AWS Transfer for SFTP Update: This release adds support for per-server host-key management. You can now specify the SSH RSA private key used by your SFTP server.

AWS · AWS · commit 8e3234c2a634 · 2019-04-29T18:03:50.000Z
diff --git a/.changes/next-release/feature-AWSTransferforSFTP-3e88c34.json b/.changes/next-release/feature-AWSTransferforSFTP-3e88c34.json
@@ -0,0 +1,5 @@
+{
+    "category": "AWS Transfer for SFTP", 
+    "type": "feature", 
+    "description": "This release adds support for per-server host-key management. You can now specify the SSH RSA private key used by your SFTP server."
+}
diff --git a/services/transfer/src/main/resources/codegen-resources/paginators-1.json b/services/transfer/src/main/resources/codegen-resources/paginators-1.json
@@ -1,4 +1,19 @@
 {
   "pagination": {
+    "ListServers": {
+      "input_token": "NextToken",
+      "output_token": "NextToken",
+      "limit_key": "MaxResults"
+    },
+    "ListTagsForResource": {
+      "input_token": "NextToken",
+      "output_token": "NextToken",
+      "limit_key": "MaxResults"
+    },
+    "ListUsers": {
+      "input_token": "NextToken",
+      "output_token": "NextToken",
+      "limit_key": "MaxResults"
+    }
   }
 }
diff --git a/services/transfer/src/main/resources/codegen-resources/service-2.json b/services/transfer/src/main/resources/codegen-resources/service-2.json
@@ -25,7 +25,8 @@
       "errors":[
         {"shape":"ServiceUnavailableException"},
         {"shape":"InternalServiceError"},
-        {"shape":"InvalidRequestException"}
+        {"shape":"InvalidRequestException"},
+        {"shape":"ResourceExistsException"}
       ],
       "documentation":"<p>Instantiates an autoscaling virtual server based on Secure File Transfer Protocol (SFTP) in AWS. The call returns the <code>ServerId</code> property assigned by the service to the newly created server. Reference this <code>ServerId</code> property when you make updates to your server, or work with users.</p> <p>The response returns the <code>ServerId</code> value for the newly created server.</p>"
     },
@@ -305,8 +306,18 @@
     "CreateServerRequest":{
       "type":"structure",
       "members":{
-        "EndpointDetails":{"shape":"EndpointDetails"},
-        "EndpointType":{"shape":"EndpointType"},
+        "EndpointDetails":{
+          "shape":"EndpointDetails",
+          "documentation":"<p>The virtual private cloud (VPC) endpoint settings that you want to configure for your SFTP server.</p>"
+        },
+        "EndpointType":{
+          "shape":"EndpointType",
+          "documentation":"<p>The type of VPC endpoint that you want your SFTP server connect to. If you connect to a VPC endpoint, your SFTP server isn't accessible over the public internet.</p>"
+        },
+        "HostKey":{
+          "shape":"HostKey",
+          "documentation":"<p>The RSA private key as generated by <code>ssh-keygen -N \"\" -f my-new-server-key</code> command.</p> <important> <p>If you aren't planning to migrate existing users from an existing SFTP server to a new AWS SFTP server, don't update the host key. Accidentally changing a server's host key can be disruptive. For more information, see <a>change-host-key</a> in the <i>AWS SFTP User Guide.</i> </p> </important>"
+        },
         "IdentityProviderDetails":{
           "shape":"IdentityProviderDetails",
           "documentation":"<p>An array containing all of the information required to call a customer-supplied authentication API. This parameter is not required when the <code>IdentityProviderType</code> value of server that is created uses the <code>SERVICE_MANAGED</code> authentication method.</p>"
@@ -369,7 +380,7 @@
         },
         "UserName":{
           "shape":"UserName",
-          "documentation":"<p>A unique string that identifies a user and is associated with a server as specified by the <code>ServerId</code>.</p>"
+          "documentation":"<p>A unique string that identifies a user and is associated with a server as specified by the <code>ServerId</code>. This user name must be a minimum of 3 and a maximum of 32 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore, and hyphen. The user name can't start with a hyphen.</p>"
         }
       }
     },
@@ -502,8 +513,18 @@
           "shape":"Arn",
           "documentation":"<p>Specifies the unique Amazon Resource Name (ARN) for the server to be described.</p>"
         },
-        "EndpointDetails":{"shape":"EndpointDetails"},
-        "EndpointType":{"shape":"EndpointType"},
+        "EndpointDetails":{
+          "shape":"EndpointDetails",
+          "documentation":"<p>The virtual private cloud (VPC) endpoint settings that you configured for your SFTP server.</p>"
+        },
+        "EndpointType":{
+          "shape":"EndpointType",
+          "documentation":"<p>The type of endpoint that your SFTP server is connected to. If your SFTP server is connected to a VPC endpoint, your server isn't accessible over the public internet.</p>"
+        },
+        "HostKeyFingerprint":{
+          "shape":"HostKeyFingerprint",
