/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
/*
* Do not modify this file. This file is generated from the transfer-2018-11-05.normal.json service model.
*/
using System;
using System.Collections.Generic;
using System.Xml.Serialization;
using System.Text;
using System.IO;
using System.Net;
using Amazon.Runtime;
using Amazon.Runtime.Internal;
namespace Amazon.Transfer.Model
{
///
/// Container for the parameters to the CreateAccess operation.
/// Used by administrators to choose which groups in the directory should have access
/// to upload and download files over the enabled protocols using Transfer Family. For
/// example, a Microsoft Active Directory might contain 50,000 users, but only a small
/// fraction might need the ability to transfer files to the server. An administrator
/// can use CreateAccess to limit the access to the correct set of users
/// who need this ability.
///
public partial class CreateAccessRequest : AmazonTransferRequest
{
private string _externalId;
private string _homeDirectory;
private List _homeDirectoryMappings = new List();
private HomeDirectoryType _homeDirectoryType;
private string _policy;
private PosixProfile _posixProfile;
private string _role;
private string _serverId;
///
/// Gets and sets the property ExternalId.
///
/// A unique identifier that is required to identify specific groups within your directory.
/// The users of the group that you associate have access to your Amazon S3 or Amazon
/// EFS resources over the enabled protocols using Transfer Family. If you know the group
/// name, you can view the SID values by running the following command using Windows PowerShell.
///
///
///
/// Get-ADGroup -Filter {samAccountName -like "YourGroupName*"} -Properties
/// * | Select SamAccountName,ObjectSid
///
///
///
/// In that command, replace YourGroupName with the name of your Active Directory
/// group.
///
///
///
/// The regular expression used to validate this parameter is a string of characters consisting
/// of uppercase and lowercase alphanumeric characters with no spaces. You can also include
/// underscores or any of the following characters: =,.@:/-
///
///
[AWSProperty(Required=true, Min=1, Max=256)]
public string ExternalId
{
get { return this._externalId; }
set { this._externalId = value; }
}
// Check to see if ExternalId property is set
internal bool IsSetExternalId()
{
return this._externalId != null;
}
///
/// Gets and sets the property HomeDirectory.
///
/// The landing directory (folder) for a user when they log in to the server using the
/// client.
///
///
///
/// A HomeDirectory example is /bucket_name/home/mydirectory.
///
///
[AWSProperty(Max=1024)]
public string HomeDirectory
{
get { return this._homeDirectory; }
set { this._homeDirectory = value; }
}
// Check to see if HomeDirectory property is set
internal bool IsSetHomeDirectory()
{
return this._homeDirectory != null;
}
///
/// Gets and sets the property HomeDirectoryMappings.
///
/// Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys
/// should be visible to your user and how you want to make them visible. You must specify
/// the Entry and Target pair, where Entry shows
/// how the path is made visible and Target is the actual Amazon S3 or Amazon
/// EFS path. If you only specify a target, it is displayed as is. You also must ensure
/// that your Identity and Access Management (IAM) role provides access to paths in Target.
/// This value can be set only when HomeDirectoryType is set to LOGICAL.
///
///
///
/// The following is an Entry and Target pair example.
///
///
///
/// [ { "Entry": "/directory1", "Target": "/bucket_name/home/mydirectory" } ]
///
///
///
///
/// In most cases, you can use this value instead of the session policy to lock down your
/// user to the designated home directory ("chroot"). To do this, you can
/// set Entry to / and set Target to the HomeDirectory
/// parameter value.
///
///
///
/// The following is an Entry and Target pair example for chroot.
///
///
///
/// [ { "Entry": "/", "Target": "/bucket_name/home/mydirectory" } ]
///
///
[AWSProperty(Min=1, Max=50)]
public List HomeDirectoryMappings
{
get { return this._homeDirectoryMappings; }
set { this._homeDirectoryMappings = value; }
}
// Check to see if HomeDirectoryMappings property is set
internal bool IsSetHomeDirectoryMappings()
{
return this._homeDirectoryMappings != null && this._homeDirectoryMappings.Count > 0;
}
///
/// Gets and sets the property HomeDirectoryType.
///
/// The type of landing directory (folder) that you want your users' home directory to
/// be when they log in to the server. If you set it to PATH, the user will
/// see the absolute Amazon S3 bucket or EFS paths as is in their file transfer protocol
/// clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings
/// for how you want to make Amazon S3 or Amazon EFS paths visible to your users.
///
///
public HomeDirectoryType HomeDirectoryType
{
get { return this._homeDirectoryType; }
set { this._homeDirectoryType = value; }
}
// Check to see if HomeDirectoryType property is set
internal bool IsSetHomeDirectoryType()
{
return this._homeDirectoryType != null;
}
///
/// Gets and sets the property Policy.
///
/// A session policy for your user so that you can use the same Identity and Access Management
/// (IAM) role across multiple users. This policy scopes down a user's access to portions
/// of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName},
/// ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.
///
///
///
/// This policy applies only when the domain of ServerId is Amazon S3. Amazon
/// EFS does not use session policies.
///
///
///
/// For session policies, Transfer Family stores the policy as a JSON blob, instead of
/// the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and
/// pass it in the Policy argument.
///
///
///
/// For an example of a session policy, see Example
/// session policy.
///
///
///
/// For more information, see AssumeRole
/// in the Security Token Service API Reference.
///
///
///
[AWSProperty(Max=2048)]
public string Policy
{
get { return this._policy; }
set { this._policy = value; }
}
// Check to see if Policy property is set
internal bool IsSetPolicy()
{
return this._policy != null;
}
///
/// Gets and sets the property PosixProfile.
///
public PosixProfile PosixProfile
{
get { return this._posixProfile; }
set { this._posixProfile = value; }
}
// Check to see if PosixProfile property is set
internal bool IsSetPosixProfile()
{
return this._posixProfile != null;
}
///
/// Gets and sets the property Role.
///
/// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that
/// controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The
/// policies attached to this role determine the level of access that you want to provide
/// your users when transferring files into and out of your Amazon S3 bucket or Amazon
/// EFS file system. The IAM role should also contain a trust relationship that allows
/// the server to access your resources when servicing your users' transfer requests.
///
///
[AWSProperty(Required=true, Min=20, Max=2048)]
public string Role
{
get { return this._role; }
set { this._role = value; }
}
// Check to see if Role property is set
internal bool IsSetRole()
{
return this._role != null;
}
///
/// Gets and sets the property ServerId.
///
/// A system-assigned unique identifier for a server instance. This is the specific server
/// that you added your user to.
///
///
[AWSProperty(Required=true, Min=19, Max=19)]
public string ServerId
{
get { return this._serverId; }
set { this._serverId = value; }
}
// Check to see if ServerId property is set
internal bool IsSetServerId()
{
return this._serverId != null;
}
}
}