2019/04/29 - AWS Transfer for SFTP - 3 updated api methods
Changes This release adds support for per-server host-key management. You can now specify the SSH RSA private key used by your SFTP server.
{'HostKey': 'string'}
Instantiates an autoscaling virtual server based on Secure File Transfer Protocol (SFTP) in AWS. The call returns the ServerId property assigned by the service to the newly created server. Reference this ServerId property when you make updates to your server, or work with users.
The response returns the ServerId value for the newly created server.
See also: AWS API Documentation
Request Syntax
client.create_server(
EndpointDetails={
'VpcEndpointId': 'string'
},
EndpointType='PUBLIC'|'VPC_ENDPOINT',
HostKey='string',
IdentityProviderDetails={
'Url': 'string',
'InvocationRole': 'string'
},
IdentityProviderType='SERVICE_MANAGED'|'API_GATEWAY',
LoggingRole='string',
Tags=[
{
'Key': 'string',
'Value': 'string'
},
]
)
dict
The virtual private cloud (VPC) endpoint settings that you want to configure for your SFTP server.
VpcEndpointId (string) --
The ID of the VPC endpoint.
string
The type of VPC endpoint that you want your SFTP server connect to. If you connect to a VPC endpoint, your SFTP server isn't accessible over the public internet.
string
The RSA private key as generated by ssh-keygen -N "" -f my-new-server-key command.
Warning
If you aren't planning to migrate existing users from an existing SFTP server to a new AWS SFTP server, don't update the host key. Accidentally changing a server's host key can be disruptive. For more information, see change-host-key in the AWS SFTP User Guide.
dict
An array containing all of the information required to call a customer-supplied authentication API. This parameter is not required when the IdentityProviderType value of server that is created uses the SERVICE_MANAGED authentication method.
Url (string) --
The IdentityProviderDetail parameter contains the location of the service endpoint used to authenticate users.
InvocationRole (string) --
The Role parameter provides the type of InvocationRole used to authenticate the user account.
string
The mode of authentication enabled for this service. The default value is SERVICE_MANAGED , which allows you to store and access SFTP user credentials within the service. An IdentityProviderType value of API_GATEWAY indicates that user authentication requires a call to an API Gateway endpoint URL provided by you to integrate an identity provider of your choice.
string
A value that allows the service to write your SFTP users' activity to your Amazon CloudWatch logs for monitoring and auditing purposes.
list
Key-value pairs that can be used to group and search for servers.
(dict) --
Creates a key-value pair for a specific resource. Tags are metadata that you can use to search for and group a resource for various purposes. You can apply tags to servers, users, and roles. A tag key can take more than one value. For example, to group servers for accounting purposes, you might create a tag called Group and assign the values Research and Accounting to that group.
Key (string) -- [REQUIRED]
The name assigned to the tag that you create.
Value (string) -- [REQUIRED]
This property contains one or more values that you assigned to the key name you create.
dict
Response Syntax
{
'ServerId': 'string'
}
Response Structure
(dict) --
ServerId (string) --
The service-assigned ID of the SFTP server that is created.
{'Server': {'HostKeyFingerprint': 'string'}}
Describes the server that you specify by passing the ServerId parameter.
The response contains a description of the server's properties.
See also: AWS API Documentation
Request Syntax
client.describe_server(
ServerId='string'
)
string
[REQUIRED]
A system-assigned unique identifier for an SFTP server.
dict
Response Syntax
{
'Server': {
'Arn': 'string',
'EndpointDetails': {
'VpcEndpointId': 'string'
},
'EndpointType': 'PUBLIC'|'VPC_ENDPOINT',
'HostKeyFingerprint': 'string',
'IdentityProviderDetails': {
'Url': 'string',
'InvocationRole': 'string'
},
'IdentityProviderType': 'SERVICE_MANAGED'|'API_GATEWAY',
'LoggingRole': 'string',
'ServerId': 'string',
'State': 'OFFLINE'|'ONLINE'|'STARTING'|'STOPPING'|'START_FAILED'|'STOP_FAILED',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
],
'UserCount': 123
}
}
Response Structure
(dict) --
Server (dict) --
An array containing the properties of the server with the ServerID you specified.
Arn (string) --
Specifies the unique Amazon Resource Name (ARN) for the server to be described.
EndpointDetails (dict) --
The virtual private cloud (VPC) endpoint settings that you configured for your SFTP server.
