AWS::Transfer::Connector As2Config - AWS CloudFormation

AWS::Transfer::Connector As2Config

A structure that contains the parameters for an AS2 connector object.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "BasicAuthSecretId" : String, "Compression" : String, "EncryptionAlgorithm" : String, "LocalProfileId" : String, "MdnResponse" : String, "MdnSigningAlgorithm" : String, "MessageSubject" : String, "PartnerProfileId" : String, "SigningAlgorithm" : String }

Properties

BasicAuthSecretId

Provides Basic authentication support to the AS2 Connectors API. To use Basic authentication, you must provide the name or Amazon Resource Name (ARN) of a secret in AWS Secrets Manager.

The default value for this parameter is null, which indicates that Basic authentication is not enabled for the connector.

If the connector should use Basic authentication, the secret needs to be in the following format:

{ "Username": "user-name", "Password": "user-password" }

Replace user-name and user-password with the credentials for the actual user that is being authenticated.

Note the following:

  • You are storing these credentials in Secrets Manager, not passing them directly into this API.

  • If you are using the API, SDKs, or CloudFormation to configure your connector, then you must create the secret before you can enable Basic authentication. However, if you are using the AWS management console, you can have the system create the secret for you.

If you have previously enabled Basic authentication for a connector, you can disable it by using the UpdateConnector API call. For example, if you are using the CLI, you can run the following command to remove Basic authentication:

update-connector --connector-id my-connector-id --as2-config 'BasicAuthSecretId=""'

Required: No

Type: String

Minimum: 0

Maximum: 2048

Update requires: No interruption

Compression

Specifies whether the AS2 file is compressed.

Required: No

Type: String

Allowed values: ZLIB | DISABLED

Update requires: No interruption

EncryptionAlgorithm

The algorithm that is used to encrypt the file.

Note the following:

  • Do not use the DES_EDE3_CBC algorithm unless you must support a legacy client that requires it, as it is a weak encryption algorithm.

  • You can only specify NONE if the URL for your connector uses HTTPS. Using HTTPS ensures that no traffic is sent in clear text.

Required: No

Type: String

Allowed values: AES128_CBC | AES192_CBC | AES256_CBC | NONE | DES_EDE3_CBC

Update requires: No interruption

LocalProfileId

A unique identifier for the AS2 local profile.

Required: No

Type: String

Pattern: ^p-([0-9a-f]{17})$

Minimum: 19

Maximum: 19

Update requires: No interruption

MdnResponse

Used for outbound requests (from an AWS Transfer Family server to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:

  • SYNC: The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).

  • NONE: Specifies that no MDN response is required.

Required: No

Type: String

Allowed values: SYNC | NONE

Update requires: No interruption

MdnSigningAlgorithm

The signing algorithm for the MDN response.

Note

If set to DEFAULT (or not set at all), the value for SigningAlgorithm is used.

Required: No

Type: String

Allowed values: SHA256 | SHA384 | SHA512 | SHA1 | NONE | DEFAULT

Update requires: No interruption

MessageSubject

Used as the Subject HTTP header attribute in AS2 messages that are being sent with the connector.

Required: No

Type: String

Pattern: ^[\u0020-\u007E\t]+$

Minimum: 1

Maximum: 1024

Update requires: No interruption

PartnerProfileId

A unique identifier for the partner profile for the connector.

Required: No

Type: String

Pattern: ^p-([0-9a-f]{17})$

Minimum: 19

Maximum: 19

Update requires: No interruption

SigningAlgorithm

The algorithm that is used to sign the AS2 messages sent with the connector.

Required: No

Type: String

Allowed values: SHA256 | SHA384 | SHA512 | SHA1 | NONE

Update requires: No interruption