AWS DataSync

{'Protocol': {'SMB': {'CmkSecretConfig': {'KmsKeyArn': 'string',
                                          'SecretArn': 'string'},
                      'CustomSecretConfig': {'SecretAccessRoleArn': 'string',
                                             'SecretArn': 'string'},
                      'ManagedSecretConfig': {'SecretArn': 'string'}}}}

Creates a transfer location for an Amazon FSx for NetApp ONTAP file system. DataSync can use this location as a source or destination for transferring data.

Before you begin, make sure that you understand how DataSync accesses FSx for ONTAP file systems.

See also: AWS API Documentation

Request Syntax

client.create_location_fsx_ontap(
    Protocol={
        'NFS': {
            'MountOptions': {
                'Version': 'AUTOMATIC'|'NFS3'|'NFS4_0'|'NFS4_1'
            }
        },
        'SMB': {
            'Domain': 'string',
            'MountOptions': {
                'Version': 'AUTOMATIC'|'SMB2'|'SMB3'|'SMB1'|'SMB2_0'
            },
            'Password': 'string',
            'User': 'string',
            'ManagedSecretConfig': {
                'SecretArn': 'string'
            },
            'CmkSecretConfig': {
                'SecretArn': 'string',
                'KmsKeyArn': 'string'
            },
            'CustomSecretConfig': {
                'SecretArn': 'string',
                'SecretAccessRoleArn': 'string'
            }
        }
    },
    SecurityGroupArns=[
        'string',
    ],
    StorageVirtualMachineArn='string',
    Subdirectory='string',
    Tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
)

type Protocol:

dict

param Protocol:

[REQUIRED]

Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system.

• NFS (dict) --

  Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for OpenZFS file system or FSx for ONTAP file system's storage virtual machine (SVM).

  • MountOptions (dict) --

    Specifies how DataSync can access a location using the NFS protocol.

    • Version (string) --

      Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.

      You can specify the following options:

      • AUTOMATIC (default): DataSync chooses NFS version 4.1.

      • NFS3: Stateless protocol version that allows for asynchronous writes on the server.

      • NFSv4_0: Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.

      • NFSv4_1: Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.

• SMB (dict) --

  Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM.

  • Domain (string) --

    Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.

    If you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.

    If you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.

  • MountOptions (dict) --

    Specifies the version of the Server Message Block (SMB) protocol that DataSync uses to access an SMB file server.

    • Version (string) --

      By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.

      These are the following options for configuring the SMB version:

      • AUTOMATIC (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1. This is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an Operation Not Supported error.

      • SMB3: Restricts the protocol negotiation to only SMB version 3.0.2.

      • SMB2: Restricts the protocol negotiation to only SMB version 2.1.

      • SMB2_0: Restricts the protocol negotiation to only SMB version 2.0.

      • SMB1: Restricts the protocol negotiation to only SMB version 1.0.

  • Password (string) --

    Specifies the password of a user who has permission to access your SVM.

  • User (string) -- [REQUIRED]

    Specifies a user that can mount and access the files, folders, and metadata in your SVM.

    For information about choosing a user with the right level of access for your transfer, see Using the SMB protocol.

  • ManagedSecretConfig (dict) --

    Describes configuration information for a DataSync-managed secret, such as a Password that DataSync uses to access a specific storage location. DataSync uses the default Amazon Web Services-managed KMS key to encrypt this secret in Secrets Manager.

    • SecretArn (string) --

      Specifies the ARN for an Secrets Manager secret.

  • CmkSecretConfig (dict) --

    Specifies configuration information for a DataSync-managed secret, which includes the password that DataSync uses to access a specific FSx for ONTAP storage location (using SMB), with a customer-managed KMS key.

    When you include this parameter as part of a CreateLocationFsxOntap request, you provide only the KMS key ARN. DataSync uses this KMS key together with the Password you specify for to create a DataSync-managed secret to store the location access credentials.

    Make sure that DataSync has permission to access the KMS key that you specify. For more information, see Using a service-managed secret encrypted with a custom KMS key.

