This launch includes 2 enhancements to SFTP connectors user-experience: 1) Customers can self-serve concurrent connections setting for their connectors, and 2) Customers can discover the public host key of remote servers using their SFTP connectors.

Author: aws-sdk-dotnet-automation

generator/ServiceModels/transfer/transfer-2018-11-05.api.json

@@ -2957,6 +2957,11 @@
         "DIRECTORY"
       ]
     },
+    "MaxConcurrentConnections":{
+      "type":"integer",
+      "box":true,
+      "min":1
+    },
     "MaxItems":{
       "type":"integer",
       "box":true,
@@ -3383,9 +3388,21 @@
       "type":"structure",
       "members":{
         "UserSecretId":{"shape":"SecretId"},
-        "TrustedHostKeys":{"shape":"SftpConnectorTrustedHostKeyList"}
+        "TrustedHostKeys":{"shape":"SftpConnectorTrustedHostKeyList"},
+        "MaxConcurrentConnections":{"shape":"MaxConcurrentConnections"}
+      }
+    },
+    "SftpConnectorConnectionDetails":{
+      "type":"structure",
+      "members":{
+        "HostKey":{"shape":"SftpConnectorHostKey"}
       }
     },
+    "SftpConnectorHostKey":{
+      "type":"string",
+      "max":2048,
+      "min":1
+    },
     "SftpConnectorTrustedHostKey":{
       "type":"string",
       "max":2048,
@@ -3395,7 +3412,7 @@
       "type":"list",
       "member":{"shape":"SftpConnectorTrustedHostKey"},
       "max":10,
-      "min":1
+      "min":0
     },
     "SigningAlg":{
       "type":"string",
@@ -3642,7 +3659,8 @@
       "members":{
         "ConnectorId":{"shape":"ConnectorId"},
         "Status":{"shape":"Status"},
-        "StatusMessage":{"shape":"Message"}
+        "StatusMessage":{"shape":"Message"},
+        "SftpConnectionDetails":{"shape":"SftpConnectorConnectionDetails"}
       }
     },
     "TestIdentityProviderRequest":{

