Skip to content

Commit

Permalink
docs(client-datasync): Updated guidance on using private or self-sign…
Browse files Browse the repository at this point in the history 
…ed certificate authorities (CAs) with AWS DataSync object storage locations.
  • Loading branch information
awstools committed May 3, 2024
1 parent c97f84a commit c4eb11d
Show file tree
Hide file tree
Showing 3 changed files with 51 additions and 28 deletions.
6 changes: 2 additions & 4 deletions clients/client-datasync/src/commands/UpdateLocationObjectStorageCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,8 @@ export interface UpdateLocationObjectStorageCommandOutput
__MetadataBearer {}

/**
* <p>Updates some parameters of an existing object storage location that DataSync
* accesses for a transfer. For information about creating a self-managed object storage
* location, see <a href="https://docs.aws.amazon.com/datasync/latest/userguide/create-object-location.html">Creating a location for object
* storage</a>.</p>
* <p>Updates some parameters of an existing DataSync location for an object
* storage system.</p>
* @example
* Use a bare-bones client and the command you need to make an API call.
* ```javascript
Expand Down
63 changes: 44 additions & 19 deletions clients/client-datasync/src/models/models_0.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1470,24 +1470,29 @@ export interface CreateLocationObjectStorageRequest {
Tags?: TagListEntry[];

/**
* <p>Specifies a file with the certificates that are used to sign the object storage server's
* certificate (for example, <code>file:///home/user/.ssh/storage_sys_certificate.pem</code>).
* The file you specify must include the following:</p>
* <p>Specifies a certificate chain for DataSync to authenticate with your object
* storage system if the system uses a private or self-signed certificate authority (CA). You
* must specify a single <code>.pem</code> file with a full certificate chain (for example,
* <code>file:///home/user/.ssh/object_storage_certificates.pem</code>).</p>
* <p>The certificate chain might include:</p>
* <ul>
* <li>
* <p>The certificate of the signing certificate authority (CA)</p>
* <p>The object storage system's certificate</p>
* </li>
* <li>
* <p>Any intermediate certificates</p>
* <p>All intermediate certificates (if there are any)</p>
* </li>
* <li>
* <p>base64 encoding</p>
* </li>
* <li>
* <p>A <code>.pem</code> extension</p>
* <p>The root certificate of the signing CA</p>
* </li>
* </ul>
* <p>The file can be up to 32768 bytes (before base64 encoding).</p>
* <p>You can concatenate your certificates into a <code>.pem</code> file (which can be up to
* 32768 bytes before base64 encoding). The following example <code>cat</code> command creates an
* <code>object_storage_certificates.pem</code> file that includes three certificates:</p>
* <p>
* <code>cat object_server_certificate.pem intermediate_certificate.pem
* ca_root_certificate.pem > object_storage_certificates.pem</code>
* </p>
* <p>To use this parameter, configure <code>ServerProtocol</code> to <code>HTTPS</code>.</p>
* @public
*/
Expand Down Expand Up @@ -2440,8 +2445,9 @@ export interface TaskSchedule {

/**
* <p>Specifies whether to enable or disable your task schedule. Your schedule is enabled by
* default, but there can be situations where you need to disable it. For example,
* you might need to pause a recurring transfer or fix an issue with your task or perform maintenance on your storage system.</p>
* default, but there can be situations where you need to disable it. For example, you might need
* to pause a recurring transfer to fix an issue with your task or perform maintenance on your
* storage system.</p>
* <p>DataSync might disable your schedule automatically if your task fails repeatedly
* with the same error. For more information, see <a href="https://docs.aws.amazon.com/datasync/latest/userguide/API_TaskScheduleDetails.html">TaskScheduleDetails</a>.</p>
* @public
Expand Down Expand Up @@ -3529,8 +3535,8 @@ export interface DescribeLocationObjectStorageResponse {
CreationTime?: Date;

/**
* <p>The self-signed certificate that DataSync uses to securely authenticate with
* your object storage system.</p>
* <p>The certificate chain for DataSync to authenticate with your object storage