    • SecretArn (string) --

      Specifies the ARN for the DataSync-managed Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for KmsKeyArn.

    • KmsKeyArn (string) --

      Specifies the ARN for the customer-managed KMS key that DataSync uses to encrypt the DataSync-managed secret stored for SecretArn. DataSync provides this key to Secrets Manager.

  • CustomSecretConfig (dict) --

    Specifies configuration information for a customer-managed Secrets Manager secret where the password for an FSx for ONTAP storage location (using SMB) is stored in plain text, in Secrets Manager. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret. For more information, see Using a secret that you manage.

    • SecretArn (string) --

      Specifies the ARN for an Secrets Manager secret.

    • SecretAccessRoleArn (string) --

      Specifies the ARN for the Identity and Access Management role that DataSync uses to access the secret specified for SecretArn.

type SecurityGroupArns:

list

param SecurityGroupArns:

[REQUIRED]

Specifies the Amazon EC2 security groups that provide access to your file system's preferred subnet.

The security groups must allow outbound traffic on the following ports (depending on the protocol you use):

• Network File System (NFS): TCP ports 111, 635, and 2049

• Server Message Block (SMB): TCP port 445

Your file system's security groups must also allow inbound traffic on the same ports.

• (string) --

type StorageVirtualMachineArn:

string

param StorageVirtualMachineArn:

[REQUIRED]

Specifies the ARN of the storage virtual machine (SVM) in your file system where you want to copy data to or from.

type Subdirectory:

string

param Subdirectory:

Specifies a path to the file share in the SVM where you want to transfer data to or from.

You can specify a junction path (also known as a mount point), qtree path (for NFS file shares), or share name (for SMB file shares). For example, your mount path might be /vol1, /vol1/tree1, or /share1.

type Tags:

list

param Tags:

Specifies labels that help you categorize, filter, and search for your Amazon Web Services resources. We recommend creating at least a name tag for your location.

• (dict) --

  A key-value pair representing a single tag that's been applied to an Amazon Web Services resource.

  • Key (string) -- [REQUIRED]

    The key for an Amazon Web Services resource tag.

  • Value (string) --

    The value for an Amazon Web Services resource tag.

rtype:

dict

returns:

Response Syntax

{
    'LocationArn': 'string'
}

Response Structure

• (dict) --

  • LocationArn (string) --

    Specifies the ARN of the FSx for ONTAP file system location that you create.

{'Protocol': {'SMB': {'CmkSecretConfig': {'KmsKeyArn': 'string',
                                          'SecretArn': 'string'},
                      'CustomSecretConfig': {'SecretAccessRoleArn': 'string',
                                             'SecretArn': 'string'},
                      'ManagedSecretConfig': {'SecretArn': 'string'}}}}

Creates a transfer location for an Amazon FSx for OpenZFS file system. DataSync can use this location as a source or destination for transferring data.

Before you begin, make sure that you understand how DataSync accesses FSx for OpenZFS file systems.

See also: AWS API Documentation

Request Syntax

client.create_location_fsx_open_zfs(
    FsxFilesystemArn='string',
    Protocol={
        'NFS': {
            'MountOptions': {
                'Version': 'AUTOMATIC'|'NFS3'|'NFS4_0'|'NFS4_1'
            }
        },
        'SMB': {
            'Domain': 'string',
            'MountOptions': {
                'Version': 'AUTOMATIC'|'SMB2'|'SMB3'|'SMB1'|'SMB2_0'
            },
            'Password': 'string',
            'User': 'string',
            'ManagedSecretConfig': {
                'SecretArn': 'string'
            },
            'CmkSecretConfig': {
                'SecretArn': 'string',
                'KmsKeyArn': 'string'
            },
            'CustomSecretConfig': {
                'SecretArn': 'string',
                'SecretAccessRoleArn': 'string'
            }
        }
    },
    SecurityGroupArns=[
        'string',
    ],
    Subdirectory='string',
    Tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
)

type FsxFilesystemArn:

string

param FsxFilesystemArn:

[REQUIRED]

The Amazon Resource Name (ARN) of the FSx for OpenZFS file system.

type Protocol:

dict

param Protocol:

[REQUIRED]

The type of protocol that DataSync uses to access your file system.