generator/ServiceModels/transfer/transfer-2018-11-05.docs.json

@@ -1433,6 +1433,12 @@
         "HomeDirectoryMapEntry$Type": "<p>Specifies the type of mapping. Set the type to <code>FILE</code> if you want the mapping to point to a file, or <code>DIRECTORY</code> for the directory to point to a directory.</p> <note> <p>By default, home directory mappings have a <code>Type</code> of <code>DIRECTORY</code> when you create a Transfer Family server. You would need to explicitly set <code>Type</code> to <code>FILE</code> if you want a mapping to have a file target.</p> </note>"
       }
     },
+    "MaxConcurrentConnections": {
+      "base": "<p>The number of concurrent connections that the connector will create to the remote server.</p>",
+      "refs": {
+        "SftpConnectorConfig$MaxConcurrentConnections": "<p>Specify the number of concurrent connections that your connector creates to the remote server. The default value is <code>5</code> (this is also the maximum value allowed).</p> <p>This parameter specifies the number of active connections that your connector can establish with the remote server at the same time. Increasing this value can enhance connector performance when transferring large file batches by enabling parallel operations.</p>"
+      }
+    },
     "MaxItems": {
       "base": null,
       "refs": {
@@ -1834,7 +1840,7 @@
     "SecretId": {
       "base": null,
       "refs": {
-        "SftpConnectorConfig$UserSecretId": "<p>The identifier for the secret (in Amazon Web Services Secrets Manager) that contains the SFTP user's private key, password, or both. The identifier must be the Amazon Resource Name (ARN) of the secret.</p>"
+        "SftpConnectorConfig$UserSecretId": "<p>The identifier for the secret (in Amazon Web Services Secrets Manager) that contains the SFTP user's private key, password, or both. The identifier must be the Amazon Resource Name (ARN) of the secret.</p> <note> <ul> <li> <p>Required when creating an SFTP connector</p> </li> <li> <p>Optional when updating an existing SFTP connector</p> </li> </ul> </note>"
       }
     },
     "SecurityGroupId": {
@@ -2013,13 +2019,25 @@
       }
     },
     "SftpConnectorConfig": {
-      "base": "<p>Contains the details for an SFTP connector object. The connector object is used for transferring files to and from a partner's SFTP server.</p> <note> <p>Because the <code>SftpConnectorConfig</code> data type is used for both creating and updating SFTP connectors, its parameters, <code>TrustedHostKeys</code> and <code>UserSecretId</code> are marked as not required. This is a bit misleading, as they are not required when you are updating an existing SFTP connector, but <i>are required</i> when you are creating a new SFTP connector.</p> </note>",
+      "base": "<p>Contains the details for an SFTP connector object. The connector object is used for transferring files to and from a partner's SFTP server.</p>",
       "refs": {
         "CreateConnectorRequest$SftpConfig": "<p>A structure that contains the parameters for an SFTP connector object.</p>",
         "DescribedConnector$SftpConfig": "<p>A structure that contains the parameters for an SFTP connector object.</p>",
         "UpdateConnectorRequest$SftpConfig": "<p>A structure that contains the parameters for an SFTP connector object.</p>"
       }
     },
+    "SftpConnectorConnectionDetails": {
+      "base": "<p>Contains the details for an SFTP connector connection.</p>",
+      "refs": {
+        "TestConnectionResponse$SftpConnectionDetails": "<p>Structure that contains the SFTP connector host key.</p>"
+      }
+    },
+    "SftpConnectorHostKey": {
+      "base": null,
+      "refs": {
+        "SftpConnectorConnectionDetails$HostKey": "<p>The SSH public key of the remote SFTP server. This is returned during the initial connection attempt when you call <code>TestConnection</code>. It allows you to retrieve the valid server host key to update the connector when you are unable to obtain it in advance.</p>"
+      }
+    },
     "SftpConnectorTrustedHostKey": {
       "base": null,
       "refs": {
@@ -2029,7 +2047,7 @@
     "SftpConnectorTrustedHostKeyList": {
       "base": null,
       "refs": {
-        "SftpConnectorConfig$TrustedHostKeys": "<p>The public portion of the host key, or keys, that are used to identify the external server to which you are connecting. You can use the <code>ssh-keyscan</code> command against the SFTP server to retrieve the necessary key.</p> <p>The three standard SSH public key format elements are <code>&lt;key type&gt;</code>, <code>&lt;body base64&gt;</code>, and an optional <code>&lt;comment&gt;</code>, with spaces between each element. Specify only the <code>&lt;key type&gt;</code> and <code>&lt;body base64&gt;</code>: do not enter the <code>&lt;comment&gt;</code> portion of the key.</p> <p>For the trusted host key, Transfer Family accepts RSA and ECDSA keys.</p> <ul> <li> <p>For RSA keys, the <code>&lt;key type&gt;</code> string is <code>ssh-rsa</code>.</p> </li> <li> <p>For ECDSA keys, the <code>&lt;key type&gt;</code> string is either <code>ecdsa-sha2-nistp256</code>, <code>ecdsa-sha2-nistp384</code>, or <code>ecdsa-sha2-nistp521</code>, depending on the size of the key you generated.</p> </li> </ul> <p>Run this command to retrieve the SFTP server host key, where your SFTP server name is <code>ftp.host.com</code>.</p> <p> <code>ssh-keyscan ftp.host.com</code> </p> <p>This prints the public host key to standard output.</p> <p> <code>ftp.host.com ssh-rsa AAAAB3Nza...&lt;long-string-for-public-key</code> </p> <p>Copy and paste this string into the <code>TrustedHostKeys</code> field for the <code>create-connector</code> command or into the <b>Trusted host keys</b> field in the console.</p>"
+        "SftpConnectorConfig$TrustedHostKeys": "<p>The public portion of the host key, or keys, that are used to identify the external server to which you are connecting. You can use the <code>ssh-keyscan</code> command against the SFTP server to retrieve the necessary key.</p> <note> <p> <code>TrustedHostKeys</code> is optional for <code>CreateConnector</code>. If not provided, you can use <code>TestConnection</code> to retrieve the server host key during the initial connection attempt, and subsequently update the connector with the observed host key.</p> </note> <p>The three standard SSH public key format elements are <code>&lt;key type&gt;</code>, <code>&lt;body base64&gt;</code>, and an optional <code>&lt;comment&gt;</code>, with spaces between each element. Specify only the <code>&lt;key type&gt;</code> and <code>&lt;body base64&gt;</code>: do not enter the <code>&lt;comment&gt;</code> portion of the key.</p> <p>For the trusted host key, Transfer Family accepts RSA and ECDSA keys.</p> <ul> <li> <p>For RSA keys, the <code>&lt;key type&gt;</code> string is <code>ssh-rsa</code>.</p> </li> <li> <p>For ECDSA keys, the <code>&lt;key type&gt;</code> string is either <code>ecdsa-sha2-nistp256</code>, <code>ecdsa-sha2-nistp384</code>, or <code>ecdsa-sha2-nistp521</code>, depending on the size of the key you generated.</p> </li> </ul> <p>Run this command to retrieve the SFTP server host key, where your SFTP server name is <code>ftp.host.com</code>.</p> <p> <code>ssh-keyscan ftp.host.com</code> </p> <p>This prints the public host key to standard output.</p> <p> <code>ftp.host.com ssh-rsa AAAAB3Nza...&lt;long-string-for-public-key</code> </p> <p>Copy and paste this string into the <code>TrustedHostKeys</code> field for the <code>create-connector</code> command or into the <b>Trusted host keys</b> field in the console.</p>"
       }
     },
     "SigningAlg": {

