### Example SFTP Connection Source: https://docs.aws.amazon.com/transfer/latest/userguide/workflow-decrypt-tutorial.md An example of the SFTP connection command, showing how to specify the private key file and the user@endpoint. ```bash sftp -i ~/.ssh/decrypt-user decrypt-user@s-11112222333344445.server.transfer.us-east-2.amazonaws.com ``` -------------------------------- ### AWS CLI Example for ListHostKeys Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_ListHostKeys.md This example demonstrates how to list host keys for a specific server using the AWS Command Line Interface. ```bash aws transfer list-host-keys --server-id s-1234567890abcdef0 ``` -------------------------------- ### Example VPC Endpoint Connection Source: https://docs.aws.amazon.com/transfer/latest/userguide/as2-example-tutorial.md An example of the curl command with sample values for connecting to a VPC endpoint. ```bash curl -vv -X POST http://vpce-0123456789abcdefg-fghij123.vpce-svc-11111aaaa2222bbbb.us-east-1.vpce.amazonaws.com:5080 ``` -------------------------------- ### Example ListServers Request Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_ListServers.md This example demonstrates how to call the ListServers API with specific parameters to retrieve a limited number of servers and a token for the next page of results. ```json { "MaxResults": 1, "NextToken": "token-from-previous-API-call" } ``` -------------------------------- ### StartRemoteMove CLI Example Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_StartRemoteMove.md This example demonstrates how to use the AWS CLI to move a file on the remote SFTP server. It specifies the connector ID, source path, and target path, and returns a Move ID. ```bash aws transfer --connector-id c-AAAA1111BBBB2222C start-remote-move \ --source-path /source/folder/sourceFile --target-path /destination/targetFile ``` -------------------------------- ### SFTP Server URL Example Source: https://docs.aws.amazon.com/transfer/latest/userguide/sftp-connectors-tutorial.md Example URL for a Transfer Family SFTP server. Replace the placeholder with your actual server ID. ```text sftp://s-{{1111aaaa2222bbbb3}}.server.transfer.us-east-1.amazonaws.com ``` -------------------------------- ### SFTP Configuration File Example Source: https://docs.aws.amazon.com/transfer/latest/userguide/create-sftp-connector-procedure.md Example of an SFTP configuration file (testSFTPConfig.json) containing the UserSecretId for SFTP credentials and TrustedHostKeys for server identification. The SecretId can be the full ARN or just the secret name. ```json // Listing for testSFTPConfig.json { "UserSecretId": "arn:aws::secretsmanager:{{us-east-2}}:{{123456789012}}:secret:aws/transfer/{{example-username-key}}", "TrustedHostKeys": [ "{{sftp.example.com ssh-rsa AAAAbbbb...EEEE=}}" ] } ``` -------------------------------- ### Example SFTP Connection and Lambda Event Output Source: https://docs.aws.amazon.com/transfer/latest/userguide/custom-lambda-idp.md This example shows how a user connects via SFTP and the resulting event message that would be logged by the Lambda function, demonstrating the captured username and password. ```bash sftp bobusa@server_hostname ``` ```text Enter password: mysecretpassword ``` ```json { "username": "bobusa", "password": "mysecretpassword", "protocol": "SFTP", "serverId": "s-abcd123456", "sourceIp": "192.168.0.100" } ``` -------------------------------- ### CreateWorkflow CLI Example Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_CreateWorkflow.md This example demonstrates how to create a workflow using the AWS CLI by specifying a description, workflow steps from a JSON file, and the desired region. ```APIDOC ## aws transfer create-workflow ### Description Creates a new workflow with specified steps and description. ### Method POST ### Endpoint / ### Parameters #### Query Parameters - **--description** (string) - Required - A description for the workflow. - **--steps** (string) - Required - The workflow steps, either as a JSON string or a file path (e.g., file://example-file.json). - **--region** (string) - Required - The AWS region to create the workflow in. ### Request Example ```bash aws transfer create-workflow --description "example workflow from a file" --steps file://example-file.json --region us-east-1 ``` ### Response #### Success Response (200) - **WorkflowId** (string) - The ID of the newly created workflow. #### Response Example ```json { "WorkflowId": "w-1234abcd5678efghi" } ``` ``` -------------------------------- ### Import SSH Public Key Response Example Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_ImportSshPublicKey.md Example of the JSON response returned after a successful import of an SSH public key. ```json { "ServerId": "s-021345abcdef6789", "SshPublicKeyId": "key-1234567890abcdef0", "UserName": "jane-doe" } ``` -------------------------------- ### Resource