Server is the Schema for the Servers API
Type
CRD
Group
transfer.aws.crossplane.io
Version
v1alpha1
apiVersion: transfer.aws.crossplane.io/v1alpha1
kind: Server
ServerSpec defines the desired state of Server
ServerParameters defines the desired state of Server
CertificateRef is a reference to a Certificate.
Policies for referencing.
CertificateSelector selects references to a Certificate.
Policies for selection.
The virtual private cloud (VPC) endpoint settings that are configured for your server. When you host your endpoint within your VPC, you can make it accessible only to resources within your VPC, or you can attach Elastic IPs and make it accessible to clients over the internet. Your VPC's default security groups are automatically assigned to your endpoint.
AddressAllocationIDRefs is a list of references to AddressAllocationID used to set the AddressAllocationIDs.
Policies for referencing.
AddressAllocationIDSelector selects references to AddressAllocationID used to set the AddressAllocationIDs.
Policies for selection.
A list of address allocation IDs that are required to attach an Elastic IP address to your server's endpoint.
This property can only be set when EndpointType is set to VPC and it is only valid in the UpdateServer API.
SecurityGroupIDRefs is a list of references to SecurityGroups used to set the SecurityGroupIDs.
Policies for referencing.
SecurityGroupIDsSelector selects references to SecurityGroupID used to set the SecurityGroupIDs.
Policies for selection.
A list of security groups IDs that are available to attach to your server's endpoint.
This property can only be set when EndpointType is set to VPC.
You can edit the SecurityGroupIds property in the UpdateServer (https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html) API only if you are changing the EndpointType from PUBLIC or VPC_ENDPOINT to VPC. To change security groups associated with your server's VPC endpoint after creation, use the Amazon EC2 ModifyVpcEndpoint (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html) API.
SubnetIDRefs is a list of references to Subnets used to set the SubnetIDs.
Policies for referencing.
SubnetIDSelector selects references to Subnets used to set the SubnetIds.
Policies for selection.
A list of subnet IDs that are required to host your server endpoint in your VPC.
This property can only be set when EndpointType is set to VPC.
VPCEndpointIDRef is a reference to a VPCEndpointID.
Policies for referencing.
VPCEndpointIDSelector selects references to a VPCEndpointID.
Policies for selection.
VPCIDRef is a reference to a VPCID.
Policies for referencing.
VPCIDSelector selects references to a VPCID.
Policies for selection.
Required when IdentityProviderType is set to AWS_DIRECTORY_SERVICE, Amazon Web Services_LAMBDA or API_GATEWAY. Accepts an array containing all of the information required to use a directory in AWS_DIRECTORY_SERVICE or invoke a customer-supplied authentication API, including the API Gateway URL. Not required when IdentityProviderType is set to SERVICE_MANAGED.
LoggingRoleRef is a reference to a IAM role.
Policies for referencing.
LoggingRoleSelector selects references to a IAM role.
Policies for selection.
The protocol settings that are configured for your server.
-
To indicate passive mode (for FTP and FTPS protocols), use the PassiveIp parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.
-
To ignore the error that is generated when the client attempts to use the SETSTAT command on a file that you are uploading to an Amazon S3 bucket, use the SetStatOption parameter. To have the Transfer Family server ignore the SETSTAT command and upload files without needing to make any changes to your SFTP client, set the value to ENABLE_NO_OP. If you set the SetStatOption parameter to ENABLE_NO_OP, Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a SETSTAT call.
-
To determine whether your Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the TlsSessionResumptionMode parameter.
-
As2Transports indicates the transport method for the AS2 messages. Currently, only HTTP is supported.
No description provided.
Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:
-
SFTP (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH
-
FTPS (File Transfer Protocol Secure): File transfer with TLS encryption
-
FTP (File Transfer Protocol): Unencrypted file transfer
-
AS2 (Applicability Statement 2): used for transporting structured business-to-business data
-
If you select FTPS, you must choose a certificate stored in Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.
-
If Protocol includes either FTP or FTPS, then the EndpointType must be VPC and the IdentityProviderType must be either AWS_DIRECTORY_SERVICE, AWS_LAMBDA, or API_GATEWAY.
-
If Protocol includes FTP, then AddressAllocationIds cannot be associated.
-
If Protocol is set only to SFTP, the EndpointType can be set to PUBLIC and the IdentityProviderType can be set any of the supported identity types: SERVICE_MANAGED, AWS_DIRECTORY_SERVICE, AWS_LAMBDA, or API_GATEWAY.
-
If Protocol includes AS2, then the EndpointType must be VPC, and domain must be Amazon S3.
Specifies the log groups to which your server logs are sent.
To specify a log group, you must provide the ARN for an existing log group. In this case, the format of the log group is as follows:
arn:aws:logs:region-name:amazon-account-id:log-group:log-group-name:*
For example, arn:aws:logs:us-east-1:111122223333:log-group:mytestgroup:*
If you have previously specified a log group for a server, you can clear it, and in effect turn off structured logging, by providing an empty value for this parameter in an update-server call. For example:
update-server --server-id s-1234567890abcdef0 --structured-log-destinations
Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow.
In addition to a workflow to execute when a file is uploaded completely, WorkflowDetails can also contain a workflow ID (and execution role) for a workflow to execute on partial upload. A partial upload occurs when the server session disconnects while the file is still being uploaded.
No description provided.
No description provided.
THIS IS A BETA FIELD. It is on by default but can be opted out through a Crossplane feature flag. ManagementPolicies specify the array of actions Crossplane is allowed to take on the managed and external resources. This field is planned to replace the DeletionPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. If both are custom, the DeletionPolicy field will be ignored. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md
ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.
Policies for referencing.
PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.
WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.
ServerStatus defines the observed state of Server.
ServerObservation defines the observed state of Server
Conditions of the resource.
example
apiVersion: transfer.aws.crossplane.io/v1alpha1
kind: Server
metadata:
name: example
spec:
forProvider:
domain: S3
endpointDetails:
securityGroupIDRefs:
- name: sample-cluster-sg
subnetIDRefs:
- name: sample-subnet1
vpcIDRef:
name: sample-vpc
endpointType: VPC
identityProviderType: SERVICE_MANAGED
protocols:
- SFTP
region: us-east-1
securityPolicyName: TransferSecurityPolicy-2020-06
tags:
- key: myKey
value: myValue
providerConfigRef:
name: example
writeConnectionSecretToRef:
name: example-conn
namespace: default