VpcEndpointId (string) --
The ID of the VPC endpoint.
EndpointType (string) --
The type of endpoint that your SFTP server is connected to. If your SFTP server is connected to a VPC endpoint, your server isn't accessible over the public internet.
HostKeyFingerprint (string) --
This value contains the Message-Digest Algorithm (MD5) hash of the server's host key. This value is equivalent to the output of ssh-keygen -l -E md5 -f my-new-server-key command.
IdentityProviderDetails (dict) --
Specifies information to call a customer-supplied authentication API. This field is not populated when the IdentityProviderType of the server is SERVICE_MANAGED >.
Url (string) --
The IdentityProviderDetail parameter contains the location of the service endpoint used to authenticate users.
InvocationRole (string) --
The Role parameter provides the type of InvocationRole used to authenticate the user account.
IdentityProviderType (string) --
This property defines the mode of authentication method enabled for this service. A value of SERVICE_MANAGED , means that you are using this Server to store and access SFTP user credentials within the service. A value of API_GATEWAY indicates that you have integrated an API Gateway endpoint that will be invoked for authenticating your user into the service.
LoggingRole (string) --
This property is an AWS Identity and Access Management (IAM) entity that allows the server to turn on Amazon CloudWatch logging for Amazon S3 events. When set, user activity can be view in your CloudWatch logs.
ServerId (string) --
This property is a unique system assigned identifier for the SFTP server that you instantiate.
State (string) --
The condition of the SFTP server for the server that was described. A value of ONLINE indicates that the server can accept jobs and transfer files. A State value of OFFLINE means that the server cannot perform file transfer operations.
The states of STARTING and STOPPING indicated that the server is in an intermediate state, either not fully able to respond, or not fully offline. The values of START_FAILED or STOP_FAILED can indicate an error condition.
Tags (list) --
This property contains the key-value pairs that you can use to search for and group servers that were assigned to the server that was described.
(dict) --
Creates a key-value pair for a specific resource. Tags are metadata that you can use to search for and group a resource for various purposes. You can apply tags to servers, users, and roles. A tag key can take more than one value. For example, to group servers for accounting purposes, you might create a tag called Group and assign the values Research and Accounting to that group.
Key (string) --
The name assigned to the tag that you create.
Value (string) --
This property contains one or more values that you assigned to the key name you create.
UserCount (integer) --
The number of users that are assigned to the SFTP server you specified with the ServerId .
{'HostKey': 'string'}
Updates the server properties after that server has been created.
The UpdateServer call returns the ServerId of the Secure File Transfer Protocol (SFTP) server you updated.
See also: AWS API Documentation
Request Syntax
client.update_server(
EndpointDetails={
'VpcEndpointId': 'string'
},
EndpointType='PUBLIC'|'VPC_ENDPOINT',
HostKey='string',
IdentityProviderDetails={
'Url': 'string',
'InvocationRole': 'string'
},
LoggingRole='string',
ServerId='string'
)
dict
The virtual private cloud (VPC) endpoint settings that are configured for your SFTP server. With a VPC endpoint, your SFTP server isn't accessible over the public internet.
VpcEndpointId (string) --
The ID of the VPC endpoint.
string
The type of endpoint that you want your SFTP server to connect to. You can choose to connect to the public internet or a virtual private cloud (VPC) endpoint. With a VPC endpoint, your SFTP server isn't accessible over the public internet.
string
The RSA private key as generated by ssh-keygen -N "" -f my-new-server-key .
Warning
If you aren't planning to migrate existing users from an existing SFTP server to a new AWS SFTP server, don't update the host key. Accidentally changing a server's host key can be disruptive. For more information, see change-host-key in the AWS SFTP User Guide.
dict
This response parameter is an array containing all of the information required to call a customer's authentication API method.
Url (string) --
The IdentityProviderDetail parameter contains the location of the service endpoint used to authenticate users.
InvocationRole (string) --
The Role parameter provides the type of InvocationRole used to authenticate the user account.
string
A value that changes the AWS Identity and Access Management (IAM) role that allows Amazon S3 events to be logged in Amazon CloudWatch, turning logging on or off.
string
[REQUIRED]
A system-assigned unique identifier for an SFTP server instance that the user account is assigned to.
dict
Response Syntax
{
'ServerId': 'string'
}
Response Structure
(dict) --
ServerId (string) --
A system-assigned unique identifier for an SFTP server that the user account is assigned to.