* system if the system uses a private or self-signed certificate authority (CA).</p>
* @public
*/
ServerCertificate?: Uint8Array;
Expand Down Expand Up @@ -6122,12 +6128,31 @@ export interface UpdateLocationObjectStorageRequest {
AgentArns?: string[];

/**
* <p>Specifies a certificate to authenticate with an object storage system that uses a private
* or self-signed certificate authority (CA). You must specify a Base64-encoded <code>.pem</code>
* file (for example, <code>file:///home/user/.ssh/storage_sys_certificate.pem</code>). The
* certificate can be up to 32768 bytes (before Base64 encoding).</p>
* <p>Specifies a certificate chain for DataSync to authenticate with your object
* storage system if the system uses a private or self-signed certificate authority (CA). You
* must specify a single <code>.pem</code> file with a full certificate chain (for example,
* <code>file:///home/user/.ssh/object_storage_certificates.pem</code>).</p>
* <p>The certificate chain might include:</p>
* <ul>
* <li>
* <p>The object storage system's certificate</p>
* </li>
* <li>
* <p>All intermediate certificates (if there are any)</p>
* </li>
* <li>
* <p>The root certificate of the signing CA</p>
* </li>
* </ul>
* <p>You can concatenate your certificates into a <code>.pem</code> file (which can be up to
* 32768 bytes before base64 encoding). The following example <code>cat</code> command creates an
* <code>object_storage_certificates.pem</code> file that includes three certificates:</p>
* <p>
* <code>cat object_server_certificate.pem intermediate_certificate.pem
* ca_root_certificate.pem > object_storage_certificates.pem</code>
* </p>
* <p>To use this parameter, configure <code>ServerProtocol</code> to <code>HTTPS</code>.</p>
* <p>Updating the certificate doesn't interfere with tasks that you have in progress.</p>
* <p>Updating this parameter doesn't interfere with tasks that you have in progress.</p>
* @public
*/
ServerCertificate?: Uint8Array;
Expand Down
10 changes: 5 additions & 5 deletions codegen/sdk-codegen/aws-models/datasync.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1276,7 +1276,7 @@
"ServerCertificate": {
"target": "com.amazonaws.datasync#ObjectStorageCertificate",
"traits": {
"smithy.api#documentation": "<p>Specifies a file with the certificates that are used to sign the object storage server's\n certificate (for example, <code>file:///home/user/.ssh/storage_sys_certificate.pem</code>).\n The file you specify must include the following:</p>\n <ul>\n <li>\n <p>The certificate of the signing certificate authority (CA)</p>\n </li>\n <li>\n <p>Any intermediate certificates</p>\n </li>\n <li>\n <p>base64 encoding</p>\n </li>\n <li>\n <p>A <code>.pem</code> extension</p>\n </li>\n </ul>\n <p>The file can be up to 32768 bytes (before base64 encoding).</p>\n <p>To use this parameter, configure <code>ServerProtocol</code> to <code>HTTPS</code>.</p>"
"smithy.api#documentation": "<p>Specifies a certificate chain for DataSync to authenticate with your object\n storage system if the system uses a private or self-signed certificate authority (CA). You\n must specify a single <code>.pem</code> file with a full certificate chain (for example,\n <code>file:///home/user/.ssh/object_storage_certificates.pem</code>).</p>\n <p>The certificate chain might include:</p>\n <ul>\n <li>\n <p>The object storage system's certificate</p>\n </li>\n <li>\n <p>All intermediate certificates (if there are any)</p>\n </li>\n <li>\n <p>The root certificate of the signing CA</p>\n </li>\n </ul>\n <p>You can concatenate your certificates into a <code>.pem</code> file (which can be up to\n 32768 bytes before base64 encoding). The following example <code>cat</code> command creates an\n <code>object_storage_certificates.pem</code> file that includes three certificates:</p>\n <p>\n <code>cat object_server_certificate.pem intermediate_certificate.pem\n ca_root_certificate.pem > object_storage_certificates.pem</code>\n </p>\n <p>To use this parameter, configure <code>ServerProtocol</code> to <code>HTTPS</code>.</p>"
}
}
},
Expand Down Expand Up @@ -2657,7 +2657,7 @@
"ServerCertificate": {
"target": "com.amazonaws.datasync#ObjectStorageCertificate",
"traits": {
