From 6e8cb2c6973b5416fafb4a306ec8f1398bbc53eb Mon Sep 17 00:00:00 2001 From: awssdkgo Date: Wed, 22 Jun 2022 18:13:49 +0000 Subject: [PATCH] Release v1.44.40 (2022-06-22) === ### Service Client Updates * `service/apigateway`: Updates service documentation * Documentation updates for Amazon API Gateway * `service/pricing`: Updates service API and documentation * `service/transfer`: Updates service API and documentation * Until today, the service supported only RSA host keys and user keys. Now with this launch, Transfer Family has expanded the support for ECDSA and ED25519 host keys and user keys, enabling customers to support a broader set of clients by choosing RSA, ECDSA, and ED25519 host and user keys. --- CHANGELOG.md | 10 ++ aws/version.go | 2 +- models/apis/apigateway/2015-07-09/docs-2.json | 2 +- models/apis/pricing/2017-10-15/api-2.json | 2 + models/apis/pricing/2017-10-15/docs-2.json | 4 +- models/apis/transfer/2018-11-05/api-2.json | 3 +- models/apis/transfer/2018-11-05/docs-2.json | 20 ++-- service/apigateway/api.go | 4 + service/pricing/api.go | 13 ++- service/pricing/doc.go | 13 +-- service/transfer/api.go | 107 +++++++++++------- service/transfer/errors.go | 2 - 12 files changed, 111 insertions(+), 71 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f14241905c..4ce6d6a009 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,13 @@ +Release v1.44.40 (2022-06-22) +=== + +### Service Client Updates +* `service/apigateway`: Updates service documentation + * Documentation updates for Amazon API Gateway +* `service/pricing`: Updates service API and documentation +* `service/transfer`: Updates service API and documentation + * Until today, the service supported only RSA host keys and user keys. Now with this launch, Transfer Family has expanded the support for ECDSA and ED25519 host keys and user keys, enabling customers to support a broader set of clients by choosing RSA, ECDSA, and ED25519 host and user keys. + Release v1.44.39 (2022-06-21) === diff --git a/aws/version.go b/aws/version.go index 3fdd917eb1..baa7b9bb20 100644 --- a/aws/version.go +++ b/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.44.39" +const SDKVersion = "1.44.40" diff --git a/models/apis/apigateway/2015-07-09/docs-2.json b/models/apis/apigateway/2015-07-09/docs-2.json index cdbfc6cec6..af652c04bb 100644 --- a/models/apis/apigateway/2015-07-09/docs-2.json +++ b/models/apis/apigateway/2015-07-09/docs-2.json @@ -247,7 +247,7 @@ "SdkConfigurationProperty$required": "

A boolean flag of an SdkType configuration property to indicate if the associated SDK configuration property is required (true) or not (false).

", "Stage$cacheClusterEnabled": "

Specifies whether a cache cluster is enabled for the stage.

", "Stage$tracingEnabled": "

Specifies whether active tracing with X-ray is enabled for the Stage.

", - "TlsConfig$insecureSkipVerification": "

Specifies whether or not API Gateway skips verification that the certificate for an integration endpoint is issued by a supported certificate authority. This isn’t recommended, but it enables you to use certificates that are signed by private certificate authorities, or certificates that are self-signed. If enabled, API Gateway still performs basic certificate validation, which includes checking the certificate's expiration date, hostname, and presence of a root certificate authority. Supported only for HTTP and HTTP_PROXY integrations.

" + "TlsConfig$insecureSkipVerification": "

Specifies whether or not API Gateway skips verification that the certificate for an integration endpoint is issued by a supported certificate authority. This isn’t recommended, but it enables you to use certificates that are signed by private certificate authorities, or certificates that are self-signed. If enabled, API Gateway still performs basic certificate validation, which includes checking the certificate's expiration date, hostname, and presence of a root certificate authority. Supported only for HTTP and HTTP_PROXY integrations.

Enabling insecureSkipVerification isn't recommended, especially for integrations with public HTTPS endpoints. If you enable insecureSkipVerification, you increase the risk of man-in-the-middle attacks.

