pulumi-aws-kotlin/com.pulumi.aws.transfer.kotlin/ServerArgs

ServerArgs

data class ServerArgs(val certificate: Output<String>? = null, val directoryId: Output<String>? = null, val domain: Output<String>? = null, val endpointDetails: Output<ServerEndpointDetailsArgs>? = null, val endpointType: Output<String>? = null, val forceDestroy: Output<Boolean>? = null, val function: Output<String>? = null, val hostKey: Output<String>? = null, val identityProviderType: Output<String>? = null, val invocationRole: Output<String>? = null, val loggingRole: Output<String>? = null, val postAuthenticationLoginBanner: Output<String>? = null, val preAuthenticationLoginBanner: Output<String>? = null, val protocolDetails: Output<ServerProtocolDetailsArgs>? = null, val protocols: Output<List<String>>? = null, val securityPolicyName: Output<String>? = null, val tags: Output<Map<String, String>>? = null, val url: Output<String>? = null, val workflowDetails: Output<ServerWorkflowDetailsArgs>? = null) : ConvertibleToJava<ServerArgs>

Provides a AWS Transfer Server resource.

NOTE on AWS IAM permissions: If the endpoint_type is set to VPC, the ec2:DescribeVpcEndpoints and ec2:ModifyVpcEndpoint actions are used. NOTE: Use the aws.transfer.Tag resource to manage the system tags used for custom hostnames.

Example Usage

Basic

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Server;
import com.pulumi.aws.transfer.ServerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Server("example", ServerArgs.builder()
            .tags(Map.of("Name", "Example"))
            .build());
    }
}
Content copied to clipboard

Security Policy Name

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Server;
import com.pulumi.aws.transfer.ServerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Server("example", ServerArgs.builder()
            .securityPolicyName("TransferSecurityPolicy-2020-06")
            .build());
    }
}
Content copied to clipboard

VPC Endpoint

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Server;
import com.pulumi.aws.transfer.ServerArgs;
import com.pulumi.aws.transfer.inputs.ServerEndpointDetailsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Server("example", ServerArgs.builder()
            .endpointType("VPC")
            .endpointDetails(ServerEndpointDetailsArgs.builder()
                .addressAllocationIds(aws_eip.example().id())
                .subnetIds(aws_subnet.example().id())
                .vpcId(aws_vpc.example().id())
                .build())
            .build());
    }
}
Content copied to clipboard

AWS Directory authentication

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Server;
import com.pulumi.aws.transfer.ServerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Server("example", ServerArgs.builder()
            .identityProviderType("AWS_DIRECTORY_SERVICE")
            .directoryId(aws_directory_service_directory.example().id())
            .build());
    }
}
Content copied to clipboard

AWS Lambda authentication

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Server;
import com.pulumi.aws.transfer.ServerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Server("example", ServerArgs.builder()
            .identityProviderType("AWS_LAMBDA")
            .function(aws_lambda_identity_provider.example().arn())
            .build());
    }
}
Content copied to clipboard

Protocols

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Server;
import com.pulumi.aws.transfer.ServerArgs;
import com.pulumi.aws.transfer.inputs.ServerEndpointDetailsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Server("example", ServerArgs.builder()
            .endpointType("VPC")
            .endpointDetails(ServerEndpointDetailsArgs.builder()
                .subnetIds(aws_subnet.example().id())
                .vpcId(aws_vpc.example().id())
                .build())
            .protocols(
                "FTP",
                "FTPS")
            .certificate(aws_acm_certificate.example().arn())
            .identityProviderType("API_GATEWAY")
            .url(String.format("%s%s", aws_api_gateway_deployment.example().invoke_url(),aws_api_gateway_resource.example().path()))
            .build());
    }
}
Content copied to clipboard

Import

Transfer Servers can be imported using the server id, e.g.,

$ pulumi import aws:transfer/server:Server example s-12345678
Content copied to clipboard

Certain resource arguments, such as host_key, cannot be read via the API and imported into the provider. This provider will display a difference for these arguments the first run after import if declared in the provider configuration for an imported resource.

