From c4eb11d1cc87130ee86f47e68207531e6241c13d Mon Sep 17 00:00:00 2001 From: awstools Date: Fri, 3 May 2024 18:19:47 +0000 Subject: [PATCH] docs(client-datasync): Updated guidance on using private or self-signed certificate authorities (CAs) with AWS DataSync object storage locations. --- .../UpdateLocationObjectStorageCommand.ts | 6 +- .../client-datasync/src/models/models_0.ts | 63 +++++++++++++------ codegen/sdk-codegen/aws-models/datasync.json | 10 +-- 3 files changed, 51 insertions(+), 28 deletions(-) diff --git a/clients/client-datasync/src/commands/UpdateLocationObjectStorageCommand.ts b/clients/client-datasync/src/commands/UpdateLocationObjectStorageCommand.ts index 988c54809bcda..e3e4dce940ce6 100644 --- a/clients/client-datasync/src/commands/UpdateLocationObjectStorageCommand.ts +++ b/clients/client-datasync/src/commands/UpdateLocationObjectStorageCommand.ts @@ -33,10 +33,8 @@ export interface UpdateLocationObjectStorageCommandOutput __MetadataBearer {} /** - *

Updates some parameters of an existing object storage location that DataSync - * accesses for a transfer. For information about creating a self-managed object storage - * location, see Creating a location for object - * storage.

+ *

Updates some parameters of an existing DataSync location for an object + * storage system.

* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-datasync/src/models/models_0.ts b/clients/client-datasync/src/models/models_0.ts index 6dc43120b4741..63a6350e35ecc 100644 --- a/clients/client-datasync/src/models/models_0.ts +++ b/clients/client-datasync/src/models/models_0.ts @@ -1470,24 +1470,29 @@ export interface CreateLocationObjectStorageRequest { Tags?: TagListEntry[]; /** - *

Specifies a file with the certificates that are used to sign the object storage server's - * certificate (for example, file:///home/user/.ssh/storage_sys_certificate.pem). - * The file you specify must include the following:

+ *

Specifies a certificate chain for DataSync to authenticate with your object + * storage system if the system uses a private or self-signed certificate authority (CA). You + * must specify a single .pem file with a full certificate chain (for example, + * file:///home/user/.ssh/object_storage_certificates.pem).

+ *

The certificate chain might include:

* - *

The file can be up to 32768 bytes (before base64 encoding).

+ *

You can concatenate your certificates into a .pem file (which can be up to + * 32768 bytes before base64 encoding). The following example cat command creates an + * object_storage_certificates.pem file that includes three certificates:

+ *

+ * cat object_server_certificate.pem intermediate_certificate.pem + * ca_root_certificate.pem > object_storage_certificates.pem + *

*

To use this parameter, configure ServerProtocol to HTTPS.

* @public */ @@ -2440,8 +2445,9 @@ export interface TaskSchedule { /** *

Specifies whether to enable or disable your task schedule. Your schedule is enabled by - * default, but there can be situations where you need to disable it. For example, - * you might need to pause a recurring transfer or fix an issue with your task or perform maintenance on your storage system.

+ * default, but there can be situations where you need to disable it. For example, you might need + * to pause a recurring transfer to fix an issue with your task or perform maintenance on your + * storage system.

*

DataSync might disable your schedule automatically if your task fails repeatedly * with the same error. For more information, see TaskScheduleDetails.

* @public @@ -3529,8 +3535,8 @@ export interface DescribeLocationObjectStorageResponse { CreationTime?: Date; /** - *

The self-signed certificate that DataSync uses to securely authenticate with - * your object storage system.

+ *

The certificate chain for DataSync to authenticate with your object storage + * system if the system uses a private or self-signed certificate authority (CA).

* @public */ ServerCertificate?: Uint8Array; @@ -6122,12 +6128,31 @@ export interface UpdateLocationObjectStorageRequest { AgentArns?: string[]; /** - *

Specifies a certificate to authenticate with an object storage system that uses a private - * or self-signed certificate authority (CA). You must specify a Base64-encoded .pem - * file (for example, file:///home/user/.ssh/storage_sys_certificate.pem). The - * certificate can be up to 32768 bytes (before Base64 encoding).

+ *

Specifies a certificate chain for DataSync to authenticate with your object + * storage system if the system uses a private or self-signed certificate authority (CA). You + * must specify a single .pem file with a full certificate chain (for example, + * file:///home/user/.ssh/object_storage_certificates.pem).

+ *

The certificate chain might include:

+ * + *

You can concatenate your certificates into a .pem file (which can be up to + * 32768 bytes before base64 encoding). The following example cat command creates an + * object_storage_certificates.pem file that includes three certificates:

+ *

+ * cat object_server_certificate.pem intermediate_certificate.pem + * ca_root_certificate.pem > object_storage_certificates.pem + *

*

To use this parameter, configure ServerProtocol to HTTPS.

- *

Updating the certificate doesn't interfere with tasks that you have in progress.