• NFS (dict) --

  Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for OpenZFS file system or FSx for ONTAP file system's storage virtual machine (SVM).

  • MountOptions (dict) --

    Specifies how DataSync can access a location using the NFS protocol.

    • Version (string) --

      Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.

      You can specify the following options:

      • AUTOMATIC (default): DataSync chooses NFS version 4.1.

      • NFS3: Stateless protocol version that allows for asynchronous writes on the server.

      • NFSv4_0: Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.

      • NFSv4_1: Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.

• SMB (dict) --

  Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM.

  • Domain (string) --

    Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.

    If you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.

    If you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.

  • MountOptions (dict) --

    Specifies the version of the Server Message Block (SMB) protocol that DataSync uses to access an SMB file server.

    • Version (string) --

      By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.

      These are the following options for configuring the SMB version:

      • AUTOMATIC (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1. This is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an Operation Not Supported error.

      • SMB3: Restricts the protocol negotiation to only SMB version 3.0.2.

      • SMB2: Restricts the protocol negotiation to only SMB version 2.1.

      • SMB2_0: Restricts the protocol negotiation to only SMB version 2.0.

      • SMB1: Restricts the protocol negotiation to only SMB version 1.0.

  • Password (string) --

    Specifies the password of a user who has permission to access your SVM.

  • User (string) -- [REQUIRED]

    Specifies a user that can mount and access the files, folders, and metadata in your SVM.

    For information about choosing a user with the right level of access for your transfer, see Using the SMB protocol.

  • ManagedSecretConfig (dict) --

    Describes configuration information for a DataSync-managed secret, such as a Password that DataSync uses to access a specific storage location. DataSync uses the default Amazon Web Services-managed KMS key to encrypt this secret in Secrets Manager.

    • SecretArn (string) --

      Specifies the ARN for an Secrets Manager secret.

  • CmkSecretConfig (dict) --

    Specifies configuration information for a DataSync-managed secret, which includes the password that DataSync uses to access a specific FSx for ONTAP storage location (using SMB), with a customer-managed KMS key.

    When you include this parameter as part of a CreateLocationFsxOntap request, you provide only the KMS key ARN. DataSync uses this KMS key together with the Password you specify for to create a DataSync-managed secret to store the location access credentials.

    Make sure that DataSync has permission to access the KMS key that you specify. For more information, see Using a service-managed secret encrypted with a custom KMS key.

    • SecretArn (string) --

      Specifies the ARN for the DataSync-managed Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for KmsKeyArn.

    • KmsKeyArn (string) --

      Specifies the ARN for the customer-managed KMS key that DataSync uses to encrypt the DataSync-managed secret stored for SecretArn. DataSync provides this key to Secrets Manager.

  • CustomSecretConfig (dict) --

    Specifies configuration information for a customer-managed Secrets Manager secret where the password for an FSx for ONTAP storage location (using SMB) is stored in plain text, in Secrets Manager. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret. For more information, see Using a secret that you manage.

    • SecretArn (string) --

      Specifies the ARN for an Secrets Manager secret.

    • SecretAccessRoleArn (string) --

      Specifies the ARN for the Identity and Access Management role that DataSync uses to access the secret specified for SecretArn.

type SecurityGroupArns:

list

param SecurityGroupArns:

[REQUIRED]

The ARNs of the security groups that are used to configure the FSx for OpenZFS file system.

• (string) --

type Subdirectory:

string

param Subdirectory:

A subdirectory in the location's path that must begin with /fsx. DataSync uses this subdirectory to read or write data (depending on whether the file system is a source or destination location).

type Tags:

list

param Tags:

The key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.

• (dict) --

  A key-value pair representing a single tag that's been applied to an Amazon Web Services resource.

  • Key (string) -- [REQUIRED]

    The key for an Amazon Web Services resource tag.

