AWS DataSync

{'AuthenticationType': 'NTLM | KERBEROS',
 'DnsIpAddresses': ['string'],
 'KerberosKeytab': 'blob',
 'KerberosKrb5Conf': 'blob',
 'KerberosPrincipal': 'string'}

Creates a transfer location for a Server Message Block (SMB) file server. DataSync can use this location as a source or destination for transferring data.

Before you begin, make sure that you understand how DataSync accesses SMB file servers. For more information, see Providing DataSync access to SMB file servers.

See also: AWS API Documentation

Request Syntax

client.create_location_smb(
    Subdirectory='string',
    ServerHostname='string',
    User='string',
    Domain='string',
    Password='string',
    AgentArns=[
        'string',
    ],
    MountOptions={
        'Version': 'AUTOMATIC'|'SMB2'|'SMB3'|'SMB1'|'SMB2_0'
    },
    Tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ],
    AuthenticationType='NTLM'|'KERBEROS',
    DnsIpAddresses=[
        'string',
    ],
    KerberosPrincipal='string',
    KerberosKeytab=b'bytes',
    KerberosKrb5Conf=b'bytes'
)

type Subdirectory:

string

param Subdirectory:

[REQUIRED]

Specifies the name of the share exported by your SMB file server where DataSync will read or write data. You can include a subdirectory in the share path (for example, /path/to/subdirectory). Make sure that other SMB clients in your network can also mount this path.

To copy all data in the subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see Providing DataSync access to SMB file servers.

type ServerHostname:

string

param ServerHostname:

[REQUIRED]

Specifies the domain name or IP address of the SMB file server that your DataSync agent will mount.

Remember the following when configuring this parameter:

• You can't specify an IP version 6 (IPv6) address.

• If you're using Kerberos authentication, you must specify a domain name.

type User:

string

param User:

Specifies the user that can mount and access the files, folders, and file metadata in your SMB file server. This parameter applies only if AuthenticationType is set to NTLM.

For information about choosing a user with the right level of access for your transfer, see Providing DataSync access to SMB file servers.

type Domain:

string

param Domain:

Specifies the Windows domain name that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to NTLM.

If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right file server.

type Password:

string

param Password:

Specifies the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only if AuthenticationType is set to NTLM.

type AgentArns:

list

param AgentArns:

[REQUIRED]

Specifies the DataSync agent (or agents) that can connect to your SMB file server. You specify an agent by using its Amazon Resource Name (ARN).

• (string) --

type MountOptions:

dict

param MountOptions:

Specifies the version of the SMB protocol that DataSync uses to access your SMB file server.

• Version (string) --

  By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.

  These are the following options for configuring the SMB version:

  • AUTOMATIC (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1. This is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an Operation Not Supported error.

  • SMB3: Restricts the protocol negotiation to only SMB version 3.0.2.

  • SMB2: Restricts the protocol negotiation to only SMB version 2.1.

  • SMB2_0: Restricts the protocol negotiation to only SMB version 2.0.

  • SMB1: Restricts the protocol negotiation to only SMB version 1.0.

type Tags:

list

param Tags:

Specifies labels that help you categorize, filter, and search for your Amazon Web Services resources. We recommend creating at least a name tag for your location.

• (dict) --

  A key-value pair representing a single tag that's been applied to an Amazon Web Services resource.

  • Key (string) -- [REQUIRED]

    The key for an Amazon Web Services resource tag.

  • Value (string) --

    The value for an Amazon Web Services resource tag.

type AuthenticationType:

string

param AuthenticationType:

Specifies the authentication protocol that DataSync uses to connect to your SMB file server. DataSync supports NTLM (default) and KERBEROS authentication.

type DnsIpAddresses:

list

param DnsIpAddresses:

Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS.

If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server.

• (string) --

type KerberosPrincipal:

string

param KerberosPrincipal:

Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server.

SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM.

Your task execution will fail if the SPN that you provide for this parameter doesn’t match what’s exactly in your keytab or krb5.conf files.

type KerberosKeytab:

bytes

param KerberosKeytab:

Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys.

You can specify the keytab using a file path (for example, file://path/to/file.keytab). The file must be base64 encoded. If you're using the CLI, the encoding is done for you.

To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file.

type KerberosKrb5Conf:

bytes

param KerberosKrb5Conf:

Specifies a Kerberos configuration file ( krb5.conf) that defines your Kerberos realm configuration.

You can specify the krb5.conf using a file path (for example, file://path/to/krb5.conf). The file must be base64 encoded. If you're using the CLI, the encoding is done for you.

To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file.

rtype:

dict

returns:

Response Syntax

{
    'LocationArn': 'string'
}

Response Structure

• (dict) --

  CreateLocationSmbResponse

  • LocationArn (string) --

    The ARN of the SMB location that you created.

{'AuthenticationType': 'NTLM | KERBEROS',
 'DnsIpAddresses': ['string'],
 'KerberosPrincipal': 'string'}

Provides details about how an DataSync transfer location for a Server Message Block (SMB) file server is configured.

See also: AWS API Documentation

Request Syntax

client.describe_location_smb(
    LocationArn='string'
)

type LocationArn:

string

param LocationArn:

[REQUIRED]

Specifies the Amazon Resource Name (ARN) of the SMB location that you want information about.

rtype:

dict

returns:

Response Syntax

{
    'LocationArn': 'string',
    'LocationUri': 'string',
    'AgentArns': [
        'string',
    ],
    'User': 'string',
    'Domain': 'string',
    'MountOptions': {
        'Version': 'AUTOMATIC'|'SMB2'|'SMB3'|'SMB1'|'SMB2_0'
    },
    'CreationTime': datetime(2015, 1, 1),
    'DnsIpAddresses': [
        'string',
    ],
    'KerberosPrincipal': 'string',
    'AuthenticationType': 'NTLM'|'KERBEROS'
}

Response Structure

• (dict) --

  DescribeLocationSmbResponse

  • LocationArn (string) --

    The ARN of the SMB location.