generator/ServiceModels/transfer/transfer-2018-11-05.normal.json

@@ -4478,6 +4478,12 @@
         "DIRECTORY"
       ]
     },
+    "MaxConcurrentConnections":{
+      "type":"integer",
+      "documentation":"<p>The number of concurrent connections that the connector will create to the remote server.</p>",
+      "box":true,
+      "min":1
+    },
     "MaxItems":{
       "type":"integer",
       "box":true,
@@ -4979,14 +4985,33 @@
       "members":{
         "UserSecretId":{
           "shape":"SecretId",
-          "documentation":"<p>The identifier for the secret (in Amazon Web Services Secrets Manager) that contains the SFTP user's private key, password, or both. The identifier must be the Amazon Resource Name (ARN) of the secret.</p>"
+          "documentation":"<p>The identifier for the secret (in Amazon Web Services Secrets Manager) that contains the SFTP user's private key, password, or both. The identifier must be the Amazon Resource Name (ARN) of the secret.</p> <note> <ul> <li> <p>Required when creating an SFTP connector</p> </li> <li> <p>Optional when updating an existing SFTP connector</p> </li> </ul> </note>"
         },
         "TrustedHostKeys":{
           "shape":"SftpConnectorTrustedHostKeyList",
-          "documentation":"<p>The public portion of the host key, or keys, that are used to identify the external server to which you are connecting. You can use the <code>ssh-keyscan</code> command against the SFTP server to retrieve the necessary key.</p> <p>The three standard SSH public key format elements are <code>&lt;key type&gt;</code>, <code>&lt;body base64&gt;</code>, and an optional <code>&lt;comment&gt;</code>, with spaces between each element. Specify only the <code>&lt;key type&gt;</code> and <code>&lt;body base64&gt;</code>: do not enter the <code>&lt;comment&gt;</code> portion of the key.</p> <p>For the trusted host key, Transfer Family accepts RSA and ECDSA keys.</p> <ul> <li> <p>For RSA keys, the <code>&lt;key type&gt;</code> string is <code>ssh-rsa</code>.</p> </li> <li> <p>For ECDSA keys, the <code>&lt;key type&gt;</code> string is either <code>ecdsa-sha2-nistp256</code>, <code>ecdsa-sha2-nistp384</code>, or <code>ecdsa-sha2-nistp521</code>, depending on the size of the key you generated.</p> </li> </ul> <p>Run this command to retrieve the SFTP server host key, where your SFTP server name is <code>ftp.host.com</code>.</p> <p> <code>ssh-keyscan ftp.host.com</code> </p> <p>This prints the public host key to standard output.</p> <p> <code>ftp.host.com ssh-rsa AAAAB3Nza...&lt;long-string-for-public-key</code> </p> <p>Copy and paste this string into the <code>TrustedHostKeys</code> field for the <code>create-connector</code> command or into the <b>Trusted host keys</b> field in the console.</p>"
+          "documentation":"<p>The public portion of the host key, or keys, that are used to identify the external server to which you are connecting. You can use the <code>ssh-keyscan</code> command against the SFTP server to retrieve the necessary key.</p> <note> <p> <code>TrustedHostKeys</code> is optional for <code>CreateConnector</code>. If not provided, you can use <code>TestConnection</code> to retrieve the server host key during the initial connection attempt, and subsequently update the connector with the observed host key.</p> </note> <p>The three standard SSH public key format elements are <code>&lt;key type&gt;</code>, <code>&lt;body base64&gt;</code>, and an optional <code>&lt;comment&gt;</code>, with spaces between each element. Specify only the <code>&lt;key type&gt;</code> and <code>&lt;body base64&gt;</code>: do not enter the <code>&lt;comment&gt;</code> portion of the key.</p> <p>For the trusted host key, Transfer Family accepts RSA and ECDSA keys.</p> <ul> <li> <p>For RSA keys, the <code>&lt;key type&gt;</code> string is <code>ssh-rsa</code>.