Configuration ARN Example Source: https://docs.aws.amazon.com/transfer/latest/userguide/sftp-connectors-tutorial.md Example ARN for a VPC Lattice Resource Configuration. Replace placeholders with your account ID and resource configuration ID. ```text arn:aws:vpc-lattice:us-east-1:{{account-id}}:resourceconfiguration/rcfg-{{12345678}} ``` -------------------------------- ### CreateProfile CLI Example Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_CreateProfile.md An example of how to use the AWS CLI to create a profile. This command requires the AS2 ID and certificate IDs, which are obtained from previous operations like import-certificate. ```bash aws transfer create-profile --as2-id MYCORP --certificate-ids c-abcdefg123456hijk c-987654aaaa321bbbb ``` -------------------------------- ### SFTP Connector Directory Listing Completed Event Example Source: https://docs.aws.amazon.com/transfer/latest/userguide/events-detail-reference.md This example shows a completed directory listing event from an SFTP connector, including details about the listing, remote path, and output file location. ```json { "version": "0", "id": "event-ID", "detail-type": "SFTP Connector Directory Listing Completed", "source": "aws.transfer", "account": "123456789012", "time": "2024-01-24T18:28:08Z", "region": "us-east-1", "resources": [ "arn:aws:transfer:us-east-1:123456789012:connector/c-f1111aaaa2222bbbb3" ], "detail": { "max-items": 10000, "connector-id": "c-fc68000012345aa18", "output-directory-path": "/amzn-s3-demo-bucket/example/file-listing-output", "listing-id": "123456-23aa-7980-abc1-1a2b3c4d5e", "url": "sftp://s-21a23456789012a.server.transfer.us-east-1.amazonaws.com", "status-code": "COMPLETED", "remote-directory-path": "/home", "item-count": 10000, "truncated": true, "start-timestamp": "2024-01-24T18:28:07.632388Z", "end-timestamp": "2024-01-24T18:28:07.774898Z", "output-file-location": { "domain": "S3", "bucket": "amzn-s3-demo-bucket", "key": "c-fc1ab90fd0d047e7a-70987273-49nn-4006-bab1-1a7290cc412ba.json" } } } ``` -------------------------------- ### Example ssh-keygen Output Source: https://docs.aws.amazon.com/transfer/latest/userguide/macOS-linux-unix-ssh.md This is an example of the output you will see when running the `ssh-keygen` command to generate an RSA 4096-bit key pair. It shows the prompts for passphrase entry and confirmation of key pair generation. ```bash ssh-keygen -t rsa -b 4096 -f key_name Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in key_name. Your public key has been saved in key_name.pub. The key fingerprint is: SHA256:8tDDwPmanTFcEzjTwPGETVWOGW1nVz+gtCCE8hL7PrQ bob.amazon.com The key's randomart image is: +---[RSA 4096]----+ | . ....E | | . = ... | |. . . = ..o | | . o + oo = | | + = .S.= * | | . o o ..B + o | | .o.+.* . | | =o*+*. | | ..*o*+. | +----[SHA256]-----+ ``` -------------------------------- ### HomeDirectoryMapEntry Example Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_CreateAccess.md An example of a HomeDirectoryMapEntry object, used to define logical directory mappings for user access. It specifies how a logical path (Entry) maps to an actual S3 or EFS path (Target). ```json [ { "Entry": "/directory1", "Target": "/bucket_name/home/mydirectory" } ] ``` -------------------------------- ### SFTP Key Negotiation Failure Example Source: https://docs.aws.amazon.com/transfer/latest/userguide/connector-troubleshooting.md This example shows a typical error message indicating a mismatch in host key algorithms between the client and server. Ensure there is at least one common algorithm. ```text Key exchange negotiation failed due to incompatible host key algorithms. Client offered: [ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, rsa-sha2-512, rsa-sha2-256] Server offered: [ssh-rsa] ``` -------------------------------- ### Start File Transfer from Local AWS Storage to SFTP Server Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_StartFileTransfer.md Starts a file transfer from local AWS storage to a remote SFTP server. This example specifies the source files and the destination directory on the SFTP server. ```json { "ConnectorId": "c-01234567890abcdef", "SendFilePaths": [ "/amzn-s3-demo-bucket/myfile-1.txt", "/amzn-s3-demo-bucket/myfile-2.txt", "/amzn-s3-demo-bucket/myfile-3.txt" ], "RemoteDirectoryPath": "/MySFTPRootFolder/fromTranferFamilyServer" } ``` -------------------------------- ### Example HomeDirectory Configuration Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_DescribedAccess.md Illustrates the format for specifying a user's landing directory in Amazon S3 or Amazon EFS. ```text /bucket_name/home/mydirectory ``` -------------------------------- ### SFTP, FTPS, and FTP Server Event Payload Source: https://docs.aws.amazon.com/transfer/latest/userguide/events-detail-reference.md