/*******************************************************************************
* Copyright 2012-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use
* this file except in compliance with the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file.
* This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
* specific language governing permissions and limitations under the License.
* *****************************************************************************
*
* AWS Tools for Windows (TM) PowerShell (TM)
*
*/
using System;
using System.Collections.Generic;
using System.Linq;
using System.Management.Automation;
using System.Text;
using Amazon.PowerShell.Common;
using Amazon.Runtime;
using Amazon.Transfer;
using Amazon.Transfer.Model;
namespace Amazon.PowerShell.Cmdlets.TFR
{
///
/// Creates the connector, which captures the parameters for an outbound connection for
/// the AS2 or SFTP protocol. The connector is required for sending files to an externally
/// hosted AS2 or SFTP server. For more details about AS2 connectors, see Create
/// AS2 connectors.
///
///
/// You must specify exactly one configuration object: either for AS2 (As2Config)
/// or SFTP (SftpConfig).
///
///
[Cmdlet("New", "TFRConnector", SupportsShouldProcess = true, ConfirmImpact = ConfirmImpact.Medium)]
[OutputType("System.String")]
[AWSCmdlet("Calls the AWS Transfer for SFTP CreateConnector API operation.", Operation = new[] {"CreateConnector"}, SelectReturnType = typeof(Amazon.Transfer.Model.CreateConnectorResponse))]
[AWSCmdletOutput("System.String or Amazon.Transfer.Model.CreateConnectorResponse",
"This cmdlet returns a System.String object.",
"The service call response (type Amazon.Transfer.Model.CreateConnectorResponse) can also be referenced from properties attached to the cmdlet entry in the $AWSHistory stack."
)]
public partial class NewTFRConnectorCmdlet : AmazonTransferClientCmdlet, IExecutor
{
#region Parameter AccessRole
///
///
/// With AS2, you can send files by calling StartFileTransfer and specifying
/// the file paths in the request parameter, SendFilePaths. We use the file’s
/// parent directory (for example, for --send-file-paths /bucket/dir/file.txt,
/// parent directory is /bucket/dir/) to temporarily store a processed AS2
/// message file, store the MDN when we receive them from the partner, and write a final
/// JSON file containing relevant metadata of the transmission. So, the AccessRole
/// needs to provide read and write access to the parent directory of the file location
/// used in the StartFileTransfer request. Additionally, you need to provide
/// read and write access to the parent directory of the files that you intend to send
/// with StartFileTransfer.If you are using Basic authentication for your AS2 connector, the access role requires
/// the secretsmanager:GetSecretValue permission for the secret. If the secret
/// is encrypted using a customer-managed key instead of the Amazon Web Services managed
/// key in Secrets Manager, then the role also needs the kms:Decrypt permission
/// for that key.
///
///
#if !MODULAR
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
#else
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true, Mandatory = true)]
[System.Management.Automation.AllowEmptyString]
[System.Management.Automation.AllowNull]
#endif
[Amazon.PowerShell.Common.AWSRequiredParameter]
public System.String AccessRole { get; set; }
#endregion
#region Parameter As2Config_BasicAuthSecretId
///
///
/// Provides Basic authentication support to the AS2 Connectors API. To use Basic authentication,
/// you must provide the name or Amazon Resource Name (ARN) of a secret in Secrets Manager.The default value for this parameter is null, which indicates that Basic
/// authentication is not enabled for the connector.If the connector should use Basic authentication, the secret needs to be in the following
/// format:{ "Username": "user-name", "Password": "user-password" }Replace user-name and user-password with the credentials
/// for the actual user that is being authenticated.Note the following:- You are storing these credentials in Secrets Manager, not passing them directly
/// into this API.
- If you are using the API, SDKs, or CloudFormation to configure your connector, then
/// you must create the secret before you can enable Basic authentication. However, if
/// you are using the Amazon Web Services management console, you can have the system
/// create the secret for you.
