servers

Creates, updates, deletes or gets a server resource or lists servers in a region

Overview

Name	`servers`
Type	Resource
Description	Definition of AWS::Transfer::Server Resource Type
Id	`awscc.transfer.servers`

Fields

get (all properties)
list (identifiers only)

Name	Datatype	Description
`arn`	`string`
`as2_service_managed_egress_ip_addresses`	`array`	The list of egress IP addresses of this server. These IP addresses are only relevant for servers that use the AS2 protocol. They are used for sending asynchronous MDNs. These IP addresses are assigned automatically when you create an AS2 server. Additionally, if you update an existing server and add the AS2 protocol, static IP addresses are assigned as well.
`certificate`	`string`
`domain`	`string`
▶`endpoint_details`	`object`
`endpoint_type`	`string`
▶`identity_provider_details`	`object`	You can provide a structure that contains the details for the identity provider to use with your web app.
`identity_provider_type`	`string`
`ip_address_type`	`string`
`logging_role`	`string`
`post_authentication_login_banner`	`string`
`pre_authentication_login_banner`	`string`
▶`protocol_details`	`object`
`protocols`	`array`
▶`s3_storage_options`	`object`
`security_policy_name`	`string`
`server_id`	`string`
`state`	`string`
`structured_log_destinations`	`array`
▶`tags`	`array`
▶`workflow_details`	`object`
`region`	`string`	AWS region.

Name	Datatype	Description
`arn`	`string`
`region`	`string`	AWS region.

For more information, see AWS::Transfer::Server.

Methods

Name	Resource	Accessible by	Required Params
`create_resource`	`servers`	`INSERT`	`region`
`delete_resource`	`servers`	`DELETE`	`Identifier, region`
`update_resource`	`servers`	`UPDATE`	`Identifier, PatchDocument, region`
`list_resources`	`servers_list_only`	`SELECT`	`region`
`get_resource`	`servers`	`SELECT`	`Identifier, region`

`SELECT` examples

get (all properties)
list (identifiers only)

Gets all properties from an individual server.

SELECT
  region,
  arn,
  as2_service_managed_egress_ip_addresses,
  certificate,
  domain,
  endpoint_details,
  endpoint_type,
  identity_provider_details,
  identity_provider_type,
  ip_address_type,
  logging_role,
  post_authentication_login_banner,
  pre_authentication_login_banner,
  protocol_details,
  protocols,
  s3_storage_options,
  security_policy_name,
  server_id,
  state,
  structured_log_destinations,
  tags,
  workflow_details
FROM awscc.transfer.servers
WHERE
  region = 'us-east-1' AND
  Identifier = '{{ arn }}';

Lists all servers in a region.

SELECT
  region,
  arn
FROM awscc.transfer.servers_list_only
WHERE
  region = 'us-east-1';

`INSERT` example

Use the following StackQL query and manifest file to create a new server resource, using stack-deploy.

Required Properties
All Properties
Manifest

/*+ create */
INSERT INTO awscc.transfer.servers (
  Certificate,
  Domain,
  EndpointDetails,
  EndpointType,
  IdentityProviderDetails,
  IdentityProviderType,
  IpAddressType,
  LoggingRole,
  PostAuthenticationLoginBanner,
  PreAuthenticationLoginBanner,
  ProtocolDetails,
  Protocols,
  S3StorageOptions,
  SecurityPolicyName,
  StructuredLogDestinations,
  Tags,
  WorkflowDetails,
  region
)
SELECT
  '{{ certificate }}',
  '{{ domain }}',
  '{{ endpoint_details }}',
  '{{ endpoint_type }}',
  '{{ identity_provider_details }}',
  '{{ identity_provider_type }}',
  '{{ ip_address_type }}',
  '{{ logging_role }}',
  '{{ post_authentication_login_banner }}',
  '{{ pre_authentication_login_banner }}',
  '{{ protocol_details }}',
  '{{ protocols }}',
  '{{ s3_storage_options }}',
  '{{ security_policy_name }}',
  '{{ structured_log_destinations }}',
  '{{ tags }}',
  '{{ workflow_details }}',
  '{{ region }}';

/*+ create */
INSERT INTO awscc.transfer.servers (
  Certificate,
  Domain,
  EndpointDetails,
  EndpointType,
  IdentityProviderDetails,
  IdentityProviderType,
  IpAddressType,
  LoggingRole,
  PostAuthenticationLoginBanner,
  PreAuthenticationLoginBanner,
  ProtocolDetails,
  Protocols,
  S3StorageOptions,
  SecurityPolicyName,
  StructuredLogDestinations,
  Tags,
  WorkflowDetails,
  region
)
SELECT
  '{{ certificate }}',
  '{{ domain }}',
  '{{ endpoint_details }}',
  '{{ endpoint_type }}',
  '{{ identity_provider_details }}',
  '{{ identity_provider_type }}',
  '{{ ip_address_type }}',
  '{{ logging_role }}',
  '{{ post_authentication_login_banner }}',
  '{{ pre_authentication_login_banner }}',
  '{{ protocol_details }}',
  '{{ protocols }}',
  '{{ s3_storage_options }}',
  '{{ security_policy_name }}',
  '{{ structured_log_destinations }}',
  '{{ tags }}',
  '{{ workflow_details }}',
  '{{ region }}';