" } }, "CacheClusterSize": { diff --git a/models/apis/pricing/2017-10-15/api-2.json b/models/apis/pricing/2017-10-15/api-2.json index eb3753816b..254f3a5129 100644 --- a/models/apis/pricing/2017-10-15/api-2.json +++ b/models/apis/pricing/2017-10-15/api-2.json @@ -156,6 +156,7 @@ }, "GetProductsRequest":{ "type":"structure", + "required":["ServiceCode"], "members":{ "ServiceCode":{"shape":"String"}, "Filters":{"shape":"Filters"}, @@ -213,6 +214,7 @@ "PriceListItemJSON":{"type":"string"}, "Service":{ "type":"structure", + "required":["ServiceCode"], "members":{ "ServiceCode":{"shape":"String"}, "AttributeNames":{"shape":"AttributeNameList"} diff --git a/models/apis/pricing/2017-10-15/docs-2.json b/models/apis/pricing/2017-10-15/docs-2.json index 6816627550..660b07371a 100644 --- a/models/apis/pricing/2017-10-15/docs-2.json +++ b/models/apis/pricing/2017-10-15/docs-2.json @@ -1,9 +1,9 @@ { "version": "2.0", - "service": "

Amazon Web Services Price List Service API (Amazon Web Services Price List Service) is a centralized and convenient way to programmatically query Amazon Web Services for services, products, and pricing information. The Amazon Web Services Price List Service uses standardized product attributes such as Location, Storage Class, and Operating System, and provides prices at the SKU level. You can use the Amazon Web Services Price List Service to build cost control and scenario planning tools, reconcile billing data, forecast future spend for budgeting purposes, and provide cost benefit analysis that compare your internal workloads with Amazon Web Services.

Use GetServices without a service code to retrieve the service codes for all AWS services, then GetServices with a service code to retrieve the attribute names for that service. After you have the service code and attribute names, you can use GetAttributeValues to see what values are available for an attribute. With the service code and an attribute name and value, you can use GetProducts to find specific products that you're interested in, such as an AmazonEC2 instance, with a Provisioned IOPS volumeType.

Service Endpoint

Amazon Web Services Price List Service API provides the following two endpoints:

", + "service": "

Amazon Web Services Price List API is a centralized and convenient way to programmatically query Amazon Web Services for services, products, and pricing information. The Amazon Web Services Price List uses standardized product attributes such as Location, Storage Class, and Operating System, and provides prices at the SKU level. You can use the Amazon Web Services Price List to build cost control and scenario planning tools, reconcile billing data, forecast future spend for budgeting purposes, and provide cost benefit analysis that compare your internal workloads with Amazon Web Services.

Use GetServices without a service code to retrieve the service codes for all AWS services, then GetServices with a service code to retrieve the attribute names for that service. After you have the service code and attribute names, you can use GetAttributeValues to see what values are available for an attribute. With the service code and an attribute name and value, you can use GetProducts to find specific products that you're interested in, such as an AmazonEC2 instance, with a Provisioned IOPS volumeType.

Service Endpoint

Amazon Web Services Price List service API provides the following two endpoints:

", "operations": { "DescribeServices": "

Returns the metadata for one service or a list of the metadata for all services. Use this without a service code to get the service codes for all services. Use it with a service code, such as AmazonEC2, to get information specific to that service, such as the attribute names available for that service. For example, some of the attribute names available for EC2 are volumeType, maxIopsVolume, operation, locationType, and instanceCapacity10xlarge.

", - "GetAttributeValues": "

Returns a list of attribute values. Attributes are similar to the details in a Price List API offer file. For a list of available attributes, see Offer File Definitions in the Amazon Web Services Billing and Cost Management User Guide.

", + "GetAttributeValues": "

Returns a list of attribute values. Attributes are similar to the details in a Price List API offer file. For a list of available attributes, see Offer File Definitions in the Billing and Cost Management User Guide.

", "GetProducts": "

Returns a list of all products that match the filter criteria.

