servers

Creates, updates, deletes or gets a server resource or lists servers in a region

Overview

Name	`servers`
Type	Resource
Description	Definition of AWS::Transfer::Server Resource Type
Id	`awscc.transfer.servers`

Fields

Name	Datatype	Description
`arn`	`string`
`as2_service_managed_egress_ip_addresses`	`array`	The list of egress IP addresses of this server. These IP addresses are only relevant for servers that use the AS2 protocol. They are used for sending asynchronous MDNs. These IP addresses are assigned automatically when you create an AS2 server. Additionally, if you update an existing server and add the AS2 protocol, static IP addresses are assigned as well.
`certificate`	`string`
`domain`	`string`
▶`endpoint_details`	`object`
`endpoint_type`	`string`
▶`identity_provider_details`	`object`	You can provide a structure that contains the details for the identity provider to use with your web app.
`identity_provider_type`	`string`
`ip_address_type`	`string`
`logging_role`	`string`
`post_authentication_login_banner`	`string`
`pre_authentication_login_banner`	`string`
▶`protocol_details`	`object`
`protocols`	`array`
▶`s3_storage_options`	`object`
`security_policy_name`	`string`
`server_id`	`string`
`state`	`string`
`structured_log_destinations`	`array`
▶`tags`	`array`
▶`workflow_details`	`object`
`region`	`string`	AWS region.

For more information, see AWS::Transfer::Server.

Methods

Name	Accessible by	Required Params
`create_resource`	`INSERT`	`region`
`delete_resource`	`DELETE`	`data__Identifier, region`
`update_resource`	`UPDATE`	`data__Identifier, data__PatchDocument, region`
`list_resources`	`SELECT`	`region`
`get_resource`	`SELECT`	`data__Identifier, region`

`SELECT` examples

Gets all properties from an individual server.

SELECT
region,
arn,
as2_service_managed_egress_ip_addresses,
certificate,
domain,
endpoint_details,
endpoint_type,
identity_provider_details,
identity_provider_type,
ip_address_type,
logging_role,
post_authentication_login_banner,
pre_authentication_login_banner,
protocol_details,
protocols,
s3_storage_options,
security_policy_name,
server_id,
state,
structured_log_destinations,
tags,
workflow_details
FROM awscc.transfer.servers
WHERE region = 'us-east-1' AND data__Identifier = '<Arn>';

`INSERT` example

Use the following StackQL query and manifest file to create a new server resource, using stack-deploy.

Required Properties
All Properties
Manifest

/*+ create */
INSERT INTO awscc.transfer.servers (
 Certificate,
 Domain,
 EndpointDetails,
 EndpointType,
 IdentityProviderDetails,
 IdentityProviderType,
 IpAddressType,
 LoggingRole,
 PostAuthenticationLoginBanner,
 PreAuthenticationLoginBanner,
 ProtocolDetails,
 Protocols,
 S3StorageOptions,
 SecurityPolicyName,
 StructuredLogDestinations,
 Tags,
 WorkflowDetails,
 region
)
SELECT 
'{{ Certificate }}',
 '{{ Domain }}',
 '{{ EndpointDetails }}',
 '{{ EndpointType }}',
 '{{ IdentityProviderDetails }}',
 '{{ IdentityProviderType }}',
 '{{ IpAddressType }}',
 '{{ LoggingRole }}',
 '{{ PostAuthenticationLoginBanner }}',
 '{{ PreAuthenticationLoginBanner }}',
 '{{ ProtocolDetails }}',
 '{{ Protocols }}',
 '{{ S3StorageOptions }}',
 '{{ SecurityPolicyName }}',
 '{{ StructuredLogDestinations }}',
 '{{ Tags }}',
 '{{ WorkflowDetails }}',
'{{ region }}';

/*+ create */
INSERT INTO awscc.transfer.servers (
 Certificate,
 Domain,
 EndpointDetails,
 EndpointType,
 IdentityProviderDetails,
 IdentityProviderType,
 IpAddressType,
 LoggingRole,
 PostAuthenticationLoginBanner,
 PreAuthenticationLoginBanner,
 ProtocolDetails,
 Protocols,
 S3StorageOptions,
 SecurityPolicyName,
 StructuredLogDestinations,
 Tags,
 WorkflowDetails,
 region
)
SELECT 
 '{{ Certificate }}',
 '{{ Domain }}',
 '{{ EndpointDetails }}',
 '{{ EndpointType }}',
 '{{ IdentityProviderDetails }}',
 '{{ IdentityProviderType }}',
 '{{ IpAddressType }}',
 '{{ LoggingRole }}',
 '{{ PostAuthenticationLoginBanner }}',
 '{{ PreAuthenticationLoginBanner }}',
 '{{ ProtocolDetails }}',
 '{{ Protocols }}',
 '{{ S3StorageOptions }}',
 '{{ SecurityPolicyName }}',
 '{{ StructuredLogDestinations }}',
 '{{ Tags }}',
 '{{ WorkflowDetails }}',
 '{{ region }}';