This is an example of the event payload structure for SFTP, FTPS, and FTP server activities. It includes a session ID and a start timestamp. ```json { "session-id": "session-ID", "start-timestamp": "2025-05-15T16:20:04.706282454Z" } } ``` -------------------------------- ### Start File Transfer from SFTP Server to Local AWS Storage Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_StartFileTransfer.md Initiates a file transfer from a remote SFTP server to local AWS storage. This example specifies the files to retrieve from the SFTP server and the local directory for storage. ```json { "ConnectorId": "c-111122223333AAAAA", "RetrieveFilePaths": [ "/MySFTPFolder/toTranferFamily/myfile-1.txt", "/MySFTPFolder/toTranferFamily/myfile-2.txt", "/MySFTPFolder/toTranferFamily/myfile-3.txt" ], "LocalDirectoryPath": "/amzn-s3-demo-bucket/mySourceFiles" } ``` -------------------------------- ### Display GPG Help and Options Source: https://docs.aws.amazon.com/transfer/latest/userguide/generate-pgp-keys.md Lists all available GPG options and may include usage examples. Useful for exploring GPG functionality. ```bash gpg --help ``` -------------------------------- ### ThrottlingException Example Source: https://docs.aws.amazon.com/transfer/latest/userguide/api-welcome.md An example of a ThrottlingException error response, indicating that the request rate has been exceeded. ```APIDOC ## ThrottlingException Example ### Description This is an example of an error response when the API request rate has been exceeded, leading to throttling. ### Response Body #### Error Response Fields - **\[__type\]** (string) - `ThrottlingException` - **RetryAfterSeconds** (string) - The number of seconds to wait before retrying the request. ### Response Example ```json { "__type":"ThrottlingException", "RetryAfterSeconds":"1" } ``` ``` -------------------------------- ### ResourceNotFoundException Example Source: https://docs.aws.amazon.com/transfer/latest/userguide/api-welcome.md An example of a ResourceNotFoundException error response, typically returned when a specified server does not exist. ```APIDOC ## ResourceNotFoundException Example ### Description This is an example of an error response when the requested resource, such as a server, is not found. ### Response Body #### Error Response Fields - **\[__type\]** (string) - `ResourceNotFoundException` - **Message** (string) - A message indicating that the server was not found. - **Resource** (string) - The ID of the server that was not found. - **ResourceType** (string) - `Server` ### Response Example ```json { "__type": "ResourceNotFoundException", "Message": "Unknown server", "Resource": "s-11112222333344444", "ResourceType": "Server" } ``` ``` -------------------------------- ### Create a Server with Structured Logging Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_CreateServer This example creates a server with SFTP protocol and configures structured logging by specifying a CloudWatch Logs log group ARN. ```bash aws transfer create-server --identity-provider-type SERVICE_MANAGED --endpoint-type PUBLIC --protocols SFTP --structured-log-destinations "arn:aws:logs:us-east-1:111122223333:log-group:mytestgroup:*" ``` -------------------------------- ### ResourceExistsException Example Source: https://docs.aws.amazon.com/transfer/latest/userguide/api-welcome.md An example of a ResourceExistsException error response, returned when attempting to create a resource that already exists. ```APIDOC ## ResourceExistsException Example ### Description This is an example of an error response when attempting to create a resource, such as a user, that already exists. ### Response Body #### Error Response Fields - **\[__type\]** (string) - `ResourceExistsException` - **Message** (string) - A message indicating that the resource already exists. - **Resource** (string) - The name or identifier of the existing resource. - **ResourceType** (string) - The type of the resource that already exists. ### Response Example ```json { "__type": "ResourceExistsException", "Message": "User already exists", "Resource": "Alejandro-Rosalez", "ResourceType": "User" } ``` ``` -------------------------------- ### AWS CLI Example for DescribeUser Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_DescribeUser.md Demonstrates how to use the AWS Command Line Interface to describe an existing user, providing the server ID and user name. ```bash aws transfer describe-user --server-id s-1111aaaa2222bbbb3 --user-name bob-test ``` -------------------------------- ### AccessDeniedException Example Source: https://docs.aws.amazon.com/transfer/latest/userguide/api-welcome.md An example of an AccessDeniedException error response, returned when the user lacks sufficient permissions to perform an action. ```APIDOC ## AccessDeniedException Example ### Description This is an