" }, "shapes": { diff --git a/models/apis/transfer/2018-11-05/api-2.json b/models/apis/transfer/2018-11-05/api-2.json index eec219ead9..6631bde12d 100644 --- a/models/apis/transfer/2018-11-05/api-2.json +++ b/models/apis/transfer/2018-11-05/api-2.json @@ -1708,8 +1708,7 @@ }, "SshPublicKeyBody":{ "type":"string", - "max":2048, - "pattern":"^ssh-rsa\\s+[A-Za-z0-9+/]+[=]{0,3}(\\s+.+)?\\s*$" + "max":2048 }, "SshPublicKeyCount":{"type":"integer"}, "SshPublicKeyId":{ diff --git a/models/apis/transfer/2018-11-05/docs-2.json b/models/apis/transfer/2018-11-05/docs-2.json index 20fe13f97e..f63b5f35f9 100644 --- a/models/apis/transfer/2018-11-05/docs-2.json +++ b/models/apis/transfer/2018-11-05/docs-2.json @@ -471,8 +471,8 @@ "HostKey": { "base": null, "refs": { - "CreateServerRequest$HostKey": "

The RSA private key as generated by the ssh-keygen -N \"\" -m PEM -f my-new-server-key command.

If you aren't planning to migrate existing users from an existing SFTP-enabled server to a new server, don't update the host key. Accidentally changing a server's host key can be disruptive.

For more information, see Change the host key for your SFTP-enabled server in the Amazon Web Services Transfer Family User Guide.

", - "UpdateServerRequest$HostKey": "

The RSA private key as generated by ssh-keygen -N \"\" -m PEM -f my-new-server-key.

If you aren't planning to migrate existing users from an existing server to a new server, don't update the host key. Accidentally changing a server's host key can be disruptive.

For more information, see Change the host key for your SFTP-enabled server in the Amazon Web ServicesTransfer Family User Guide.

" + "CreateServerRequest$HostKey": "

The RSA, ECDSA, or ED25519 private key to use for your server.

Use the following command to generate an RSA 2048 bit key with no passphrase:

ssh-keygen -t rsa -b 2048 -N \"\" -m PEM -f my-new-server-key.

Use a minimum value of 2048 for the -b option: you can create a stronger key using 3072 or 4096.

Use the following command to generate an ECDSA 256 bit key with no passphrase:

ssh-keygen -t ecdsa -b 256 -N \"\" -m PEM -f my-new-server-key.

Valid values for the -b option for ECDSA are 256, 384, and 521.

Use the following command to generate an ED25519 key with no passphrase:

ssh-keygen -t ed25519 -N \"\" -f my-new-server-key.

For all of these commands, you can replace my-new-server-key with a string of your choice.

If you aren't planning to migrate existing users from an existing SFTP-enabled server to a new server, don't update the host key. Accidentally changing a server's host key can be disruptive.

For more information, see Change the host key for your SFTP-enabled server in the Amazon Web Services Transfer Family User Guide.

", + "UpdateServerRequest$HostKey": "

The RSA, ECDSA, or ED25519 private key to use for your server.

Use the following command to generate an RSA 2048 bit key with no passphrase:

ssh-keygen -t rsa -b 2048 -N \"\" -m PEM -f my-new-server-key.

Use a minimum value of 2048 for the -b option: you can create a stronger key using 3072 or 4096.

Use the following command to generate an ECDSA 256 bit key with no passphrase:

ssh-keygen -t ecdsa -b 256 -N \"\" -m PEM -f my-new-server-key.

Valid values for the -b option for ECDSA are 256, 384, and 521.

Use the following command to generate an ED25519 key with no passphrase:

ssh-keygen -t ed25519 -N \"\" -f my-new-server-key.

For all of these commands, you can replace my-new-server-key with a string of your choice.

If you aren't planning to migrate existing users from an existing SFTP-enabled server to a new server, don't update the host key. Accidentally changing a server's host key can be disruptive.

For more information, see Change the host key for your SFTP-enabled server in the Amazon Web Services Transfer Family User Guide.

" } }, "HostKeyFingerprint": { @@ -746,7 +746,7 @@ "PassiveIp": { "base": null, "refs": { - "ProtocolDetails$PassiveIp": "

Indicates passive mode, for FTP and FTPS protocols. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer. For example:

aws transfer update-server --protocol-details PassiveIp=0.0.0.0

Replace 0.0.0.0 in the example above with the actual IP address you want to use.