+          "documentation":"<p>This value contains the Message-Digest Algorithm (MD5) hash of the server's host key. This value is equivalent to the output of <code>ssh-keygen -l -E md5 -f my-new-server-key</code> command.</p>"
+        },
         "IdentityProviderDetails":{
           "shape":"IdentityProviderDetails",
           "documentation":"<p>Specifies information to call a customer-supplied authentication API. This field is not populated when the <code>IdentityProviderType</code> of the server is <code>SERVICE_MANAGED</code>&gt;.</p>"
@@ -573,8 +594,12 @@
     "EndpointDetails":{
       "type":"structure",
       "members":{
-        "VpcEndpointId":{"shape":"VpcEndpointId"}
-      }
+        "VpcEndpointId":{
+          "shape":"VpcEndpointId",
+          "documentation":"<p>The ID of the VPC endpoint.</p>"
+        }
+      },
+      "documentation":"<p>The configuration settings for the virtual private cloud (VPC) endpoint for your SFTP server.</p>"
     },
     "EndpointType":{
       "type":"string",
@@ -588,6 +613,11 @@
       "max":1024,
       "pattern":"^$|/.*"
     },
+    "HostKey":{
+      "type":"string",
+      "max":4096
+    },
+    "HostKeyFingerprint":{"type":"string"},
     "IdentityProviderDetails":{
       "type":"structure",
       "members":{
@@ -796,7 +826,10 @@
           "shape":"IdentityProviderType",
           "documentation":"<p>The authentication method used to validate a user for the server that was specified. listed. This can include Secure Shell (SSH), user name and password combinations, or your own custom authentication method. Valid values include <code>SERVICE_MANAGED</code> or <code>API_GATEWAY</code>.</p>"
         },
-        "EndpointType":{"shape":"EndpointType"},
+        "EndpointType":{
+          "shape":"EndpointType",
+          "documentation":"<p>The type of VPC endpoint that your SFTP server is connected to. If your SFTP server is connected to a VPC endpoint, your server isn't accessible over the public internet.</p>"
+        },
         "LoggingRole":{
           "shape":"Role",
           "documentation":"<p>The AWS Identity and Access Management entity that allows the server to turn on Amazon CloudWatch logging.</p>"
@@ -1101,15 +1134,25 @@
       "type":"structure",
       "required":["ServerId"],
       "members":{
-        "EndpointDetails":{"shape":"EndpointDetails"},
-        "EndpointType":{"shape":"EndpointType"},
+        "EndpointDetails":{
+          "shape":"EndpointDetails",
+          "documentation":"<p>The virtual private cloud (VPC) endpoint settings that are configured for your SFTP server. With a VPC endpoint, your SFTP server isn't accessible over the public internet.</p>"
+        },
+        "EndpointType":{
+          "shape":"EndpointType",
+          "documentation":"<p>The type of endpoint that you want your SFTP server to connect to. You can choose to connect to the public internet or a virtual private cloud (VPC) endpoint. With a VPC endpoint, your SFTP server isn't accessible over the public internet. </p>"
+        },
+        "HostKey":{
+          "shape":"HostKey",
+          "documentation":"<p>The RSA private key as generated by <code>ssh-keygen -N \"\" -f my-new-server-key</code>.</p> <important> <p>If you aren't planning to migrate existing users from an existing SFTP server to a new AWS SFTP server, don't update the host key. Accidentally changing a server's host key can be disruptive. For more information, see <a>change-host-key</a> in the <i>AWS SFTP User Guide.</i> </p> </important>"
+        },
         "IdentityProviderDetails":{
           "shape":"IdentityProviderDetails",
           "documentation":"<p>This response parameter is an array containing all of the information required to call a customer's authentication API method.</p>"
         },
         "LoggingRole":{
           "shape":"NullableRole",
-          "documentation":"<p>Changes the AWS Identity and Access Management (IAM) role that allows Amazon S3 events to be logged in Amazon CloudWatch, turning logging on or off.</p>"
+          "documentation":"<p>A value that changes the AWS Identity and Access Management (IAM) role that allows Amazon S3 events to be logged in Amazon CloudWatch, turning logging on or off.</p>"
         },
         "ServerId":{
           "shape":"ServerId",
@@ -1152,7 +1195,7 @@
         },
         "UserName":{
           "shape":"UserName",
-          "documentation":"<p>A unique string that identifies a user and is associated with a server as specified by the ServerId. This is the string that will be used by your user when they log in to your SFTP server.</p>"
+          "documentation":"<p>A unique string that identifies a user and is associated with a server as specified by the ServerId. This is the string that will be used by your user when they log in to your SFTP server. This user name is a minimum of 3 and a maximum of 32 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore, and hyphen. The user name can't start with a hyphen.</p>"
         }
       }
     },