If you have previously enabled Basic authentication for a connector, you can disable
/// it by using the UpdateConnector API call. For example, if you are using
/// the CLI, you can run the following command to remove Basic authentication:update-connector --connector-id my-connector-id --as2-config 'BasicAuthSecretId=""'
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
public System.String As2Config_BasicAuthSecretId { get; set; }
#endregion
#region Parameter As2Config_Compression
///
///
/// Specifies whether the AS2 file is compressed.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
[AWSConstantClassSource("Amazon.Transfer.CompressionEnum")]
public Amazon.Transfer.CompressionEnum As2Config_Compression { get; set; }
#endregion
#region Parameter As2Config_EncryptionAlgorithm
///
///
/// The algorithm that is used to encrypt the file.You can only specify NONE if the URL for your connector uses HTTPS. This
/// ensures that no traffic is sent in clear text.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
[AWSConstantClassSource("Amazon.Transfer.EncryptionAlg")]
public Amazon.Transfer.EncryptionAlg As2Config_EncryptionAlgorithm { get; set; }
#endregion
#region Parameter As2Config_LocalProfileId
///
///
/// A unique identifier for the AS2 local profile.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
public System.String As2Config_LocalProfileId { get; set; }
#endregion
#region Parameter LoggingRole
///
///
/// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that
/// allows a connector to turn on CloudWatch logging for Amazon S3 events. When set, you
/// can view connector activity in your CloudWatch logs.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
public System.String LoggingRole { get; set; }
#endregion
#region Parameter As2Config_MdnResponse
///
///
/// Used for outbound requests (from an Transfer Family server to a partner AS2 server)
/// to determine whether the partner response for transfers is synchronous or asynchronous.
/// Specify either of the following values:SYNC: The system expects a synchronous MDN response, confirming that
/// the file was transferred successfully (or not).NONE: Specifies that no MDN response is required.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
[AWSConstantClassSource("Amazon.Transfer.MdnResponse")]
public Amazon.Transfer.MdnResponse As2Config_MdnResponse { get; set; }
#endregion
#region Parameter As2Config_MdnSigningAlgorithm
///
///
/// The signing algorithm for the MDN response.If set to DEFAULT (or not set at all), the value for SigningAlgorithm
/// is used.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
[AWSConstantClassSource("Amazon.Transfer.MdnSigningAlg")]
public Amazon.Transfer.MdnSigningAlg As2Config_MdnSigningAlgorithm { get; set; }
#endregion
#region Parameter As2Config_MessageSubject
///
///
/// Used as the Subject HTTP header attribute in AS2 messages that are being
/// sent with the connector.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
public System.String As2Config_MessageSubject { get; set; }
#endregion
#region Parameter As2Config_PartnerProfileId
///
///
/// A unique identifier for the partner profile for the connector.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
public System.String As2Config_PartnerProfileId { get; set; }
#endregion
#region Parameter As2Config_SigningAlgorithm
///
///
/// The algorithm that is used to sign the AS2 messages sent with the connector.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
[AWSConstantClassSource("Amazon.Transfer.SigningAlg")]
public Amazon.Transfer.SigningAlg As2Config_SigningAlgorithm { get; set; }
#endregion
#region Parameter Tag
///
///
/// Key-value pairs that can be used to group and search for connectors. Tags are metadata
/// attached to connectors for any purpose.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
[Alias("Tags")]
public Amazon.Transfer.Model.Tag[] Tag { get; set; }
#endregion
#region Parameter SftpConfig_TrustedHostKey
///
///
/// The public portion of the host key, or keys, that are used to authenticate the user
/// to the external server to which you are connecting. You can use the ssh-keyscan
/// command against the SFTP server to retrieve the necessary key.The three standard SSH public key format elements are <key type>,
/// <body base64>, and an optional <comment>, with
/// spaces between each element.For the trusted host key, Transfer Family accepts RSA and ECDSA keys.- For RSA keys, the key type is
ssh-rsa. - For ECDSA keys, the key type is either
ecdsa-sha2-nistp256, ecdsa-sha2-nistp384,
/// or ecdsa-sha2-nistp521, depending on the size of the key you generated.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
[Alias("SftpConfig_TrustedHostKeys")]
public System.String[] SftpConfig_TrustedHostKey { get; set; }
#endregion
#region Parameter Url
///
///
/// The URL of the partner's AS2 or SFTP endpoint.
