Skip to main content

servers

Creates, updates, deletes or gets a server resource or lists servers in a region

Overview

Nameservers
TypeResource
DescriptionDefinition of AWS::Transfer::Server Resource Type
Idaws.transfer.servers

Fields

NameDatatypeDescription
arnstring
as2_service_managed_egress_ip_addressesarrayThe list of egress IP addresses of this server. These IP addresses are only relevant for servers that use the AS2 protocol. They are used for sending asynchronous MDNs. These IP addresses are assigned automatically when you create an AS2 server. Additionally, if you update an existing server and add the AS2 protocol, static IP addresses are assigned as well.
certificatestring
domainstring
endpoint_detailsobject
endpoint_typestring
identity_provider_detailsobject
identity_provider_typestring
logging_rolestring
post_authentication_login_bannerstring
pre_authentication_login_bannerstring
protocol_detailsobject
protocolsarray
s3_storage_optionsobject
security_policy_namestring
server_idstring
statestring
structured_log_destinationsarray
tagsarray
workflow_detailsobject
regionstringAWS region.

For more information, see AWS::Transfer::Server.

Methods

NameAccessible byRequired Params
delete_resourceDELETEdata__Identifier, region
create_resourceINSERTregion
update_resourceUPDATEdata__Identifier, data__PatchDocument, region
list_resourcesSELECTregion
get_resourceSELECTdata__Identifier, region

SELECT examples

Gets all servers in a region.

SELECT
region,
arn,
as2_service_managed_egress_ip_addresses,
certificate,
domain,
endpoint_details,
endpoint_type,
identity_provider_details,
identity_provider_type,
logging_role,
post_authentication_login_banner,
pre_authentication_login_banner,
protocol_details,
protocols,
s3_storage_options,
security_policy_name,
server_id,
state,
structured_log_destinations,
tags,
workflow_details
FROM aws.transfer.servers
WHERE region = 'us-east-1';

Gets all properties from an individual server.

SELECT
region,
arn,
as2_service_managed_egress_ip_addresses,
certificate,
domain,
endpoint_details,
endpoint_type,
identity_provider_details,
identity_provider_type,
logging_role,
post_authentication_login_banner,
pre_authentication_login_banner,
protocol_details,
protocols,
s3_storage_options,
security_policy_name,
server_id,
state,
structured_log_destinations,
tags,
workflow_details
FROM aws.transfer.servers
WHERE region = 'us-east-1' AND data__Identifier = '<Arn>';

INSERT example

Use the following StackQL query and manifest file to create a new server resource, using stack-deploy.

/*+ create */
INSERT INTO aws.transfer.servers (
Certificate,
Domain,
EndpointDetails,
EndpointType,
IdentityProviderDetails,
IdentityProviderType,
LoggingRole,
PostAuthenticationLoginBanner,
PreAuthenticationLoginBanner,
ProtocolDetails,
Protocols,
S3StorageOptions,
SecurityPolicyName,
StructuredLogDestinations,
Tags,
WorkflowDetails,
region
)
SELECT
'{{ Certificate }}',
'{{ Domain }}',
'{{ EndpointDetails }}',
'{{ EndpointType }}',
'{{ IdentityProviderDetails }}',
'{{ IdentityProviderType }}',
'{{ LoggingRole }}',
'{{ PostAuthenticationLoginBanner }}',
'{{ PreAuthenticationLoginBanner }}',
'{{ ProtocolDetails }}',
'{{ Protocols }}',
'{{ S3StorageOptions }}',
'{{ SecurityPolicyName }}',
'{{ StructuredLogDestinations }}',
'{{ Tags }}',
'{{ WorkflowDetails }}',
'{{ region }}';

DELETE example

/*+ delete */
DELETE FROM aws.transfer.servers
WHERE data__Identifier = '<Arn>'
AND region = 'us-east-1';

Permissions

To operate on the servers resource, the following permissions are required:

Create

apigateway:GET,
ds:AuthorizeApplication,
ds:DescribeDirectories,
ec2:AssociateAddress,
ec2:CreateVpcEndpoint,
ec2:DescribeAddresses,
ec2:DescribeNetworkInterfaces,
ec2:DescribeVpcEndpoints,
iam:PassRole,
logs:CreateLogDelivery,
logs:DeleteLogDelivery,
logs:DescribeLogGroups,
logs:DescribeResourcePolicies,
logs:GetLogDelivery,
logs:ListLogDeliveries,
logs:PutResourcePolicy,
logs:UpdateLogDelivery,
transfer:CreateServer,
transfer:DescribeServer,
transfer:StartServer,
transfer:StopServer,
transfer:TagResource,
transfer:UpdateServer

Read

ec2:DescribeVpcEndpoints,
transfer:DescribeServer

Update

apigateway:GET,
ec2:AssociateAddress,
ec2:CreateVpcEndpoint,
ec2:DeleteVpcEndpoints,
ec2:DescribeAddresses,
ec2:DescribeNetworkInterfaces,
ec2:DescribeVpcEndpoints,
ec2:DisassociateAddress,
ec2:ModifyVpcEndpoint,
iam:PassRole,
logs:CreateLogDelivery,
logs:DeleteLogDelivery,
logs:DescribeLogGroups,
logs:DescribeResourcePolicies,
logs:GetLogDelivery,
logs:ListLogDeliveries,
logs:PutResourcePolicy,
logs:UpdateLogDelivery,
transfer:DescribeServer,
transfer:StartServer,
transfer:StopServer,
transfer:TagResource,
transfer:UnTagResource,
transfer:UpdateServer

Delete

ds:DescribeDirectories,
ds:UnauthorizeApplication,
ec2:DeleteVpcEndpoints,
ec2:DescribeAddresses,
ec2:DescribeNetworkInterfaces,
ec2:DescribeVpcEndpoints,
ec2:DisassociateAddress,
logs:DeleteLogDelivery,
logs:GetLogDelivery,
logs:ListLogDeliveries,
transfer:DeleteServer

List

transfer:ListServers