If you change the PassiveIp value, you must stop and then restart your Transfer server for the change to take effect. For details on using Passive IP (PASV) in a NAT environment, see Configuring your FTPS server behind a firewall or NAT with Amazon Web Services Transfer Family.

" + "ProtocolDetails$PassiveIp": "

Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer. For example:

aws transfer update-server --protocol-details PassiveIp=0.0.0.0

Replace 0.0.0.0 in the example above with the actual IP address you want to use.

If you change the PassiveIp value, you must stop and then restart your Transfer Family server for the change to take effect. For details on using passive mode (PASV) in a NAT environment, see Configuring your FTPS server behind a firewall or NAT with Transfer Family.

" } }, "Policy": { @@ -807,7 +807,7 @@ "base": "

The protocol settings that are configured for your server.

", "refs": { "CreateServerRequest$ProtocolDetails": "

The protocol settings that are configured for your server.

", - "DescribedServer$ProtocolDetails": "

The protocol settings that are configured for your server.

Use the PassiveIp parameter to indicate passive mode. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.

", + "DescribedServer$ProtocolDetails": "

The protocol settings that are configured for your server.

Use the PassiveIp parameter to indicate passive mode. Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer.

", "UpdateServerRequest$ProtocolDetails": "

The protocol settings that are configured for your server.

" } }, @@ -1062,7 +1062,7 @@ "SetStatOption": { "base": null, "refs": { - "ProtocolDetails$SetStatOption": "

Use the SetStatOption to ignore the error that is generated when the client attempts to use SETSTAT on a file you are uploading to an S3 bucket.

Some SFTP file transfer clients can attempt to change the attributes of remote files, including timestamp and permissions, using commands, such as SETSTAT when uploading the file. However, these commands are not compatible with object storage systems, such as Amazon S3. Due to this incompatibility, file uploads from these clients can result in errors even when the file is otherwise successfully uploaded.

Set the value to ENABLE_NO_OP to have the Transfer Family server ignore the SETSTAT command, and upload files without needing to make any changes to your SFTP client. While the SetStatOption ENABLE_NO_OP setting ignores the error, it does generate a log entry in CloudWatch Logs, so you can determine when the client is making a SETSTAT call.

If you want to preserve the original timestamp for your file, and modify other file attributes using SETSTAT, you can use Amazon EFS as backend storage with Transfer Family.

" + "ProtocolDetails$SetStatOption": "

Use the SetStatOption to ignore the error that is generated when the client attempts to use SETSTAT on a file you are uploading to an S3 bucket.

Some SFTP file transfer clients can attempt to change the attributes of remote files, including timestamp and permissions, using commands, such as SETSTAT when uploading the file. However, these commands are not compatible with object storage systems, such as Amazon S3. Due to this incompatibility, file uploads from these clients can result in errors even when the file is otherwise successfully uploaded.

Set the value to ENABLE_NO_OP to have the Transfer Family server ignore the SETSTAT command, and upload files without needing to make any changes to your SFTP client. While the SetStatOption ENABLE_NO_OP setting ignores the error, it does generate a log entry in Amazon CloudWatch Logs, so you can determine when the client is making a SETSTAT call.

If you want to preserve the original timestamp for your file, and modify other file attributes using SETSTAT, you can use Amazon EFS as backend storage with Transfer Family.

" } }, "SourceFileLocation": { @@ -1089,9 +1089,9 @@ "SshPublicKeyBody": { "base": null, "refs": { - "CreateUserRequest$SshPublicKeyBody": "

The public portion of the Secure Shell (SSH) key used to authenticate the user to the server.

Currently, Transfer Family does not accept elliptical curve keys (keys beginning with ecdsa).

", - "ImportSshPublicKeyRequest$SshPublicKeyBody": "

The public key portion of an SSH key pair.

", - "SshPublicKey$SshPublicKeyBody": "

Specifies the content of the SSH public key as specified by the PublicKeyId.

" + "CreateUserRequest$SshPublicKeyBody": "

The public portion of the Secure Shell (SSH) key used to authenticate the user to the server.

Transfer Family accepts RSA, ECDSA, and ED25519 keys.

", + "ImportSshPublicKeyRequest$SshPublicKeyBody": "

The public key portion of an SSH key pair.