  • LocationUri (string) --

    The URI of the SMB location.

  • AgentArns (list) --

    The ARNs of the DataSync agents that can connect with your SMB file server.

    • (string) --

  • User (string) --

    The user that can mount and access the files, folders, and file metadata in your SMB file server. This element applies only if AuthenticationType is set to NTLM.

  • Domain (string) --

    The name of the Windows domain that the SMB file server belongs to. This element applies only if AuthenticationType is set to NTLM.

  • MountOptions (dict) --

    The SMB protocol version that DataSync uses to access your SMB file server.

    • Version (string) --

      By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.

      These are the following options for configuring the SMB version:

      • AUTOMATIC (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1. This is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an Operation Not Supported error.

      • SMB3: Restricts the protocol negotiation to only SMB version 3.0.2.

      • SMB2: Restricts the protocol negotiation to only SMB version 2.1.

      • SMB2_0: Restricts the protocol negotiation to only SMB version 2.0.

      • SMB1: Restricts the protocol negotiation to only SMB version 1.0.

  • CreationTime (datetime) --

    The time that the SMB location was created.

  • DnsIpAddresses (list) --

    The IPv4 addresses for the DNS servers that your SMB file server belongs to. This element applies only if AuthenticationType is set to KERBEROS.

    • (string) --

  • KerberosPrincipal (string) --

    The Kerberos service principal name (SPN) that has permission to access the files, folders, and file metadata in your SMB file server.

  • AuthenticationType (string) --

    The authentication protocol that DataSync uses to connect to your SMB file server.

{'AuthenticationType': 'NTLM | KERBEROS',
 'DnsIpAddresses': ['string'],
 'KerberosKeytab': 'blob',
 'KerberosKrb5Conf': 'blob',
 'KerberosPrincipal': 'string'}

Modifies the following configuration parameters of the Server Message Block (SMB) transfer location that you're using with DataSync.

For more information, see Configuring DataSync transfers with an SMB file server.

See also: AWS API Documentation

Request Syntax

client.update_location_smb(
    LocationArn='string',
    Subdirectory='string',
    User='string',
    Domain='string',
    Password='string',
    AgentArns=[
        'string',
    ],
    MountOptions={
        'Version': 'AUTOMATIC'|'SMB2'|'SMB3'|'SMB1'|'SMB2_0'
    },
    AuthenticationType='NTLM'|'KERBEROS',
    DnsIpAddresses=[
        'string',
    ],
    KerberosPrincipal='string',
    KerberosKeytab=b'bytes',
    KerberosKrb5Conf=b'bytes'
)

type LocationArn:

string

param LocationArn:

[REQUIRED]

Specifies the ARN of the SMB location that you want to update.

type Subdirectory:

string

param Subdirectory:

Specifies the name of the share exported by your SMB file server where DataSync will read or write data. You can include a subdirectory in the share path (for example, /path/to/subdirectory). Make sure that other SMB clients in your network can also mount this path.

To copy all data in the specified subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see Providing DataSync access to SMB file servers.

type User:

string

param User:

Specifies the user name that can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only if AuthenticationType is set to NTLM.

For information about choosing a user with the right level of access for your transfer, see Providing DataSync access to SMB file servers.

type Domain:

string

param Domain:

Specifies the Windows domain name that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to NTLM.

If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right file server.

type Password:

string

param Password:

Specifies the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only if AuthenticationType is set to NTLM.

type AgentArns:

list

param AgentArns:

Specifies the DataSync agent (or agents) that can connect to your SMB file server. You specify an agent by using its Amazon Resource Name (ARN).

• (string) --

type MountOptions:

dict

param MountOptions:

Specifies the version of the Server Message Block (SMB) protocol that DataSync uses to access an SMB file server.

• Version (string) --

  By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.

  These are the following options for configuring the SMB version:

  • AUTOMATIC (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1. This is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an Operation Not Supported error.

  • SMB3: Restricts the protocol negotiation to only SMB version 3.0.2.

  • SMB2: Restricts the protocol negotiation to only SMB version 2.1.

  • SMB2_0: Restricts the protocol negotiation to only SMB version 2.0.

  • SMB1: Restricts the protocol negotiation to only SMB version 1.0.

type AuthenticationType:

string

param AuthenticationType:

Specifies the authentication protocol that DataSync uses to connect to your SMB file server. DataSync supports NTLM (default) and KERBEROS authentication.

type DnsIpAddresses:

list

param DnsIpAddresses:

Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS.

If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server.

• (string) --

type KerberosPrincipal:

string

param KerberosPrincipal:

Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server.

SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM.

Your task execution will fail if the SPN that you provide for this parameter doesn’t match what’s exactly in your keytab or krb5.conf files.

type KerberosKeytab:

bytes

param KerberosKeytab:

Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys.

You can specify the keytab using a file path (for example, file://path/to/file.keytab). The file must be base64 encoded. If you're using the CLI, the encoding is done for you.

To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file.

type KerberosKrb5Conf:

bytes

param KerberosKrb5Conf:

Specifies a Kerberos configuration file ( krb5.conf) that defines your Kerberos realm configuration.

You can specify the krb5.conf using a file path (for example, file://path/to/krb5.conf). The file must be base64 encoded. If you're using the CLI, the encoding is done for you.

To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file.

rtype:

dict

returns:

Response Syntax

{}

Response Structure

• (dict) --