"smithy.api#documentation": "<p>The self-signed certificate that DataSync uses to securely authenticate with\n your object storage system.</p>"
"smithy.api#documentation": "<p>The certificate chain for DataSync to authenticate with your object storage\n system if the system uses a private or self-signed certificate authority (CA).</p>"
}
}
},
Expand Down Expand Up @@ -8723,7 +8723,7 @@
"Status": {
"target": "com.amazonaws.datasync#ScheduleStatus",
"traits": {
"smithy.api#documentation": "<p>Specifies whether to enable or disable your task schedule. Your schedule is enabled by\n default, but there can be situations where you need to disable it. For example,\n you might need to pause a recurring transfer or fix an issue with your task or perform maintenance on your storage system.</p>\n <p>DataSync might disable your schedule automatically if your task fails repeatedly\n with the same error. For more information, see <a href=\"https://docs.aws.amazon.com/datasync/latest/userguide/API_TaskScheduleDetails.html\">TaskScheduleDetails</a>.</p>"
"smithy.api#documentation": "<p>Specifies whether to enable or disable your task schedule. Your schedule is enabled by\n default, but there can be situations where you need to disable it. For example, you might need\n to pause a recurring transfer to fix an issue with your task or perform maintenance on your\n storage system.</p>\n <p>DataSync might disable your schedule automatically if your task fails repeatedly\n with the same error. For more information, see <a href=\"https://docs.aws.amazon.com/datasync/latest/userguide/API_TaskScheduleDetails.html\">TaskScheduleDetails</a>.</p>"
}
}
},
Expand Down Expand Up @@ -9290,7 +9290,7 @@
}
],
"traits": {
"smithy.api#documentation": "<p>Updates some parameters of an existing object storage location that DataSync\n accesses for a transfer. For information about creating a self-managed object storage\n location, see <a href=\"https://docs.aws.amazon.com/datasync/latest/userguide/create-object-location.html\">Creating a location for object\n storage</a>.</p>"
"smithy.api#documentation": "<p>Updates some parameters of an existing DataSync location for an object\n storage system.</p>"
}
},
"com.amazonaws.datasync#UpdateLocationObjectStorageRequest": {
Expand Down Expand Up @@ -9342,7 +9342,7 @@
"ServerCertificate": {
"target": "com.amazonaws.datasync#ObjectStorageCertificate",
"traits": {
"smithy.api#documentation": "<p>Specifies a certificate to authenticate with an object storage system that uses a private\n or self-signed certificate authority (CA). You must specify a Base64-encoded <code>.pem</code>\n file (for example, <code>file:///home/user/.ssh/storage_sys_certificate.pem</code>). The\n certificate can be up to 32768 bytes (before Base64 encoding).</p>\n <p>To use this parameter, configure <code>ServerProtocol</code> to <code>HTTPS</code>.</p>\n <p>Updating the certificate doesn't interfere with tasks that you have in progress.</p>"
"smithy.api#documentation": "<p>Specifies a certificate chain for DataSync to authenticate with your object\n storage system if the system uses a private or self-signed certificate authority (CA). You\n must specify a single <code>.pem</code> file with a full certificate chain (for example,\n <code>file:///home/user/.ssh/object_storage_certificates.pem</code>).</p>\n <p>The certificate chain might include:</p>\n <ul>\n <li>\n <p>The object storage system's certificate</p>\n </li>\n <li>\n <p>All intermediate certificates (if there are any)</p>\n </li>\n <li>\n <p>The root certificate of the signing CA</p>\n </li>\n </ul>\n <p>You can concatenate your certificates into a <code>.pem</code> file (which can be up to\n 32768 bytes before base64 encoding). The following example <code>cat</code> command creates an\n <code>object_storage_certificates.pem</code> file that includes three certificates:</p>\n <p>\n <code>cat object_server_certificate.pem intermediate_certificate.pem\n ca_root_certificate.pem > object_storage_certificates.pem</code>\n </p>\n <p>To use this parameter, configure <code>ServerProtocol</code> to <code>HTTPS</code>.</p>\n <p>Updating this parameter doesn't interfere with tasks that you have in progress.</p>"
}
}
},
Expand Down

0 comments on commit c4eb11d

Please sign in to comment.