Transfer Family accepts RSA, ECDSA, and ED25519 keys.

", + "SshPublicKey$SshPublicKeyBody": "

Specifies the content of the SSH public key as specified by the PublicKeyId.

Transfer Family accepts RSA, ECDSA, and ED25519 keys.

" } }, "SshPublicKeyCount": { @@ -1215,14 +1215,14 @@ } }, "ThrottlingException": { - "base": "

The request was denied due to request throttling.

HTTP Status Code: 400

", + "base": "

The request was denied due to request throttling.

", "refs": { } }, "TlsSessionResumptionMode": { "base": null, "refs": { - "ProtocolDetails$TlsSessionResumptionMode": "

A property used with Transfer servers that use the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. TlsSessionResumptionMode determines whether or not the server resumes recent, negotiated sessions through a unique session ID. This property is available during CreateServer and UpdateServer calls. If a TlsSessionResumptionMode value is not specified during CreateServer, it is set to ENFORCED by default.

" + "ProtocolDetails$TlsSessionResumptionMode": "

A property used with Transfer Family servers that use the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. TlsSessionResumptionMode determines whether or not the server resumes recent, negotiated sessions through a unique session ID. This property is available during CreateServer and UpdateServer calls. If a TlsSessionResumptionMode value is not specified during CreateServer, it is set to ENFORCED by default.