Constructors

Link copied to clipboard
constructor(certificate: Output<String>? = null, directoryId: Output<String>? = null, domain: Output<String>? = null, endpointDetails: Output<ServerEndpointDetailsArgs>? = null, endpointType: Output<String>? = null, forceDestroy: Output<Boolean>? = null, function: Output<String>? = null, hostKey: Output<String>? = null, identityProviderType: Output<String>? = null, invocationRole: Output<String>? = null, loggingRole: Output<String>? = null, postAuthenticationLoginBanner: Output<String>? = null, preAuthenticationLoginBanner: Output<String>? = null, protocolDetails: Output<ServerProtocolDetailsArgs>? = null, protocols: Output<List<String>>? = null, securityPolicyName: Output<String>? = null, tags: Output<Map<String, String>>? = null, url: Output<String>? = null, workflowDetails: Output<ServerWorkflowDetailsArgs>? = null)

Properties

Link copied to clipboard
val certificate: Output<String>? = null

The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM) certificate. This is required when protocols is set to FTPS

Link copied to clipboard
val directoryId: Output<String>? = null

The directory service ID of the directory service you want to connect to with an identity_provider_type of AWS_DIRECTORY_SERVICE.

Link copied to clipboard
val domain: Output<String>? = null

The domain of the storage system that is used for file transfers. Valid values are: S3 and EFS. The default value is S3.

Link copied to clipboard
val endpointDetails: Output<ServerEndpointDetailsArgs>? = null

The virtual private cloud (VPC) endpoint settings that you want to configure for your SFTP server. Fields documented below.

Link copied to clipboard
val endpointType: Output<String>? = null

The type of endpoint that you want your SFTP server connect to. If you connect to a VPC (or VPC_ENDPOINT), your SFTP server isn't accessible over the public internet. If you want to connect your SFTP server via public internet, set PUBLIC. Defaults to PUBLIC.

Link copied to clipboard
val forceDestroy: Output<Boolean>? = null

A boolean that indicates all users associated with the server should be deleted so that the Server can be destroyed without error. The default value is false. This option only applies to servers configured with a SERVICE_MANAGED identity_provider_type.

Link copied to clipboard
val function: Output<String>? = null

The ARN for a lambda function to use for the Identity provider.

Link copied to clipboard
val hostKey: Output<String>? = null

RSA, ECDSA, or ED25519 private key (e.g., as generated by the ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key, ssh-keygen -t ecdsa -b 256 -N "" -m PEM -f my-new-server-key or ssh-keygen -t ed25519 -N "" -f my-new-server-key commands).

Link copied to clipboard
val identityProviderType: Output<String>? = null

The mode of authentication enabled for this service. The default value is SERVICE_MANAGED, which allows you to store and access SFTP user credentials within the service. API_GATEWAY indicates that user authentication requires a call to an API Gateway endpoint URL provided by you to integrate an identity provider of your choice. Using AWS_DIRECTORY_SERVICE will allow for authentication against AWS Managed Active Directory or Microsoft Active Directory in your on-premises environment, or in AWS using AD Connectors. Use the AWS_LAMBDA value to directly use a Lambda function as your identity provider. If you choose this value, you must specify the ARN for the lambda function in the function argument.

Link copied to clipboard
val invocationRole: Output<String>? = null

Amazon Resource Name (ARN) of the IAM role used to authenticate the user account with an identity_provider_type of API_GATEWAY.

Link copied to clipboard
val loggingRole: Output<String>? = null

Amazon Resource Name (ARN) of an IAM role that allows the service to write your SFTP users’ activity to your Amazon CloudWatch logs for monitoring and auditing purposes.

Link copied to clipboard
val postAuthenticationLoginBanner: Output<String>? = null

Specify a string to display when users connect to a server. This string is displayed after the user authenticates. The SFTP protocol does not support post-authentication display banners.

Link copied to clipboard
val preAuthenticationLoginBanner: Output<String>? = null

Specify a string to display when users connect to a server. This string is displayed before the user authenticates.

Link copied to clipboard
val protocolDetails: Output<ServerProtocolDetailsArgs>? = null

The protocol settings that are configured for your server.

Link copied to clipboard
val protocols: Output<List<String>>? = null

Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. This defaults to SFTP . The available protocols are:

Link copied to clipboard
val securityPolicyName: Output<String>? = null

Specifies the name of the security policy that is attached to the server. Possible values are TransferSecurityPolicy-2018-11, TransferSecurityPolicy-2020-06, TransferSecurityPolicy-FIPS-2020-06 and TransferSecurityPolicy-2022-03. Default value is: TransferSecurityPolicy-2018-11.

Link copied to clipboard
val tags: Output<Map<String, String>>? = null

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Link copied to clipboard
val url: Output<String>? = null

URL of the service endpoint used to authenticate users with an identity_provider_type of API_GATEWAY.

Link copied to clipboard
val workflowDetails: Output<ServerWorkflowDetailsArgs>? = null

Specifies the workflow details. See Workflow Details below.

Functions

Link copied to clipboard
open override fun toJava(): ServerArgs