version: 1
name: stack name
description: stack description
providers:
  - aws
globals:
  - name: region
    value: '{{ vars.AWS_REGION }}'
resources:
  - name: server
    props:
      - name: certificate
        value: '{{ certificate }}'
      - name: domain
        value: '{{ domain }}'
      - name: endpoint_details
        value:
          address_allocation_ids:
            - '{{ address_allocation_ids[0] }}'
          subnet_ids:
            - '{{ subnet_ids[0] }}'
          vpc_endpoint_id: '{{ vpc_endpoint_id }}'
          vpc_id: '{{ vpc_id }}'
          security_group_ids:
            - '{{ security_group_ids[0] }}'
      - name: endpoint_type
        value: '{{ endpoint_type }}'
      - name: identity_provider_details
        value:
          application_arn: '{{ application_arn }}'
          instance_arn: '{{ instance_arn }}'
          role: '{{ role }}'
      - name: identity_provider_type
        value: '{{ identity_provider_type }}'
      - name: ip_address_type
        value: '{{ ip_address_type }}'
      - name: logging_role
        value: '{{ logging_role }}'
      - name: post_authentication_login_banner
        value: '{{ post_authentication_login_banner }}'
      - name: pre_authentication_login_banner
        value: '{{ pre_authentication_login_banner }}'
      - name: protocol_details
        value:
          passive_ip: '{{ passive_ip }}'
          tls_session_resumption_mode: '{{ tls_session_resumption_mode }}'
          set_stat_option: '{{ set_stat_option }}'
          as2_transports:
            - '{{ as2_transports[0] }}'
      - name: protocols
        value:
          - '{{ protocols[0] }}'
      - name: s3_storage_options
        value:
          directory_listing_optimization: '{{ directory_listing_optimization }}'
      - name: security_policy_name
        value: '{{ security_policy_name }}'
      - name: structured_log_destinations
        value:
          - '{{ structured_log_destinations[0] }}'
      - name: tags
        value:
          - key: '{{ key }}'
            value: '{{ value }}'
      - name: workflow_details
        value:
          on_upload:
            - workflow_id: '{{ workflow_id }}'
              execution_role: '{{ execution_role }}'
          on_partial_upload:
            - null

`UPDATE` example

Use the following StackQL query and manifest file to update a server resource, using stack-deploy.

/*+ update */
UPDATE awscc.transfer.servers
SET PatchDocument = string('{{ {
    "Certificate": certificate,
    "EndpointDetails": endpoint_details,
    "EndpointType": endpoint_type,
    "IdentityProviderDetails": identity_provider_details,
    "IpAddressType": ip_address_type,
    "LoggingRole": logging_role,
    "PostAuthenticationLoginBanner": post_authentication_login_banner,
    "PreAuthenticationLoginBanner": pre_authentication_login_banner,
    "ProtocolDetails": protocol_details,
    "Protocols": protocols,
    "S3StorageOptions": s3_storage_options,
    "SecurityPolicyName": security_policy_name,
    "StructuredLogDestinations": structured_log_destinations,
    "Tags": tags,
    "WorkflowDetails": workflow_details
} | generate_patch_document }}')
WHERE
  region = '{{ region }}' AND
  Identifier = '{{ arn }}';

`DELETE` example

/*+ delete */
DELETE FROM awscc.transfer.servers
WHERE
  Identifier = '{{ arn }}' AND
  region = 'us-east-1';

Permissions

To operate on the servers resource, the following permissions are required:

Create
Read
Update
Delete
List

apigateway:GET,
ds:AuthorizeApplication,
ds:DescribeDirectories,
ec2:AssociateAddress,
ec2:CreateVpcEndpoint,
ec2:DescribeAddresses,
ec2:DescribeNetworkInterfaces,
ec2:DescribeVpcEndpoints,
iam:PassRole,
logs:CreateLogDelivery,
logs:DeleteLogDelivery,
logs:DescribeLogGroups,
logs:DescribeResourcePolicies,
logs:GetLogDelivery,
logs:ListLogDeliveries,
logs:PutResourcePolicy,
logs:UpdateLogDelivery,
transfer:CreateServer,
transfer:DescribeServer,
transfer:StartServer,
transfer:StopServer,
transfer:TagResource,
transfer:UpdateServer

ec2:DescribeVpcEndpoints,
transfer:DescribeServer

apigateway:GET,
ec2:AssociateAddress,
ec2:CreateVpcEndpoint,
ec2:DeleteVpcEndpoints,
ec2:DescribeAddresses,
ec2:DescribeNetworkInterfaces,
ec2:DescribeVpcEndpoints,
ec2:DisassociateAddress,
ec2:ModifyVpcEndpoint,
iam:PassRole,
logs:CreateLogDelivery,
logs:DeleteLogDelivery,
logs:DescribeLogGroups,
logs:DescribeResourcePolicies,
logs:GetLogDelivery,
logs:ListLogDeliveries,
logs:PutResourcePolicy,
logs:UpdateLogDelivery,
transfer:DescribeServer,
transfer:StartServer,
transfer:StopServer,
transfer:TagResource,
transfer:UnTagResource,
transfer:UpdateServer

ds:DescribeDirectories,
ds:UnauthorizeApplication,
ec2:DeleteVpcEndpoints,
ec2:DescribeAddresses,
ec2:DescribeNetworkInterfaces,
ec2:DescribeVpcEndpoints,
ec2:DisassociateAddress,
logs:DeleteLogDelivery,
logs:GetLogDelivery,
logs:ListLogDeliveries,
transfer:DeleteServer

transfer:ListServers

Overview​

Fields​

Methods​

SELECT examples​

INSERT example​

UPDATE example​

DELETE example​

Permissions​