servers
Creates, updates, deletes or gets a server
resource or lists servers
in a region
Overview
Name | servers |
Type | Resource |
Description | Definition of AWS::Transfer::Server Resource Type |
Id | aws.transfer.servers |
Fields
Name | Datatype | Description |
---|---|---|
arn | string | |
as2_service_managed_egress_ip_addresses | array | The list of egress IP addresses of this server. These IP addresses are only relevant for servers that use the AS2 protocol. They are used for sending asynchronous MDNs. These IP addresses are assigned automatically when you create an AS2 server. Additionally, if you update an existing server and add the AS2 protocol, static IP addresses are assigned as well. |
certificate | string | |
domain | string | |
endpoint_details | object | |
endpoint_type | string | |
identity_provider_details | object | |
identity_provider_type | string | |
logging_role | string | |
post_authentication_login_banner | string | |
pre_authentication_login_banner | string | |
protocol_details | object | |
protocols | array | |
s3_storage_options | object | |
security_policy_name | string | |
server_id | string | |
state | string | |
structured_log_destinations | array | |
tags | array | |
workflow_details | object | |
region | string | AWS region. |
For more information, see AWS::Transfer::Server
.
Methods
Name | Accessible by | Required Params |
---|---|---|
delete_resource | DELETE | data__Identifier, region |
create_resource | INSERT | region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT
examples
Gets all servers
in a region.
SELECT
region,
arn,
as2_service_managed_egress_ip_addresses,
certificate,
domain,
endpoint_details,
endpoint_type,
identity_provider_details,
identity_provider_type,
logging_role,
post_authentication_login_banner,
pre_authentication_login_banner,
protocol_details,
protocols,
s3_storage_options,
security_policy_name,
server_id,
state,
structured_log_destinations,
tags,
workflow_details
FROM aws.transfer.servers
WHERE region = 'us-east-1';
Gets all properties from an individual server
.
SELECT
region,
arn,
as2_service_managed_egress_ip_addresses,
certificate,
domain,
endpoint_details,
endpoint_type,
identity_provider_details,
identity_provider_type,
logging_role,
post_authentication_login_banner,
pre_authentication_login_banner,
protocol_details,
protocols,
s3_storage_options,
security_policy_name,
server_id,
state,
structured_log_destinations,
tags,
workflow_details
FROM aws.transfer.servers
WHERE region = 'us-east-1' AND data__Identifier = '<Arn>';
INSERT
example
Use the following StackQL query and manifest file to create a new server
resource, using stack-deploy
.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO aws.transfer.servers (
Certificate,
Domain,
EndpointDetails,
EndpointType,
IdentityProviderDetails,
IdentityProviderType,
LoggingRole,
PostAuthenticationLoginBanner,
PreAuthenticationLoginBanner,
ProtocolDetails,
Protocols,
S3StorageOptions,
SecurityPolicyName,
StructuredLogDestinations,
Tags,
WorkflowDetails,
region
)
SELECT
'{{ Certificate }}',
'{{ Domain }}',
'{{ EndpointDetails }}',
'{{ EndpointType }}',
'{{ IdentityProviderDetails }}',
'{{ IdentityProviderType }}',
'{{ LoggingRole }}',
'{{ PostAuthenticationLoginBanner }}',
'{{ PreAuthenticationLoginBanner }}',
'{{ ProtocolDetails }}',
'{{ Protocols }}',
'{{ S3StorageOptions }}',
'{{ SecurityPolicyName }}',
'{{ StructuredLogDestinations }}',
'{{ Tags }}',
'{{ WorkflowDetails }}',
'{{ region }}';
/*+ create */
INSERT INTO aws.transfer.servers (
Certificate,
Domain,
EndpointDetails,
EndpointType,
IdentityProviderDetails,
IdentityProviderType,
LoggingRole,
PostAuthenticationLoginBanner,
PreAuthenticationLoginBanner,
ProtocolDetails,
Protocols,
S3StorageOptions,
SecurityPolicyName,