version: 1
name: stack name
description: stack description
providers:
  - aws
globals:
  - name: region
    value: '{{ vars.AWS_REGION }}'
resources:
  - name: server
    props:
      - name: Certificate
        value: '{{ Certificate }}'
      - name: Domain
        value: '{{ Domain }}'
      - name: EndpointDetails
        value:
          AddressAllocationIds:
            - '{{ AddressAllocationIds[0] }}'
          SubnetIds:
            - '{{ SubnetIds[0] }}'
          VpcEndpointId: '{{ VpcEndpointId }}'
          VpcId: '{{ VpcId }}'
          SecurityGroupIds:
            - '{{ SecurityGroupIds[0] }}'
      - name: EndpointType
        value: '{{ EndpointType }}'
      - name: IdentityProviderDetails
        value:
          ApplicationArn: '{{ ApplicationArn }}'
          InstanceArn: '{{ InstanceArn }}'
          Role: '{{ Role }}'
      - name: IdentityProviderType
        value: '{{ IdentityProviderType }}'
      - name: IpAddressType
        value: '{{ IpAddressType }}'
      - name: LoggingRole
        value: '{{ LoggingRole }}'
      - name: PostAuthenticationLoginBanner
        value: '{{ PostAuthenticationLoginBanner }}'
      - name: PreAuthenticationLoginBanner
        value: '{{ PreAuthenticationLoginBanner }}'
      - name: ProtocolDetails
        value:
          PassiveIp: '{{ PassiveIp }}'
          TlsSessionResumptionMode: '{{ TlsSessionResumptionMode }}'
          SetStatOption: '{{ SetStatOption }}'
          As2Transports:
            - '{{ As2Transports[0] }}'
      - name: Protocols
        value:
          - '{{ Protocols[0] }}'
      - name: S3StorageOptions
        value:
          DirectoryListingOptimization: '{{ DirectoryListingOptimization }}'
      - name: SecurityPolicyName
        value: '{{ SecurityPolicyName }}'
      - name: StructuredLogDestinations
        value:
          - '{{ StructuredLogDestinations[0] }}'
      - name: Tags
        value:
          - Key: '{{ Key }}'
            Value: '{{ Value }}'
      - name: WorkflowDetails
        value:
          OnUpload:
            - WorkflowId: '{{ WorkflowId }}'
              ExecutionRole: '{{ ExecutionRole }}'
          OnPartialUpload:
            - null

`DELETE` example

/*+ delete */
DELETE FROM awscc.transfer.servers
WHERE data__Identifier = '<Arn>'
AND region = 'us-east-1';

Permissions

To operate on the servers resource, the following permissions are required:

Create

apigateway:GET,
ds:AuthorizeApplication,
ds:DescribeDirectories,
ec2:AssociateAddress,
ec2:CreateVpcEndpoint,
ec2:DescribeAddresses,
ec2:DescribeNetworkInterfaces,
ec2:DescribeVpcEndpoints,
iam:PassRole,
logs:CreateLogDelivery,
logs:DeleteLogDelivery,
logs:DescribeLogGroups,
logs:DescribeResourcePolicies,
logs:GetLogDelivery,
logs:ListLogDeliveries,
logs:PutResourcePolicy,
logs:UpdateLogDelivery,
transfer:CreateServer,
transfer:DescribeServer,
transfer:StartServer,
transfer:StopServer,
transfer:TagResource,
transfer:UpdateServer

Read

ec2:DescribeVpcEndpoints,
transfer:DescribeServer

Update

apigateway:GET,
ec2:AssociateAddress,
ec2:CreateVpcEndpoint,
ec2:DeleteVpcEndpoints,
ec2:DescribeAddresses,
ec2:DescribeNetworkInterfaces,
ec2:DescribeVpcEndpoints,
ec2:DisassociateAddress,
ec2:ModifyVpcEndpoint,
iam:PassRole,
logs:CreateLogDelivery,
logs:DeleteLogDelivery,
logs:DescribeLogGroups,
logs:DescribeResourcePolicies,
logs:GetLogDelivery,
logs:ListLogDeliveries,
logs:PutResourcePolicy,
logs:UpdateLogDelivery,
transfer:DescribeServer,
transfer:StartServer,
transfer:StopServer,
transfer:TagResource,
transfer:UnTagResource,
transfer:UpdateServer

Delete

ds:DescribeDirectories,
ds:UnauthorizeApplication,
ec2:DeleteVpcEndpoints,
ec2:DescribeAddresses,
ec2:DescribeNetworkInterfaces,
ec2:DescribeVpcEndpoints,
ec2:DisassociateAddress,
logs:DeleteLogDelivery,
logs:GetLogDelivery,
logs:ListLogDeliveries,
transfer:DeleteServer

List

transfer:ListServers

Overview​

Fields​

Methods​

SELECT examples​

INSERT example​

DELETE example​

Permissions​

Create​

Read​

Update​

Delete​

List​