+ *

Updating this parameter doesn't interfere with tasks that you have in progress.

* @public */ ServerCertificate?: Uint8Array; diff --git a/codegen/sdk-codegen/aws-models/datasync.json b/codegen/sdk-codegen/aws-models/datasync.json index ed1af5fe0b7c2..c07f471e39a23 100644 --- a/codegen/sdk-codegen/aws-models/datasync.json +++ b/codegen/sdk-codegen/aws-models/datasync.json @@ -1276,7 +1276,7 @@ "ServerCertificate": { "target": "com.amazonaws.datasync#ObjectStorageCertificate", "traits": { - "smithy.api#documentation": "

Specifies a file with the certificates that are used to sign the object storage server's\n certificate (for example, file:///home/user/.ssh/storage_sys_certificate.pem).\n The file you specify must include the following:

\n \n

The file can be up to 32768 bytes (before base64 encoding).

\n

To use this parameter, configure ServerProtocol to HTTPS.

" + "smithy.api#documentation": "

Specifies a certificate chain for DataSync to authenticate with your object\n storage system if the system uses a private or self-signed certificate authority (CA). You\n must specify a single .pem file with a full certificate chain (for example,\n file:///home/user/.ssh/object_storage_certificates.pem).

\n

The certificate chain might include:

\n \n

You can concatenate your certificates into a .pem file (which can be up to\n 32768 bytes before base64 encoding). The following example cat command creates an\n object_storage_certificates.pem file that includes three certificates:

\n

\n cat object_server_certificate.pem intermediate_certificate.pem\n ca_root_certificate.pem > object_storage_certificates.pem\n

\n

To use this parameter, configure ServerProtocol to HTTPS.

" } } }, @@ -2657,7 +2657,7 @@ "ServerCertificate": { "target": "com.amazonaws.datasync#ObjectStorageCertificate", "traits": { - "smithy.api#documentation": "

The self-signed certificate that DataSync uses to securely authenticate with\n your object storage system.

" + "smithy.api#documentation": "

The certificate chain for DataSync to authenticate with your object storage\n system if the system uses a private or self-signed certificate authority (CA).

" } } }, @@ -8723,7 +8723,7 @@ "Status": { "target": "com.amazonaws.datasync#ScheduleStatus", "traits": { - "smithy.api#documentation": "

Specifies whether to enable or disable your task schedule. Your schedule is enabled by\n default, but there can be situations where you need to disable it. For example,\n you might need to pause a recurring transfer or fix an issue with your task or perform maintenance on your storage system.

\n

DataSync might disable your schedule automatically if your task fails repeatedly\n with the same error. For more information, see TaskScheduleDetails.

" + "smithy.api#documentation": "

Specifies whether to enable or disable your task schedule. Your schedule is enabled by\n default, but there can be situations where you need to disable it. For example, you might need\n to pause a recurring transfer to fix an issue with your task or perform maintenance on your\n storage system.

\n

DataSync might disable your schedule automatically if your task fails repeatedly\n with the same error. For more information, see TaskScheduleDetails.

" } } }, @@ -9290,7 +9290,7 @@ } ], "traits": { - "smithy.api#documentation": "

Updates some parameters of an existing object storage location that DataSync\n accesses for a transfer. For information about creating a self-managed object storage\n location, see Creating a location for object\n storage.

" + "smithy.api#documentation": "

Updates some parameters of an existing DataSync location for an object\n storage system.

" } }, "com.amazonaws.datasync#UpdateLocationObjectStorageRequest": { @@ -9342,7 +9342,7 @@ "ServerCertificate": { "target": "com.amazonaws.datasync#ObjectStorageCertificate", "traits": { - "smithy.api#documentation": "

Specifies a certificate to authenticate with an object storage system that uses a private\n or self-signed certificate authority (CA). You must specify a Base64-encoded .pem\n file (for example, file:///home/user/.ssh/storage_sys_certificate.pem). The\n certificate can be up to 32768 bytes (before Base64 encoding).

\n

To use this parameter, configure ServerProtocol to HTTPS.

\n

Updating the certificate doesn't interfere with tasks that you have in progress.

" + "smithy.api#documentation": "

Specifies a certificate chain for DataSync to authenticate with your object\n storage system if the system uses a private or self-signed certificate authority (CA). You\n must specify a single .pem file with a full certificate chain (for example,\n file:///home/user/.ssh/object_storage_certificates.pem).

\n

The certificate chain might include:

\n \n

You can concatenate your certificates into a .pem file (which can be up to\n 32768 bytes before base64 encoding). The following example cat command creates an\n object_storage_certificates.pem file that includes three certificates:

\n

\n cat object_server_certificate.pem intermediate_certificate.pem\n ca_root_certificate.pem > object_storage_certificates.pem\n

\n

To use this parameter, configure ServerProtocol to HTTPS.

\n

Updating this parameter doesn't interfere with tasks that you have in progress.

" } } },