///
///
#if !MODULAR
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
#else
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true, Mandatory = true)]
[System.Management.Automation.AllowEmptyString]
[System.Management.Automation.AllowNull]
#endif
[Amazon.PowerShell.Common.AWSRequiredParameter]
public System.String Url { get; set; }
#endregion
#region Parameter SftpConfig_UserSecretId
///
///
/// The identifiers for the secrets (in Amazon Web Services Secrets Manager) that contain
/// the SFTP user's private keys or passwords.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
public System.String SftpConfig_UserSecretId { get; set; }
#endregion
#region Parameter Select
///
/// Use the -Select parameter to control the cmdlet output. The default value is 'ConnectorId'.
/// Specifying -Select '*' will result in the cmdlet returning the whole service response (Amazon.Transfer.Model.CreateConnectorResponse).
/// Specifying the name of a property of type Amazon.Transfer.Model.CreateConnectorResponse will result in that property being returned.
/// Specifying -Select '^ParameterName' will result in the cmdlet returning the selected cmdlet parameter value.
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
public string Select { get; set; } = "ConnectorId";
#endregion
#region Parameter Force
///
/// This parameter overrides confirmation prompts to force
/// the cmdlet to continue its operation. This parameter should always
/// be used with caution.
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
public SwitchParameter Force { get; set; }
#endregion
protected override void ProcessRecord()
{
this._AWSSignerType = "v4";
base.ProcessRecord();
var resourceIdentifiersText = string.Empty;
if (!ConfirmShouldProceed(this.Force.IsPresent, resourceIdentifiersText, "New-TFRConnector (CreateConnector)"))
{
return;
}
var context = new CmdletContext();
// allow for manipulation of parameters prior to loading into context
PreExecutionContextLoad(context);
if (ParameterWasBound(nameof(this.Select)))
{
context.Select = CreateSelectDelegate(Select) ??
throw new System.ArgumentException("Invalid value for -Select parameter.", nameof(this.Select));
}
context.AccessRole = this.AccessRole;
#if MODULAR
if (this.AccessRole == null && ParameterWasBound(nameof(this.AccessRole)))
{
WriteWarning("You are passing $null as a value for parameter AccessRole which is marked as required. In case you believe this parameter was incorrectly marked as required, report this by opening an issue at https://github.com/aws/aws-tools-for-powershell/issues.");
}
#endif
context.As2Config_BasicAuthSecretId = this.As2Config_BasicAuthSecretId;
context.As2Config_Compression = this.As2Config_Compression;
context.As2Config_EncryptionAlgorithm = this.As2Config_EncryptionAlgorithm;
context.As2Config_LocalProfileId = this.As2Config_LocalProfileId;
context.As2Config_MdnResponse = this.As2Config_MdnResponse;
context.As2Config_MdnSigningAlgorithm = this.As2Config_MdnSigningAlgorithm;
context.As2Config_MessageSubject = this.As2Config_MessageSubject;
context.As2Config_PartnerProfileId = this.As2Config_PartnerProfileId;
context.As2Config_SigningAlgorithm = this.As2Config_SigningAlgorithm;
context.LoggingRole = this.LoggingRole;
if (this.SftpConfig_TrustedHostKey != null)
{
context.SftpConfig_TrustedHostKey = new List(this.SftpConfig_TrustedHostKey);
}
context.SftpConfig_UserSecretId = this.SftpConfig_UserSecretId;
if (this.Tag != null)
{
context.Tag = new List(this.Tag);
}
context.Url = this.Url;
#if MODULAR
if (this.Url == null && ParameterWasBound(nameof(this.Url)))
{
WriteWarning("You are passing $null as a value for parameter Url which is marked as required. In case you believe this parameter was incorrectly marked as required, report this by opening an issue at https://github.com/aws/aws-tools-for-powershell/issues.");
}
#endif