StructuredLogDestinations,
Tags,
WorkflowDetails,
region
)
SELECT
'{{ Certificate }}',
'{{ Domain }}',
'{{ EndpointDetails }}',
'{{ EndpointType }}',
'{{ IdentityProviderDetails }}',
'{{ IdentityProviderType }}',
'{{ LoggingRole }}',
'{{ PostAuthenticationLoginBanner }}',
'{{ PreAuthenticationLoginBanner }}',
'{{ ProtocolDetails }}',
'{{ Protocols }}',
'{{ S3StorageOptions }}',
'{{ SecurityPolicyName }}',
'{{ StructuredLogDestinations }}',
'{{ Tags }}',
'{{ WorkflowDetails }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: server
props:
- name: Certificate
value: '{{ Certificate }}'
- name: Domain
value: '{{ Domain }}'
- name: EndpointDetails
value:
AddressAllocationIds:
- '{{ AddressAllocationIds[0] }}'
SubnetIds:
- '{{ SubnetIds[0] }}'
VpcEndpointId: '{{ VpcEndpointId }}'
VpcId: '{{ VpcId }}'
SecurityGroupIds:
- '{{ SecurityGroupIds[0] }}'
- name: EndpointType
value: '{{ EndpointType }}'
- name: IdentityProviderDetails
value:
Url: '{{ Url }}'
InvocationRole: '{{ InvocationRole }}'
DirectoryId: '{{ DirectoryId }}'
Function: '{{ Function }}'
SftpAuthenticationMethods: '{{ SftpAuthenticationMethods }}'
- name: IdentityProviderType
value: '{{ IdentityProviderType }}'
- name: LoggingRole
value: '{{ LoggingRole }}'
- name: PostAuthenticationLoginBanner
value: '{{ PostAuthenticationLoginBanner }}'
- name: PreAuthenticationLoginBanner
value: '{{ PreAuthenticationLoginBanner }}'
- name: ProtocolDetails
value:
PassiveIp: '{{ PassiveIp }}'
TlsSessionResumptionMode: '{{ TlsSessionResumptionMode }}'
SetStatOption: '{{ SetStatOption }}'
As2Transports:
- '{{ As2Transports[0] }}'
- name: Protocols
value:
- '{{ Protocols[0] }}'
- name: S3StorageOptions
value:
DirectoryListingOptimization: '{{ DirectoryListingOptimization }}'
- name: SecurityPolicyName
value: '{{ SecurityPolicyName }}'
- name: StructuredLogDestinations
value:
- '{{ StructuredLogDestinations[0] }}'
- name: Tags
value:
- Key: '{{ Key }}'
Value: '{{ Value }}'
- name: WorkflowDetails
value:
OnUpload:
- WorkflowId: '{{ WorkflowId }}'
ExecutionRole: '{{ ExecutionRole }}'
OnPartialUpload:
- null
DELETE
example
/*+ delete */
DELETE FROM aws.transfer.servers
WHERE data__Identifier = '<Arn>'
AND region = 'us-east-1';
Permissions
To operate on the servers
resource, the following permissions are required:
Create
apigateway:GET,
ds:AuthorizeApplication,
ds:DescribeDirectories,
ec2:AssociateAddress,
ec2:CreateVpcEndpoint,
ec2:DescribeAddresses,
ec2:DescribeNetworkInterfaces,
ec2:DescribeVpcEndpoints,
iam:PassRole,
logs:CreateLogDelivery,
logs:DeleteLogDelivery,
logs:DescribeLogGroups,
logs:DescribeResourcePolicies,
logs:GetLogDelivery,
logs:ListLogDeliveries,
logs:PutResourcePolicy,
logs:UpdateLogDelivery,
transfer:CreateServer,
transfer:DescribeServer,
transfer:StartServer,
transfer:StopServer,
transfer:TagResource,
transfer:UpdateServer
Read
ec2:DescribeVpcEndpoints,
transfer:DescribeServer
Update
apigateway:GET,
ec2:AssociateAddress,
ec2:CreateVpcEndpoint,
ec2:DeleteVpcEndpoints,
ec2:DescribeAddresses,
ec2:DescribeNetworkInterfaces,
ec2:DescribeVpcEndpoints,
ec2:DisassociateAddress,
ec2:ModifyVpcEndpoint,
iam:PassRole,
logs:CreateLogDelivery,
logs:DeleteLogDelivery,
logs:DescribeLogGroups,
logs:DescribeResourcePolicies,
logs:GetLogDelivery,
logs:ListLogDeliveries,
logs:PutResourcePolicy,
logs:UpdateLogDelivery,
transfer:DescribeServer,
transfer:StartServer,
transfer:StopServer,
transfer:TagResource,
transfer:UnTagResource,
transfer:UpdateServer
Delete
ds:DescribeDirectories,
ds:UnauthorizeApplication,
ec2:DeleteVpcEndpoints,
ec2:DescribeAddresses,
ec2:DescribeNetworkInterfaces,
ec2:DescribeVpcEndpoints,
ec2:DisassociateAddress,
logs:DeleteLogDelivery,
logs:GetLogDelivery,
logs:ListLogDeliveries,
transfer:DeleteServer
List
transfer:ListServers