</p> </li> <li> <p>For ECDSA keys, the <code>&lt;key type&gt;</code> string is either <code>ecdsa-sha2-nistp256</code>, <code>ecdsa-sha2-nistp384</code>, or <code>ecdsa-sha2-nistp521</code>, depending on the size of the key you generated.</p> </li> </ul> <p>Run this command to retrieve the SFTP server host key, where your SFTP server name is <code>ftp.host.com</code>.</p> <p> <code>ssh-keyscan ftp.host.com</code> </p> <p>This prints the public host key to standard output.</p> <p> <code>ftp.host.com ssh-rsa AAAAB3Nza...&lt;long-string-for-public-key</code> </p> <p>Copy and paste this string into the <code>TrustedHostKeys</code> field for the <code>create-connector</code> command or into the <b>Trusted host keys</b> field in the console.</p>"
+        },
+        "MaxConcurrentConnections":{
+          "shape":"MaxConcurrentConnections",
+          "documentation":"<p>Specify the number of concurrent connections that your connector creates to the remote server. The default value is <code>5</code> (this is also the maximum value allowed).</p> <p>This parameter specifies the number of active connections that your connector can establish with the remote server at the same time. Increasing this value can enhance connector performance when transferring large file batches by enabling parallel operations.</p>"
+        }
+      },
+      "documentation":"<p>Contains the details for an SFTP connector object. The connector object is used for transferring files to and from a partner's SFTP server.</p>"
+    },
+    "SftpConnectorConnectionDetails":{
+      "type":"structure",
+      "members":{
+        "HostKey":{
+          "shape":"SftpConnectorHostKey",
+          "documentation":"<p>The SSH public key of the remote SFTP server. This is returned during the initial connection attempt when you call <code>TestConnection</code>. It allows you to retrieve the valid server host key to update the connector when you are unable to obtain it in advance.</p>"
         }
       },
-      "documentation":"<p>Contains the details for an SFTP connector object. The connector object is used for transferring files to and from a partner's SFTP server.</p> <note> <p>Because the <code>SftpConnectorConfig</code> data type is used for both creating and updating SFTP connectors, its parameters, <code>TrustedHostKeys</code> and <code>UserSecretId</code> are marked as not required. This is a bit misleading, as they are not required when you are updating an existing SFTP connector, but <i>are required</i> when you are creating a new SFTP connector.</p> </note>"
+      "documentation":"<p>Contains the details for an SFTP connector connection.</p>"
+    },
+    "SftpConnectorHostKey":{
+      "type":"string",
+      "max":2048,
+      "min":1
     },
     "SftpConnectorTrustedHostKey":{
       "type":"string",
@@ -4997,7 +5022,7 @@
       "type":"list",
       "member":{"shape":"SftpConnectorTrustedHostKey"},
       "max":10,
-      "min":1
+      "min":0
     },
     "SigningAlg":{
       "type":"string",
@@ -5353,6 +5378,10 @@
         "StatusMessage":{
           "shape":"Message",
           "documentation":"<p>Returns <code>Connection succeeded</code> if the test is successful. Or, returns a descriptive error message if the test fails. The following list provides troubleshooting details, depending on the error message that you receive.</p> <ul> <li> <p>Verify that your secret name aligns with the one in Transfer Role permissions.</p> </li> <li> <p>Verify the server URL in the connector configuration , and verify that the login credentials work successfully outside of the connector.</p> </li> <li> <p>Verify that the secret exists and is formatted correctly.</p> </li> <li> <p>Verify that the trusted host key in the connector configuration matches the <code>ssh-keyscan</code> output.</p> </li> </ul>"
+        },
+        "SftpConnectionDetails":{
+          "shape":"SftpConnectorConnectionDetails",
+          "documentation":"<p>Structure that contains the SFTP connector host key.</p>"
         }
       }
     },

