message that indicates whether the test was successful or not.
If an empty string is returned, the most likely cause is that the authentication failed due to an incorrect username or password.
url(Option<String>)
:The endpoint of the service used to authenticate a user.
- On failure, responds with
SdkError<TestIdentityProviderError>
sourcepub fn untag_resource(&self) -> UntagResource
pub fn untag_resource(&self) -> UntagResource
Constructs a fluent builder for the UntagResource
operation.
- The fluent builder is configurable:
arn(impl Into<String>)
/set_arn(Option<String>)
:The value of the resource that will have the tag removed. An Amazon Resource Name (ARN) is an identifier for a specific Amazon Web Services resource, such as a server, user, or role.
tag_keys(Vec<String>)
/set_tag_keys(Option<Vec<String>>)
:TagKeys are key-value pairs assigned to ARNs that can be used to group and search for resources by type. This metadata can be attached to resources for any purpose.
- On success, responds with
UntagResourceOutput
- On failure, responds with
SdkError<UntagResourceError>
sourcepub fn update_access(&self) -> UpdateAccess
pub fn update_access(&self) -> UpdateAccess
Constructs a fluent builder for the UpdateAccess
operation.
- The fluent builder is configurable:
home_directory(impl Into<String>)
/set_home_directory(Option<String>)
:The landing directory (folder) for a user when they log in to the server using the client.
A
HomeDirectory
example is/bucket_name/home/mydirectory
.home_directory_type(HomeDirectoryType)
/set_home_directory_type(Option<HomeDirectoryType>)
:The type of landing directory (folder) you want your users’ home directory to be when they log into the server. If you set it to
PATH
, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer protocol clients. If you set itLOGICAL
, you need to provide mappings in theHomeDirectoryMappings
for how you want to make Amazon S3 or EFS paths visible to your users.home_directory_mappings(Vec<HomeDirectoryMapEntry>)
/set_home_directory_mappings(Option<Vec<HomeDirectoryMapEntry>>)
:Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the
Entry
andTarget
pair, whereEntry
shows how the path is made visible andTarget
is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your Amazon Web Services Identity and Access Management (IAM) role provides access to paths inTarget
. This value can only be set whenHomeDirectoryType
is set to LOGICAL.The following is an
Entry
andTarget
pair example.[ { “Entry”: “/directory1”, “Target”: “/bucket_name/home/mydirectory” } ]
In most cases, you can use this value instead of the session policy to lock down your user to the designated home directory (“
chroot
”). To do this, you can setEntry
to/
and setTarget
to theHomeDirectory
parameter value.The following is an
Entry
andTarget
pair example forchroot
.[ { “Entry”: “/”, “Target”: “/bucket_name/home/mydirectory” } ]
policy(impl Into<String>)
/set_policy(Option<String>)
:A session policy for your user so that you can use the same IAM role across multiple users. This policy scopes down user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
.This only applies when the domain of
ServerId
is S3. EFS does not use session policies.For session policies, Amazon Web Services Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the
Policy
argument.For an example of a session policy, see Example session policy.
For more information, see AssumeRole in the Amazon Web ServicesSecurity Token Service API Reference.
posix_profile(PosixProfile)
/set_posix_profile(Option<PosixProfile>)
:The full POSIX identity, including user ID (
Uid
), group ID (Gid
), and any secondary groups IDs (SecondaryGids
), that controls your users’ access to your Amazon EFS file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.role(impl Into<String>)
/set_role(Option<String>)
:Specifies the Amazon Resource Name (ARN) of the IAM role that controls your users’ access to your Amazon S3 bucket or EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users’ transfer requests.
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.
external_id(impl Into<String>)
/set_external_id(Option<String>)
:A unique identifier that is required to identify specific groups within your directory. The users of the group that you associate have access to your Amazon S3 or Amazon EFS resources over the enabled protocols using Amazon Web Services Transfer Family. If you know the group name, you can view the SID values by running the following command using Windows PowerShell.