// allow further manipulation of loaded context prior to processing
PostExecutionContextLoad(context);
var output = Execute(context) as CmdletOutput;
ProcessOutput(output);
}
#region IExecutor Members
public object Execute(ExecutorContext context)
{
var cmdletContext = context as CmdletContext;
// create request
var request = new Amazon.Transfer.Model.CreateConnectorRequest();
if (cmdletContext.AccessRole != null)
{
request.AccessRole = cmdletContext.AccessRole;
}
// populate As2Config
var requestAs2ConfigIsNull = true;
request.As2Config = new Amazon.Transfer.Model.As2ConnectorConfig();
System.String requestAs2Config_as2Config_BasicAuthSecretId = null;
if (cmdletContext.As2Config_BasicAuthSecretId != null)
{
requestAs2Config_as2Config_BasicAuthSecretId = cmdletContext.As2Config_BasicAuthSecretId;
}
if (requestAs2Config_as2Config_BasicAuthSecretId != null)
{
request.As2Config.BasicAuthSecretId = requestAs2Config_as2Config_BasicAuthSecretId;
requestAs2ConfigIsNull = false;
}
Amazon.Transfer.CompressionEnum requestAs2Config_as2Config_Compression = null;
if (cmdletContext.As2Config_Compression != null)
{
requestAs2Config_as2Config_Compression = cmdletContext.As2Config_Compression;
}
if (requestAs2Config_as2Config_Compression != null)
{
request.As2Config.Compression = requestAs2Config_as2Config_Compression;
requestAs2ConfigIsNull = false;
}
Amazon.Transfer.EncryptionAlg requestAs2Config_as2Config_EncryptionAlgorithm = null;
if (cmdletContext.As2Config_EncryptionAlgorithm != null)
{
requestAs2Config_as2Config_EncryptionAlgorithm = cmdletContext.As2Config_EncryptionAlgorithm;
}
if (requestAs2Config_as2Config_EncryptionAlgorithm != null)
{
request.As2Config.EncryptionAlgorithm = requestAs2Config_as2Config_EncryptionAlgorithm;
requestAs2ConfigIsNull = false;
}
System.String requestAs2Config_as2Config_LocalProfileId = null;
if (cmdletContext.As2Config_LocalProfileId != null)
{
requestAs2Config_as2Config_LocalProfileId = cmdletContext.As2Config_LocalProfileId;
}
if (requestAs2Config_as2Config_LocalProfileId != null)
{
request.As2Config.LocalProfileId = requestAs2Config_as2Config_LocalProfileId;
requestAs2ConfigIsNull = false;
}
Amazon.Transfer.MdnResponse requestAs2Config_as2Config_MdnResponse = null;
if (cmdletContext.As2Config_MdnResponse != null)
{
requestAs2Config_as2Config_MdnResponse = cmdletContext.As2Config_MdnResponse;
}
if (requestAs2Config_as2Config_MdnResponse != null)
{
request.As2Config.MdnResponse = requestAs2Config_as2Config_MdnResponse;
requestAs2ConfigIsNull = false;
}
Amazon.Transfer.MdnSigningAlg requestAs2Config_as2Config_MdnSigningAlgorithm = null;
if (cmdletContext.As2Config_MdnSigningAlgorithm != null)
{
requestAs2Config_as2Config_MdnSigningAlgorithm = cmdletContext.As2Config_MdnSigningAlgorithm;
}
if (requestAs2Config_as2Config_MdnSigningAlgorithm != null)
{
request.As2Config.MdnSigningAlgorithm = requestAs2Config_as2Config_MdnSigningAlgorithm;
requestAs2ConfigIsNull = false;
}
System.String requestAs2Config_as2Config_MessageSubject = null;
if (cmdletContext.As2Config_MessageSubject != null)
{
requestAs2Config_as2Config_MessageSubject = cmdletContext.As2Config_MessageSubject;
}
if (requestAs2Config_as2Config_MessageSubject != null)
{
request.As2Config.MessageSubject = requestAs2Config_as2Config_MessageSubject;
requestAs2ConfigIsNull = false;
}
System.String requestAs2Config_as2Config_PartnerProfileId = null;
if (cmdletContext.As2Config_PartnerProfileId != null)
{
requestAs2Config_as2Config_PartnerProfileId = cmdletContext.As2Config_PartnerProfileId;
}
if (requestAs2Config_as2Config_PartnerProfileId != null)
{
request.As2Config.PartnerProfileId = requestAs2Config_as2Config_PartnerProfileId;
requestAs2ConfigIsNull = false;
}
Amazon.Transfer.SigningAlg requestAs2Config_as2Config_SigningAlgorithm = null;
if (cmdletContext.As2Config_SigningAlgorithm != null)
{
requestAs2Config_as2Config_SigningAlgorithm = cmdletContext.As2Config_SigningAlgorithm;