" } }, "UntagResourceRequest": { diff --git a/service/apigateway/api.go b/service/apigateway/api.go index 7ca006348e..f9a8240446 100644 --- a/service/apigateway/api.go +++ b/service/apigateway/api.go @@ -24413,6 +24413,10 @@ type TlsConfig struct { // If enabled, API Gateway still performs basic certificate validation, which // includes checking the certificate's expiration date, hostname, and presence // of a root certificate authority. Supported only for HTTP and HTTP_PROXY integrations. + // + // Enabling insecureSkipVerification isn't recommended, especially for integrations + // with public HTTPS endpoints. If you enable insecureSkipVerification, you + // increase the risk of man-in-the-middle attacks. InsecureSkipVerification *bool `locationName:"insecureSkipVerification" type:"boolean"` } diff --git a/service/pricing/api.go b/service/pricing/api.go index fb10fd4f69..8993261768 100644 --- a/service/pricing/api.go +++ b/service/pricing/api.go @@ -219,7 +219,7 @@ func (c *Pricing) GetAttributeValuesRequest(input *GetAttributeValuesInput) (req // Returns a list of attribute values. Attributes are similar to the details // in a Price List API offer file. For a list of available attributes, see Offer // File Definitions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/reading-an-offer.html#pps-defs) -// in the Amazon Web Services Billing and Cost Management User Guide (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-what-is.html). +// in the Billing and Cost Management User Guide (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-what-is.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -926,7 +926,9 @@ type GetProductsInput struct { NextToken *string `type:"string"` // The code for the service whose products you want to retrieve. - ServiceCode *string `type:"string"` + // + // ServiceCode is a required field + ServiceCode *string `type:"string" required:"true"` } // String returns the string representation. @@ -953,6 +955,9 @@ func (s *GetProductsInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } + if s.ServiceCode == nil { + invalidParams.Add(request.NewErrParamRequired("ServiceCode")) + } if s.Filters != nil { for i, v := range s.Filters { if v == nil { @@ -1316,7 +1321,9 @@ type Service struct { AttributeNames []*string `type:"list"` // The code for the Amazon Web Services service. - ServiceCode *string `type:"string"` + // + // ServiceCode is a required field + ServiceCode *string `type:"string" required:"true"` } // String returns the string representation. diff --git a/service/pricing/doc.go b/service/pricing/doc.go index 35e2d47d5e..e6d7d927ed 100644 --- a/service/pricing/doc.go +++ b/service/pricing/doc.go @@ -3,12 +3,11 @@ // Package pricing provides the client and types for making API // requests to AWS Price List Service. // -// Amazon Web Services Price List Service API (Amazon Web Services Price List -// Service) is a centralized and convenient way to programmatically query Amazon -// Web Services for services, products, and pricing information. The Amazon -// Web Services Price List Service uses standardized product attributes such -// as Location, Storage Class, and Operating System, and provides prices at -// the SKU level. You can use the Amazon Web Services Price List Service to +// Amazon Web Services Price List API is a centralized and convenient way to +// programmatically query Amazon Web Services for services, products, and pricing +// information. The Amazon Web Services Price List uses standardized product +// attributes such as Location, Storage Class, and Operating System, and provides +// prices at the SKU level. You can use the Amazon Web Services Price List to // build cost control and scenario planning tools, reconcile billing data, forecast // future spend for budgeting purposes, and provide cost benefit analysis that // compare your internal workloads with Amazon Web Services. @@ -23,7 +22,7 @@ // // Service Endpoint // -// Amazon Web Services Price List Service API provides the following two endpoints: +// Amazon Web Services Price List service API provides the following two endpoints: // // * https://api.pricing.us-east-1.amazonaws.com // diff --git a/service/transfer/api.go b/service/transfer/api.go index 0ac8d6e35a..c330bbdc30 100644 --- a/service/transfer/api.go +++ b/service/transfer/api.go @@ -193,8 +193,6 @@ func (c *Transfer) CreateServerRequest(input *CreateServerInput) (req *request.R // * ThrottlingException // The request was denied due to request throttling. // -// HTTP Status Code: 400 -// // See also, https://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateServer func (c *Transfer) CreateServer(input *CreateServerInput) (*CreateServerOutput, error) { req, out := c.CreateServerRequest(input) @@ -394,8 +392,6 @@ func (c *Transfer) CreateWorkflowRequest(input *CreateWorkflowInput) (req *reque // * ThrottlingException // The request was denied due to request throttling. // -// HTTP Status Code: 400 -// // See also, https://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/CreateWorkflow func (c *Transfer) CreateWorkflow(input *CreateWorkflowInput) (*CreateWorkflowOutput, error) { req, out := c.CreateWorkflowRequest(input) @@ -681,8 +677,6 @@ func (c *Transfer) DeleteSshPublicKeyRequest(input *DeleteSshPublicKeyInput) (re // * ThrottlingException // The request was denied due to request throttling. // -// HTTP Status Code: 400 -// // See also, https://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DeleteSshPublicKey func (c *Transfer) DeleteSshPublicKey(input *DeleteSshPublicKeyInput) (*DeleteSshPublicKeyOutput, error) { req, out := c.DeleteSshPublicKeyRequest(input) @@ -1539,8 +1533,6 @@ func (c *Transfer) ImportSshPublicKeyRequest(input *ImportSshPublicKeyInput) (re // * ThrottlingException // The request was denied due to request throttling. // -// HTTP Status Code: 400 -// // See also, https://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/ImportSshPublicKey func (c *Transfer) ImportSshPublicKey(input *ImportSshPublicKeyInput) (*ImportSshPublicKeyOutput, error) { req, out := c.ImportSshPublicKeyRequest(input) @@ -2695,8 +2687,6 @@ func (c *Transfer) SendWorkflowStepStateRequest(input *SendWorkflowStepStateInpu // * ThrottlingException // The request was denied due to request throttling. // -// HTTP Status Code: 400 -// // See also, https://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/SendWorkflowStepState func (c *Transfer) SendWorkflowStepState(input *SendWorkflowStepStateInput) (*SendWorkflowStepStateOutput, error) { req, out := c.SendWorkflowStepStateRequest(input) @@ -2800,8 +2790,6 @@ func (c *Transfer) StartServerRequest(input *StartServerInput) (req *request.Req // * ThrottlingException // The request was denied due to request throttling. // -// HTTP Status Code: 400 -// // See also, https://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/StartServer func (c *Transfer) StartServer(input *StartServerInput) (*StartServerOutput, error) { req, out := c.StartServerRequest(input) @@ -2909,8 +2897,6 @@ func (c *Transfer) StopServerRequest(input *StopServerInput) (req *request.Reque // * ThrottlingException // The request was denied due to request throttling. // -// HTTP Status Code: 400 -// // See also, https://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/StopServer func (c *Transfer) StopServer(input *StopServerInput) (*StopServerOutput, error) { req, out := c.StopServerRequest(input) @@ -3419,8 +3405,6 @@ func (c *Transfer) UpdateServerRequest(input *UpdateServerInput) (req *request.R // * ThrottlingException // The request was denied due to request throttling. // -// HTTP Status Code: 400 -// // See also, https://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateServer func (c *Transfer) UpdateServer(input *UpdateServerInput) (*UpdateServerOutput, error) { req, out := c.UpdateServerRequest(input) @@ -3519,8 +3503,6 @@ func (c *Transfer) UpdateUserRequest(input *UpdateUserInput) (req *request.Reque // * ThrottlingException // The request was denied due to request throttling. // -// HTTP Status Code: 400 -// // See also, https://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/UpdateUser func (c *Transfer) UpdateUser(input *UpdateUserInput) (*UpdateUserOutput, error) { req, out := c.UpdateUserRequest(input) @@ -4085,8 +4067,27 @@ type CreateServerInput struct { // possible with EndpointType set to VPC_ENDPOINT. EndpointType *string `type:"string" enum:"EndpointType"` - // The RSA private key as generated by the ssh-keygen -N "" -m PEM -f my-new-server-key - // command. + // The RSA, ECDSA, or ED25519 private key to use for your server. + // + // Use the following command to generate an RSA 2048 bit key with no passphrase: + // + // ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key. + // + // Use a minimum value of 2048 for the -b option: you can create a stronger + // key using 3072 or 4096. + // + // Use the following command to generate an ECDSA 256 bit key with no passphrase: + // + // ssh-keygen -t ecdsa -b 256 -N "" -m PEM -f my-new-server-key. + // + // Valid values for the -b option for ECDSA are 256, 384, and 521. + // + // Use the following command to generate an ED25519 key with no passphrase: + // + // ssh-keygen -t ed25519 -N "" -f my-new-server-key. + // + // For all of these commands, you can replace my-new-server-key with a string + // of your choice. // // If you aren't planning to migrate existing users from an existing SFTP-enabled // server to a new server, don't update the host key. Accidentally changing @@ -4472,8 +4473,7 @@ type CreateUserInput struct { // The public portion of the Secure Shell (SSH) key used to authenticate the // user to the server. // - // Currently, Transfer Family does not accept elliptical curve keys (keys beginning - // with ecdsa). + // Transfer Family accepts RSA, ECDSA, and ED25519 keys. SshPublicKeyBody *string `type:"string"` // Key-value pairs that can be used to group and search for users. Tags are @@ -6394,9 +6394,8 @@ type DescribedServer struct { // The protocol settings that are configured for your server. // - // Use the PassiveIp parameter to indicate passive mode. Enter a single dotted-quad - // IPv4 address, such as the external IP address of a firewall, router, or load - // balancer. + // Use the PassiveIp parameter to indicate passive mode. Enter a single IPv4 + // address, such as the public IP address of a firewall, router, or load balancer. ProtocolDetails *ProtocolDetails `type:"structure"` // Specifies the file transfer protocol or protocols over which your file transfer @@ -7346,6 +7345,8 @@ type ImportSshPublicKeyInput struct { // The public key portion of an SSH key pair. // + // Transfer Family accepts RSA, ECDSA, and ED25519 keys. + // // SshPublicKeyBody is a required field SshPublicKeyBody *string `type:"string" required:"true"` @@ -9142,9 +9143,9 @@ func (s *PosixProfile) SetUid(v int64) *PosixProfile { type ProtocolDetails struct { _ struct{} `type:"structure"` - // Indicates passive mode, for FTP and FTPS protocols. Enter