Get-ADGroup -Filter {samAccountName -like “YourGroupName*”} -Properties * | Select SamAccountName,ObjectSid
In that command, replace YourGroupName with the name of your Active Directory group.
The regex used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. You can also include underscores or any of the following characters: =,.@:/-
- On success, responds with
UpdateAccessOutput
with field(s):server_id(Option<String>)
:The ID of the server that the user is attached to.
external_id(Option<String>)
:The external ID of the group whose users have access to your Amazon S3 or Amazon EFS resources over the enabled protocols using Amazon Web ServicesTransfer Family.
- On failure, responds with
SdkError<UpdateAccessError>
sourcepub fn update_server(&self) -> UpdateServer
pub fn update_server(&self) -> UpdateServer
Constructs a fluent builder for the UpdateServer
operation.
- The fluent builder is configurable:
certificate(impl Into<String>)
/set_certificate(Option<String>)
:The Amazon Resource Name (ARN) of the Amazon Web ServicesCertificate Manager (ACM) certificate. Required when
Protocols
is set toFTPS
.To request a new public certificate, see Request a public certificate in the Amazon Web ServicesCertificate Manager User Guide.
To import an existing certificate into ACM, see Importing certificates into ACM in the Amazon Web ServicesCertificate Manager User Guide.
To request a private certificate to use FTPS through private IP addresses, see Request a private certificate in the Amazon Web ServicesCertificate Manager User Guide.
Certificates with the following cryptographic algorithms and key sizes are supported:
-
2048-bit RSA (RSA_2048)
-
4096-bit RSA (RSA_4096)
-
Elliptic Prime Curve 256 bit (EC_prime256v1)
-
Elliptic Prime Curve 384 bit (EC_secp384r1)
-
Elliptic Prime Curve 521 bit (EC_secp521r1)
The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP address specified and information about the issuer.
-
protocol_details(ProtocolDetails)
/set_protocol_details(Option<ProtocolDetails>)
:The protocol settings that are configured for your server.
Use the
PassiveIp
parameter to indicate passive mode (for FTP and FTPS protocols). Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.Use the
TlsSessionResumptionMode
parameter to determine whether or not your Transfer server resumes recent, negotiated sessions through a unique session ID.endpoint_details(EndpointDetails)
/set_endpoint_details(Option<EndpointDetails>)
:The virtual private cloud (VPC) endpoint settings that are configured for your server. When you host your endpoint within your VPC, you can make it accessible only to resources within your VPC, or you can attach Elastic IP addresses and make it accessible to clients over the internet. Your VPC’s default security groups are automatically assigned to your endpoint.
endpoint_type(EndpointType)
/set_endpoint_type(Option<EndpointType>)
:The type of endpoint that you want your server to use. You can choose to make your server’s endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.
After May 19, 2021, you won’t be able to create a server using
EndpointType=VPC_ENDPOINT
in your Amazon Web Servicesaccount if your account hasn’t already done so before May 19, 2021. If you have already created servers withEndpointType=VPC_ENDPOINT
in your Amazon Web Servicesaccount on or before May 19, 2021, you will not be affected. After this date, useEndpointType
=VPC
.For more information, see https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.
It is recommended that you use
VPC
as theEndpointType
. With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server’s endpoint and use VPC security groups to restrict traffic by the client’s public IP address. This is not possible withEndpointType
set toVPC_ENDPOINT
.host_key(impl Into<String>)
/set_host_key(Option<String>)
:The RSA private key as generated by
ssh-keygen -N “” -m PEM -f my-new-server-key
.If you aren’t planning to migrate existing users from an existing server to a new server, don’t update the host key. Accidentally changing a server’s host key can be disruptive.
