servers
Creates, updates, deletes or gets a server resource or lists servers in a region
Overview
| Name | servers |
| Type | Resource |
| Description | Definition of AWS::Transfer::Server Resource Type |
| Id | aws.transfer.servers |
Fields
| Name | Datatype | Description |
|---|---|---|
arn | string | |
as2_service_managed_egress_ip_addresses | array | The list of egress IP addresses of this server. These IP addresses are only relevant for servers that use the AS2 protocol. They are used for sending asynchronous MDNs. These IP addresses are assigned automatically when you create an AS2 server. Additionally, if you update an existing server and add the AS2 protocol, static IP addresses are assigned as well. |
certificate | string | |
domain | string | |
endpoint_details | object | |
endpoint_type | string | |
identity_provider_details | object | |
identity_provider_type | string | |
logging_role | string | |
post_authentication_login_banner | string | |
pre_authentication_login_banner | string | |
protocol_details | object | |
protocols | array | |
s3_storage_options | object | |
security_policy_name | string | |
server_id | string | |
state | string | |
structured_log_destinations | array | |
tags | array | |
workflow_details | object | |
region | string | AWS region. |
For more information, see AWS::Transfer::Server.
Methods
| Name | Accessible by | Required Params |
|---|---|---|
delete_resource | DELETE | data__Identifier, region |
create_resource | INSERT | region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all servers in a region.
SELECT
region,
arn,
as2_service_managed_egress_ip_addresses,
certificate,
domain,
endpoint_details,
endpoint_type,
identity_provider_details,
identity_provider_type,
logging_role,
post_authentication_login_banner,
pre_authentication_login_banner,
protocol_details,
protocols,
s3_storage_options,
security_policy_name,
server_id,
state,
structured_log_destinations,
tags,
workflow_details
FROM aws.transfer.servers
WHERE region = 'us-east-1';
Gets all properties from an individual server.
SELECT
region,
arn,
as2_service_managed_egress_ip_addresses,
certificate,
domain,
endpoint_details,
endpoint_type,
identity_provider_details,
identity_provider_type,
logging_role,
post_authentication_login_banner,
pre_authentication_login_banner,
protocol_details,
protocols,
s3_storage_options,
security_policy_name,
server_id,
state,
structured_log_destinations,
tags,
workflow_details
FROM aws.transfer.servers
WHERE region = 'us-east-1' AND data__Identifier = '<Arn>';
INSERT example
Use the following StackQL query and manifest file to create a new server resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO aws.transfer.servers (
Certificate,
Domain,
EndpointDetails,
EndpointType,
IdentityProviderDetails,
IdentityProviderType,
LoggingRole,
PostAuthenticationLoginBanner,
PreAuthenticationLoginBanner,
ProtocolDetails,
Protocols,
S3StorageOptions,
SecurityPolicyName,
StructuredLogDestinations,
Tags,
WorkflowDetails,
region
)
SELECT
'{{ Certificate }}',
'{{ Domain }}',
'{{ EndpointDetails }}',
'{{ EndpointType }}',
'{{ IdentityProviderDetails }}',
'{{ IdentityProviderType }}',
'{{ LoggingRole }}',
'{{ PostAuthenticationLoginBanner }}',
'{{ PreAuthenticationLoginBanner }}',
'{{ ProtocolDetails }}',
'{{ Protocols }}',
'{{ S3StorageOptions }}',
'{{ SecurityPolicyName }}',
'{{ StructuredLogDestinations }}',
'{{ Tags }}',
'{{ WorkflowDetails }}',
'{{ region }}';
/*+ create */
INSERT INTO aws.transfer.servers (
Certificate,
Domain,
EndpointDetails,
EndpointType,
IdentityProviderDetails,
IdentityProviderType,
LoggingRole,
PostAuthenticationLoginBanner,
PreAuthenticationLoginBanner,
ProtocolDetails,
Protocols,
S3StorageOptions,
SecurityPolicyName,