example of an error response when the caller does not have the necessary permissions to perform the requested action. ### Response Body #### Error Response Fields - **\[__type\]** (string) - `AccessDeniedException` - **Message** (string) - A message indicating insufficient access. ### Response Example ```json { "__type": "AccessDeniedException", "Message": "You do not have sufficient access to perform this action." } ``` ``` -------------------------------- ### ResourceExistsException Error Example Source: https://docs.aws.amazon.com/transfer/latest/userguide/api-welcome.md Example of a JSON error response when attempting to create a resource, such as a user, that already exists. ```json { "__type": "ResourceExistsException", "Message": "User already exists", "Resource": "Alejandro-Rosalez", "ResourceType": "User" } ``` -------------------------------- ### ResourceNotFoundException Error Example Source: https://docs.aws.amazon.com/transfer/latest/userguide/api-welcome.md Example of a JSON error response when the DescribeServer API is called with a non-existent server ID. ```json { "__type": "ResourceNotFoundException", "Message": "Unknown server", "Resource": "s-11112222333344444", "ResourceType": "Server" } ``` -------------------------------- ### StartDirectoryListing Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_StartDirectoryListing.md Retrieves a list of the contents of a directory from a remote SFTP server. You specify the connector ID, the output path, and the remote directory path. You can also specify the optional `MaxItems` value to control the maximum number of items that are listed from the remote directory. ```APIDOC ## StartDirectoryListing ### Description Retrieves a list of the contents of a directory from a remote SFTP server. You specify the connector ID, the output path, and the remote directory path. You can also specify the optional `MaxItems` value to control the maximum number of items that are listed from the remote directory. This API returns a list of all files and directories in the remote directory (up to the maximum value), but does not return files or folders in sub-directories. That is, it only returns a list of files and directories one-level deep. ### Method POST ### Endpoint / ### Parameters #### Request Body - **ConnectorId** (string) - Required - The unique identifier for the connector. - **MaxItems** (number) - Optional - An optional parameter where you can specify the maximum number of file/directory names to retrieve. The default value is 1,000. - **OutputDirectoryPath** (string) - Required - Specifies the path (bucket and prefix) in Amazon S3 storage to store the results of the directory listing. - **RemoteDirectoryPath** (string) - Required - Specifies the directory on the remote SFTP server for which you want to list its contents. ### Request Example ```json { "ConnectorId": "{{string}}", "MaxItems": {{number}}, "OutputDirectoryPath": "{{string}}", "RemoteDirectoryPath": "{{string}}" } ``` ### Response #### Success Response (200) - **ListingId** (string) - Returns a unique identifier for the directory listing call. - **OutputFileName** (string) - Returns the file name where the results are stored. This is a combination of the connector ID and the listing ID: `-.json`. #### Response Example ```json { "ListingId": "string", "OutputFileName": "string" } ``` ``` -------------------------------- ### Virtual Directory Structure Example Source: https://docs.aws.amazon.com/transfer/latest/userguide/implement-log-dirs.md Create multiple Entry/Target pairings to establish a virtual directory structure, allowing users to access sub-directories across different S3 buckets or EFS file systems. ```json [ {"Entry": "/pics", "Target": "/amzn-s3-demo-bucket1/pics"}, {"Entry": "/doc", "Target": "/amzn-s3-demo-bucket1/anotherpath/docs"}, {"Entry": "/reporting", "Target": "/amzn-s3-demo-bucket2/Q1"}, {"Entry": "/anotherpath/subpath/financials", "Target": "/amzn-s3-demo-bucket2/financials"}] ``` -------------------------------- ### StartDirectoryListing Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_StartDirectoryListing.md Initiates a directory listing for a specified connector and outputs the results to an Amazon S3 location. This operation is useful for retrieving the contents of a remote directory. ```APIDOC ## StartDirectoryListing ### Description Initiates a directory listing for a specified connector and outputs the results to an Amazon S3 location. ### Method POST ### Endpoint / ### Parameters #### Request Body - **ConnectorId** (string) - Required - The ID of the connector. - **MaxItems** (string) - Optional - An integer specifying the maximum number of items to return. - **OutputDirectoryPath** (string) - Required - The S3 path where the listing results will be saved. - **RemoteDirectoryPath** (string) - Required - The