For more information, see Change the host key for your SFTP-enabled server in the Amazon Web ServicesTransfer Family User Guide.
identity_provider_details(IdentityProviderDetails)
/set_identity_provider_details(Option<IdentityProviderDetails>)
:An array containing all of the information required to call a customer’s authentication API method.
logging_role(impl Into<String>)
/set_logging_role(Option<String>)
:Specifies the Amazon Resource Name (ARN) of the Amazon Web Services Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, user activity can be viewed in your CloudWatch logs.
post_authentication_login_banner(impl Into<String>)
/set_post_authentication_login_banner(Option<String>)
:Specify a string to display when users connect to a server. This string is displayed after the user authenticates.
The SFTP protocol does not support post-authentication display banners.
pre_authentication_login_banner(impl Into<String>)
/set_pre_authentication_login_banner(Option<String>)
:Specify a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system.
This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.
protocols(Vec<Protocol>)
/set_protocols(Option<Vec<Protocol>>)
:Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server’s endpoint. The available protocols are:
-
Secure Shell (SSH) File Transfer Protocol (SFTP): File transfer over SSH
-
File Transfer Protocol Secure (FTPS): File transfer with TLS encryption
-
File Transfer Protocol (FTP): Unencrypted file transfer
If you select
FTPS
, you must choose a certificate stored in Amazon Web ServicesCertificate Manager (ACM) which will be used to identify your server when clients connect to it over FTPS.If
Protocol
includes eitherFTP
orFTPS
, then theEndpointType
must beVPC
and theIdentityProviderType
must beAWS_DIRECTORY_SERVICE
orAPI_GATEWAY
.If
Protocol
includesFTP
, thenAddressAllocationIds
cannot be associated.If
Protocol
is set only toSFTP
, theEndpointType
can be set toPUBLIC
and theIdentityProviderType
can be set toSERVICE_MANAGED
.-
security_policy_name(impl Into<String>)
/set_security_policy_name(Option<String>)
:Specifies the name of the security policy that is attached to the server.
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a server instance that the user account is assigned to.
workflow_details(WorkflowDetails)
/set_workflow_details(Option<WorkflowDetails>)
:Specifies the workflow ID for the workflow to assign and the execution role used for executing the workflow.
To remove an associated workflow from a server, you can provide an empty
OnUpload
object, as in the following example.aws transfer update-server –server-id s-01234567890abcdef –workflow-details ‘{“OnUpload”:[]}’
- On success, responds with
UpdateServerOutput
with field(s):server_id(Option<String>)
:A system-assigned unique identifier for a server that the user account is assigned to.
- On failure, responds with
SdkError<UpdateServerError>
sourcepub fn update_user(&self) -> UpdateUser
pub fn update_user(&self) -> UpdateUser
Constructs a fluent builder for the UpdateUser
operation.
- The fluent builder is configurable:
home_directory(impl Into<String>)
/set_home_directory(Option<String>)
:The landing directory (folder) for a user when they log in to the server using the client.
A
HomeDirectory
example is/bucket_name/home/mydirectory
.home_directory_type(HomeDirectoryType)
/set_home_directory_type(Option<HomeDirectoryType>)
:The type of landing directory (folder) you want your users’ home directory to be when they log into the server. If you set it to
PATH
, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer protocol clients. If you set itLOGICAL
, you need to provide mappings in theHomeDirectoryMappings
for how you want to make Amazon S3 or EFS paths visible to your users.home_directory_mappings(Vec<HomeDirectoryMapEntry>)
/set_home_directory_mappings(Option<Vec<HomeDirectoryMapEntry>>)
:Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the
Entry
andTarget
pair, whereEntry
shows how the path is made visible andTarget
is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your Amazon Web Services Identity and Access Management (IAM) role provides access to paths inTarget
. This value can only be set whenHomeDirectoryType
is set to LOGICAL.The following is an
Entry
andTarget
pair example.[ { “Entry”: “/directory1”, “Target”: “/bucket_name/home/mydirectory” } ]
In most cases, you can use this value instead of the session policy to lock down your user to the designated home directory (“
chroot
”). To do this, you can setEntry
to ‘/’ and setTarget
to the HomeDirectory parameter value.The following is an
Entry
andTarget
pair example forchroot
.[ { “Entry”: “/”, “Target”: “/bucket_name/home/mydirectory” } ]
policy(impl Into<String>)
/set_policy(Option<String>)
:A session policy for your user so that you can use the same IAM role across multiple users. This policy scopes down user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
.This only applies when the domain of
ServerId
is S3. EFS does not use session policies.For session policies, Amazon Web Services Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the
Policy
argument.For an example of a session policy, see Creating a session policy.