StructuredLogDestinations,
Tags,
WorkflowDetails,
region
)
SELECT
'{{ Certificate }}',
'{{ Domain }}',
'{{ EndpointDetails }}',
'{{ EndpointType }}',
'{{ IdentityProviderDetails }}',
'{{ IdentityProviderType }}',
'{{ LoggingRole }}',
'{{ PostAuthenticationLoginBanner }}',
'{{ PreAuthenticationLoginBanner }}',
'{{ ProtocolDetails }}',
'{{ Protocols }}',
'{{ S3StorageOptions }}',
'{{ SecurityPolicyName }}',
'{{ StructuredLogDestinations }}',
'{{ Tags }}',
'{{ WorkflowDetails }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: server
props:
- name: Certificate
value: '{{ Certificate }}'
- name: Domain
value: '{{ Domain }}'
- name: EndpointDetails
value:
AddressAllocationIds:
- '{{ AddressAllocationIds[0] }}'
SubnetIds:
- '{{ SubnetIds[0] }}'
VpcEndpointId: '{{ VpcEndpointId }}'
VpcId: '{{ VpcId }}'
SecurityGroupIds:
- '{{ SecurityGroupIds[0] }}'
- name: EndpointType
value: '{{ EndpointType }}'
- name: IdentityProviderDetails
value:
Url: '{{ Url }}'
InvocationRole: '{{ InvocationRole }}'
DirectoryId: '{{ DirectoryId }}'
Function: '{{ Function }}'
SftpAuthenticationMethods: '{{ SftpAuthenticationMethods }}'
- name: IdentityProviderType
value: '{{ IdentityProviderType }}'
- name: LoggingRole
value: '{{ LoggingRole }}'
- name: PostAuthenticationLoginBanner
value: '{{ PostAuthenticationLoginBanner }}'
- name: PreAuthenticationLoginBanner
value: '{{ PreAuthenticationLoginBanner }}'
- name: ProtocolDetails
value:
PassiveIp: '{{ PassiveIp }}'
TlsSessionResumptionMode: '{{ TlsSessionResumptionMode }}'
SetStatOption: '{{ SetStatOption }}'
As2Transports:
- '{{ As2Transports[0] }}'
- name: Protocols
value:
- '{{ Protocols[0] }}'
- name: S3StorageOptions
value:
DirectoryListingOptimization: '{{ DirectoryListingOptimization }}'
- name: SecurityPolicyName
value: '{{ SecurityPolicyName }}'
- name: StructuredLogDestinations
value:
- '{{ StructuredLogDestinations[0] }}'
- name: Tags
value:
- Key: '{{ Key }}'
Value: '{{ Value }}'
- name: WorkflowDetails
value:
OnUpload:
- WorkflowId: '{{ WorkflowId }}'
ExecutionRole: '{{ ExecutionRole }}'
OnPartialUpload:
- null
DELETE example
/*+ delete */
DELETE FROM aws.transfer.servers
WHERE data__Identifier = '<Arn>'
AND region = 'us-east-1';
Permissions
To operate on the servers resource, the following permissions are required:
Create
apigateway:GET,
ds:AuthorizeApplication,
ds:DescribeDirectories,
ec2:AssociateAddress,
ec2:CreateVpcEndpoint,
ec2:DescribeAddresses,
ec2:DescribeNetworkInterfaces,
ec2:DescribeVpcEndpoints,
iam:PassRole,
logs:CreateLogDelivery,
logs:DeleteLogDelivery,
logs:DescribeLogGroups,
logs:DescribeResourcePolicies,
logs:GetLogDelivery,
logs:ListLogDeliveries,
logs:PutResourcePolicy,
logs:UpdateLogDelivery,
transfer:CreateServer,
transfer:DescribeServer,
transfer:StartServer,
transfer:StopServer,
transfer:TagResource,
transfer:UpdateServer
Read
ec2:DescribeVpcEndpoints,
transfer:DescribeServer
Update
apigateway:GET,
ec2:AssociateAddress,
ec2:CreateVpcEndpoint,
ec2:DeleteVpcEndpoints,
ec2:DescribeAddresses,
ec2:DescribeNetworkInterfaces,
ec2:DescribeVpcEndpoints,
ec2:DisassociateAddress,
ec2:ModifyVpcEndpoint,
iam:PassRole,
logs:CreateLogDelivery,
logs:DeleteLogDelivery,
logs:DescribeLogGroups,
logs:DescribeResourcePolicies,
logs:GetLogDelivery,
logs:ListLogDeliveries,
logs:PutResourcePolicy,
logs:UpdateLogDelivery,
transfer:DescribeServer,
transfer:StartServer,
transfer:StopServer,
transfer:TagResource,
transfer:UnTagResource,
transfer:UpdateServer
Delete
ds:DescribeDirectories,
ds:UnauthorizeApplication,
ec2:DeleteVpcEndpoints,
ec2:DescribeAddresses,
ec2:DescribeNetworkInterfaces,
ec2:DescribeVpcEndpoints,
ec2:DisassociateAddress,
logs:DeleteLogDelivery,
logs:GetLogDelivery,
logs:ListLogDeliveries,
transfer:DeleteServer
List
transfer:ListServers