a single dotted-quad - // IPv4 address, such as the external IP address of a firewall, router, or load - // balancer. For example: + // Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4 address, + // such as the public IP address of a firewall, router, or load balancer. For + // example: // // aws transfer update-server --protocol-details PassiveIp=0.0.0.0 // @@ -9152,9 +9153,9 @@ type ProtocolDetails struct { // to use. // // If you change the PassiveIp value, you must stop and then restart your Transfer - // server for the change to take effect. For details on using Passive IP (PASV) - // in a NAT environment, see Configuring your FTPS server behind a firewall - // or NAT with Amazon Web Services Transfer Family (http://aws.amazon.com/blogs/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/). + // Family server for the change to take effect. For details on using passive + // mode (PASV) in a NAT environment, see Configuring your FTPS server behind + // a firewall or NAT with Transfer Family (http://aws.amazon.com/blogs/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/). PassiveIp *string `type:"string"` // Use the SetStatOption to ignore the error that is generated when the client @@ -9170,17 +9171,17 @@ type ProtocolDetails struct { // Set the value to ENABLE_NO_OP to have the Transfer Family server ignore the // SETSTAT command, and upload files without needing to make any changes to // your SFTP client. While the SetStatOption ENABLE_NO_OP setting ignores the - // error, it does generate a log entry in CloudWatch Logs, so you can determine - // when the client is making a SETSTAT call. + // error, it does generate a log entry in Amazon CloudWatch Logs, so you can + // determine when the client is making a SETSTAT call. // // If you want to preserve the original timestamp for your file, and modify // other file attributes using SETSTAT, you can use Amazon EFS as backend storage // with Transfer Family. SetStatOption *string `type:"string" enum:"SetStatOption"` - // A property used with Transfer servers that use the FTPS protocol. TLS Session - // Resumption provides a mechanism to resume or share a negotiated secret key - // between the control and data connection for an FTPS session. TlsSessionResumptionMode + // A property used with Transfer Family servers that use the FTPS protocol. + // TLS Session Resumption provides a mechanism to resume or share a negotiated + // secret key between the control and data connection for an FTPS session. TlsSessionResumptionMode // determines whether or not the server resumes recent, negotiated sessions // through a unique session ID. This property is available during CreateServer // and UpdateServer calls. If a TlsSessionResumptionMode value is not specified @@ -9812,6 +9813,8 @@ type SshPublicKey struct { // Specifies the content of the SSH public key as specified by the PublicKeyId. // + // Transfer Family accepts RSA, ECDSA, and ED25519 keys. + // // SshPublicKeyBody is a required field SshPublicKeyBody *string `type:"string" required:"true"` @@ -10423,8 +10426,6 @@ func (s *TestIdentityProviderOutput) SetUrl(v string) *TestIdentityProviderOutpu } // The request was denied due to request throttling. -// -// HTTP Status Code: 400 type ThrottlingException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -10897,15 +10898,35 @@ type UpdateServerInput struct { // possible with EndpointType set to VPC_ENDPOINT. EndpointType *string `type:"string" enum:"EndpointType"` - // The RSA private key as generated by ssh-keygen -N "" -m PEM -f my-new-server-key. + // The RSA, ECDSA, or ED25519 private key to use for your server. + // + // Use the following command to generate an RSA 2048 bit key with no passphrase: + // + // ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key. + // + // Use a minimum value of 2048 for the -b option: you can create a stronger + // key using 3072 or 4096. + // + // Use the following command to generate an ECDSA 256 bit key with no passphrase: + // + // ssh-keygen -t ecdsa -b 256 -N "" -m PEM -f my-new-server-key. // - // If you aren't planning to migrate existing users from an existing server - // to a new server, don't update the host key. Accidentally changing a server's - // host key can be disruptive. + // Valid values for the -b option for ECDSA are 256, 384, and 521. + // + // Use the following command to generate an ED25519 key with no passphrase: + // + // ssh-keygen -t ed25519 -N "" -f my-new-server-key. + // + // For all of these commands, you can replace my-new-server-key with a string + // of your choice. + // + // If you aren't planning to migrate existing users from an existing SFTP-enabled + // server to a new server, don't update the host key. Accidentally changing + // a server's host key can be disruptive. // // For more information, see Change the host key for your SFTP-enabled server // (https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key) - // in the Amazon Web ServicesTransfer Family User Guide. + // in the Amazon Web Services Transfer Family User Guide. // // HostKey is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by UpdateServerInput's diff --git a/service/transfer/errors.go b/service/transfer/errors.go index 44b4f95fb8..524b2d66cd 100644 --- a/service/transfer/errors.go +++ b/service/transfer/errors.go @@ -65,8 +65,6 @@ const ( // "ThrottlingException". // // The request was denied due to request throttling. - // - // HTTP Status Code: 400 ErrCodeThrottlingException = "ThrottlingException" )