For more information, see AssumeRole in the Amazon Web Services Security Token Service API Reference.
posix_profile(PosixProfile)
/set_posix_profile(Option<PosixProfile>)
:Specifies the full POSIX identity, including user ID (
Uid
), group ID (Gid
), and any secondary groups IDs (SecondaryGids
), that controls your users’ access to your Amazon Elastic File Systems (Amazon EFS). The POSIX permissions that are set on files and directories in your file system determines the level of access your users get when transferring files into and out of your Amazon EFS file systems.role(impl Into<String>)
/set_role(Option<String>)
:Specifies the Amazon Resource Name (ARN) of the IAM role that controls your users’ access to your Amazon S3 bucket or EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users’ transfer requests.
server_id(impl Into<String>)
/set_server_id(Option<String>)
:A system-assigned unique identifier for a server instance that the user account is assigned to.
user_name(impl Into<String>)
/set_user_name(Option<String>)
:A unique string that identifies a user and is associated with a server as specified by the
ServerId
. This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore ‘_’, hyphen ‘-’, period ‘.’, and at sign ‘@’. The user name can’t start with a hyphen, period, or at sign.
- On success, responds with
UpdateUserOutput
with field(s):server_id(Option<String>)
:A system-assigned unique identifier for a server instance that the user account is assigned to.
user_name(Option<String>)
:The unique identifier for a user that is assigned to a server instance that was specified in the request.
- On failure, responds with
SdkError<UpdateUserError>
sourceimpl Client
impl Client
sourcepub fn from_conf_conn<C, E>(conf: Config, conn: C) -> Self where
C: SmithyConnector<Error = E> + Send + 'static,
E: Into<ConnectorError>,
pub fn from_conf_conn<C, E>(conf: Config, conn: C) -> Self where
C: SmithyConnector<Error = E> + Send + 'static,
E: Into<ConnectorError>,
Creates a client with the given service config and connector override.
Trait Implementations
sourceimpl From<Client<DynConnector, DynMiddleware<DynConnector>, Standard>> for Client
impl From<Client<DynConnector, DynMiddleware<DynConnector>, Standard>> for Client
sourcefn from(client: Client<DynConnector, DynMiddleware<DynConnector>>) -> Self
fn from(client: Client<DynConnector, DynMiddleware<DynConnector>>) -> Self
Converts to this type from the input type.
Auto Trait Implementations
impl !RefUnwindSafe for Client
impl Send for Client
impl Sync for Client
impl Unpin for Client
impl !UnwindSafe for Client
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
sourceimpl<T> Instrument for T
impl<T> Instrument for T
sourcefn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
sourcefn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
sourceimpl<T> ToOwned for T where
T: Clone,
impl<T> ToOwned for T where
T: Clone,
type Owned = T
type Owned = T
The resulting type after obtaining ownership.
sourcefn clone_into(&self, target: &mut T)
fn clone_into(&self, target: &mut T)
toowned_clone_into
)Uses borrowed data to replace owned data, usually by cloning. Read more
sourceimpl<T> WithSubscriber for T
impl<T> WithSubscriber for T
sourcefn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
Attaches the provided Subscriber
to this type, returning a
WithDispatch
wrapper. Read more
sourcefn with_current_subscriber(self) -> WithDispatch<Self>
fn with_current_subscriber(self) -> WithDispatch<Self>
Attaches the current default Subscriber
to this type, returning a
WithDispatch
wrapper. Read more