path of the remote directory to list. ### Request Example { "ConnectorId": "c-AAAA1111BBBB2222C", "MaxItems": "10", "OutputDirectoryPath": "/amzn-s3-demo-bucket/connector-files", "RemoteDirectoryPath": "/home" } ### Response #### Success Response (200) - **ListingId** (string) - The unique identifier for the directory listing operation. - **OutputFileName** (string) - The name of the file where the listing results are saved in the specified S3 output directory. #### Response Example { "ListingId": "6666abcd-11aa-22bb-cc33-0000aaaa3333", "OutputFileName": "c-AAAA1111BBBB2222C-6666abcd-11aa-22bb-cc33-0000aaaa3333.json" } ``` -------------------------------- ### ThrottlingException Error Example Source: https://docs.aws.amazon.com/transfer/latest/userguide/api-welcome.md Example of a JSON error response indicating that an API call has been throttled and providing a retry delay. ```json { "__type":"ThrottlingException", "RetryAfterSeconds":"1" } ``` -------------------------------- ### Delete User Example Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_DeleteUser.md This example demonstrates how to delete a Transfer Family user by providing the ServerId and UserName in the request body. ```json { "ServerId": "s-01234567890abcdef", "UserNames": "my_user" } ``` -------------------------------- ### ListExecutions CLI Example with Pagination Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_ListExecutions.md This AWS CLI command demonstrates how to list executions and use the NextToken parameter for pagination to retrieve subsequent sets of results. ```bash aws transfer list-executions --max-results 10 --next-token $somePointerReturnedFromPreviousListResult ``` -------------------------------- ### Create a Server with AS2 Protocol and Workflow Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_CreateServer This example creates a server for AS2 protocol, specifying VPC endpoint, Lambda identity provider, and configuring a workflow for file uploads. ```bash aws transfer create-server --identity-provider-type AWS_LAMBDA --endpoint-type VPC_ENDPOINT --protocols AS2 --invocation-role arn:aws:iam::111122223333:role/my-invocation-role --vpc-id vpc-1234567890abcdef0 --subnet-ids subnet-0123456789abcdef0 --security-group-ids sg-0123456789abcdef0 --url http://lambda.example.com --workflow-details "{\"WorkflowId\": \"w-1234567890abcdef0\", \"ExecutionRole\": \"arn:aws:iam::111122223333:role/my-workflow-execution-role\"}" ``` -------------------------------- ### Install GPG on Debian/Ubuntu Source: https://docs.aws.amazon.com/transfer/latest/userguide/generate-pgp-keys.md Use this command to install the GnuPG package on systems using apt-get package manager, such as Debian or Ubuntu. ```bash sudo apt-get install gnupg ``` -------------------------------- ### Create a Server with Public Endpoint Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_CreateServer This example shows how to create a server with a public endpoint, using service-managed users and SFTP protocol. It includes S3 storage options and a security policy. ```bash aws transfer create-server --identity-provider-type SERVICE_MANAGED --endpoint-type PUBLIC --protocols SFTP --invocation-role arn:aws:iam::111122223333:role/my-invocation-role --s3-storage-options "{\"Type\": \"DIRECTORY\"}" --security-policy-name TransferSecurityPolicy-2022-03 ``` -------------------------------- ### Create Certificate Configuration Files Source: https://docs.aws.amazon.com/transfer/latest/userguide/as2-example-tutorial.md Define the key usage for signing and encryption certificates using configuration files. ```text authorityKeyIdentifier=keyid,issuer keyUsage = digitalSignature, nonRepudiation ``` ```text authorityKeyIdentifier=keyid,issuer keyUsage = dataEncipherment ``` -------------------------------- ### Show GPG Key Preferences Source: https://docs.aws.amazon.com/transfer/latest/userguide/workflow-issues.md Within the GPG edit prompt, use 'showpref' to view the currently configured preferred algorithms for the selected key. ```bash showpref ``` -------------------------------- ### Example ListTagsForResource Response Source: https://docs.aws.amazon.com/transfer/latest/APIReference/API_ListTagsForResource.md This example shows a typical response from the ListTagsForResource API, detailing the tags associated with a resource, including their keys and values. ```json { "Tags": [ { "Key": "Name", "Value": "MyServer" } ] } ``` -------------------------------- ### AccessDeniedException Error Example Source: https://docs.aws.amazon.com/transfer/latest/userguide/api-welcome.md Example of a JSON error response when a user lacks sufficient permissions to perform an action, such as creating a Transfer Family server. ```json { "__type": "AccessDeniedException", "Message": "You do not have sufficient access to perform this action." } ```