sdk/code-analysis/ServiceAnalysis/Transfer/Generated/PropertyValueRules.xml

@@ -2159,11 +2159,20 @@
     <max>256</max>
     <pattern>([\p{L}\p{Z}\p{N}_.:/=+\-@]*)</pattern>
   </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.Transfer.Model.SftpConnectorConfig.MaxConcurrentConnections</property>
+    <min>1</min>
+  </property-value-rule>
   <property-value-rule>
     <property>Amazon.Transfer.Model.SftpConnectorConfig.UserSecretId</property>
     <min>1</min>
     <max>2048</max>
   </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.Transfer.Model.SftpConnectorConnectionDetails.HostKey</property>
+    <min>1</min>
+    <max>2048</max>
+  </property-value-rule>
   <property-value-rule>
     <property>Amazon.Transfer.Model.SshPublicKey.SshPublicKeyBody</property>
     <min>0</min>

sdk/src/Services/Transfer/Generated/Model/Internal/MarshallTransformations/SftpConnectorConfigMarshaller.cs

@@ -48,6 +48,12 @@ public void Marshall(SftpConnectorConfig requestObject, JsonMarshallerContext co
         {
             if(requestObject == null)
                 return;
+            if(requestObject.IsSetMaxConcurrentConnections())
+            {
+                context.Writer.WritePropertyName("MaxConcurrentConnections");
+                context.Writer.Write(requestObject.MaxConcurrentConnections);
+            }
+
             if(requestObject.IsSetTrustedHostKeys())
             {
                 context.Writer.WritePropertyName("TrustedHostKeys");

sdk/src/Services/Transfer/Generated/Model/Internal/MarshallTransformations/SftpConnectorConfigUnmarshaller.cs

@@ -66,6 +66,12 @@ public SftpConnectorConfig Unmarshall(JsonUnmarshallerContext context)
             int targetDepth = context.CurrentDepth;
             while (context.ReadAtDepth(targetDepth))
             {
+                if (context.TestExpression("MaxConcurrentConnections", targetDepth))
+                {
+                    var unmarshaller = IntUnmarshaller.Instance;
+                    unmarshalledObject.MaxConcurrentConnections = unmarshaller.Unmarshall(context);
+                    continue;
+                }
                 if (context.TestExpression("TrustedHostKeys", targetDepth))
                 {
                     var unmarshaller = new ListUnmarshaller<string, StringUnmarshaller>(StringUnmarshaller.Instance);