}
if (requestAs2Config_as2Config_SigningAlgorithm != null)
{
request.As2Config.SigningAlgorithm = requestAs2Config_as2Config_SigningAlgorithm;
requestAs2ConfigIsNull = false;
}
// determine if request.As2Config should be set to null
if (requestAs2ConfigIsNull)
{
request.As2Config = null;
}
if (cmdletContext.LoggingRole != null)
{
request.LoggingRole = cmdletContext.LoggingRole;
}
// populate SftpConfig
var requestSftpConfigIsNull = true;
request.SftpConfig = new Amazon.Transfer.Model.SftpConnectorConfig();
List requestSftpConfig_sftpConfig_TrustedHostKey = null;
if (cmdletContext.SftpConfig_TrustedHostKey != null)
{
requestSftpConfig_sftpConfig_TrustedHostKey = cmdletContext.SftpConfig_TrustedHostKey;
}
if (requestSftpConfig_sftpConfig_TrustedHostKey != null)
{
request.SftpConfig.TrustedHostKeys = requestSftpConfig_sftpConfig_TrustedHostKey;
requestSftpConfigIsNull = false;
}
System.String requestSftpConfig_sftpConfig_UserSecretId = null;
if (cmdletContext.SftpConfig_UserSecretId != null)
{
requestSftpConfig_sftpConfig_UserSecretId = cmdletContext.SftpConfig_UserSecretId;
}
if (requestSftpConfig_sftpConfig_UserSecretId != null)
{
request.SftpConfig.UserSecretId = requestSftpConfig_sftpConfig_UserSecretId;
requestSftpConfigIsNull = false;
}
// determine if request.SftpConfig should be set to null
if (requestSftpConfigIsNull)
{
request.SftpConfig = null;
}
if (cmdletContext.Tag != null)
{
request.Tags = cmdletContext.Tag;
}
if (cmdletContext.Url != null)
{
request.Url = cmdletContext.Url;
}
CmdletOutput output;
// issue call
var client = Client ?? CreateClient(_CurrentCredentials, _RegionEndpoint);
try
{
var response = CallAWSServiceOperation(client, request);
object pipelineOutput = null;
pipelineOutput = cmdletContext.Select(response, this);
output = new CmdletOutput
{
PipelineOutput = pipelineOutput,
ServiceResponse = response
};
}
catch (Exception e)
{
output = new CmdletOutput { ErrorResponse = e };
}
return output;
}
public ExecutorContext CreateContext()
{
return new CmdletContext();
}
#endregion
#region AWS Service Operation Call
private Amazon.Transfer.Model.CreateConnectorResponse CallAWSServiceOperation(IAmazonTransfer client, Amazon.Transfer.Model.CreateConnectorRequest request)
{
Utils.Common.WriteVerboseEndpointMessage(this, client.Config, "AWS Transfer for SFTP", "CreateConnector");
try
{
#if DESKTOP
return client.CreateConnector(request);
#elif CORECLR
return client.CreateConnectorAsync(request).GetAwaiter().GetResult();
#else
#error "Unknown build edition"
#endif
}
catch (AmazonServiceException exc)
{
var webException = exc.InnerException as System.Net.WebException;
if (webException != null)
{
throw new Exception(Utils.Common.FormatNameResolutionFailureMessage(client.Config, webException.Message), webException);
}
throw;
}
}
#endregion
internal partial class CmdletContext : ExecutorContext
{
public System.String AccessRole { get; set; }
public System.String As2Config_BasicAuthSecretId { get; set; }
public Amazon.Transfer.CompressionEnum As2Config_Compression { get; set; }
public Amazon.Transfer.EncryptionAlg As2Config_EncryptionAlgorithm { get; set; }
public System.String As2Config_LocalProfileId { get; set; }
public Amazon.Transfer.MdnResponse As2Config_MdnResponse { get; set; }
public Amazon.Transfer.MdnSigningAlg As2Config_MdnSigningAlgorithm { get; set; }
public System.String As2Config_MessageSubject { get; set; }
public System.String As2Config_PartnerProfileId { get; set; }
public Amazon.Transfer.SigningAlg As2Config_SigningAlgorithm { get; set; }
public System.String LoggingRole { get; set; }
public List SftpConfig_TrustedHostKey { get; set; }
public System.String SftpConfig_UserSecretId { get; set; }
public List Tag { get; set; }
public System.String Url { get; set; }
public System.Func Select { get; set; } =
(response, cmdlet) => response.ConnectorId;
}
}
}