  • Value (string) --

    The value for an Amazon Web Services resource tag.

rtype:

dict

returns:

Response Syntax

{
    'LocationArn': 'string'
}

Response Structure

• (dict) --

  • LocationArn (string) --

    The ARN of the FSx for OpenZFS file system location that you created.

{'CmkSecretConfig': {'KmsKeyArn': 'string', 'SecretArn': 'string'},
 'CustomSecretConfig': {'SecretAccessRoleArn': 'string', 'SecretArn': 'string'}}

Creates a transfer location for an Amazon FSx for Windows File Server file system. DataSync can use this location as a source or destination for transferring data.

Before you begin, make sure that you understand how DataSync accesses FSx for Windows File Server file systems.

See also: AWS API Documentation

Request Syntax

client.create_location_fsx_windows(
    Subdirectory='string',
    FsxFilesystemArn='string',
    SecurityGroupArns=[
        'string',
    ],
    Tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ],
    User='string',
    Domain='string',
    Password='string',
    CmkSecretConfig={
        'SecretArn': 'string',
        'KmsKeyArn': 'string'
    },
    CustomSecretConfig={
        'SecretArn': 'string',
        'SecretAccessRoleArn': 'string'
    }
)

type Subdirectory:

string

param Subdirectory:

Specifies a mount path for your file system using forward slashes. This is where DataSync reads or writes data (depending on if this is a source or destination location).

type FsxFilesystemArn:

string

param FsxFilesystemArn:

[REQUIRED]

Specifies the Amazon Resource Name (ARN) for the FSx for Windows File Server file system.

type SecurityGroupArns:

list

param SecurityGroupArns:

[REQUIRED]

Specifies the ARNs of the Amazon EC2 security groups that provide access to your file system's preferred subnet.

The security groups that you specify must be able to communicate with your file system's security groups. For information about configuring security groups for file system access, see the Amazon FSx for Windows File Server User Guide.

• (string) --

type Tags:

list

param Tags:

Specifies labels that help you categorize, filter, and search for your Amazon Web Services resources. We recommend creating at least a name tag for your location.

• (dict) --

  A key-value pair representing a single tag that's been applied to an Amazon Web Services resource.

  • Key (string) -- [REQUIRED]

    The key for an Amazon Web Services resource tag.

  • Value (string) --

    The value for an Amazon Web Services resource tag.

type User:

string

param User:

[REQUIRED]

Specifies the user with the permissions to mount and access the files, folders, and file metadata in your FSx for Windows File Server file system.

For information about choosing a user with the right level of access for your transfer, see required permissions for FSx for Windows File Server locations.

type Domain:

string

param Domain:

Specifies the name of the Windows domain that the FSx for Windows File Server file system belongs to.

If you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right file system.

type Password:

string

param Password:

Specifies the password of the user with the permissions to mount and access the files, folders, and file metadata in your FSx for Windows File Server file system.

type CmkSecretConfig:

dict

param CmkSecretConfig:

Specifies configuration information for a DataSync-managed secret, which includes the password that DataSync uses to access a specific FSx Windows storage location, with a customer-managed KMS key.

When you include this parameter as part of a CreateLocationFsxWindows request, you provide only the KMS key ARN. DataSync uses this KMS key together with the Password you specify for to create a DataSync-managed secret to store the location access credentials.

Make sure that DataSync has permission to access the KMS key that you specify. For more information, see Using a service-managed secret encrypted with a custom KMS key.

• SecretArn (string) --

  Specifies the ARN for the DataSync-managed Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for KmsKeyArn.

• KmsKeyArn (string) --

  Specifies the ARN for the customer-managed KMS key that DataSync uses to encrypt the DataSync-managed secret stored for SecretArn. DataSync provides this key to Secrets Manager.

type CustomSecretConfig:

dict

param CustomSecretConfig:

Specifies configuration information for a customer-managed Secrets Manager secret where the password for an FSx for Windows File Server storage location is stored in plain text, in Secrets Manager. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret. For more information, see Using a secret that you manage.

• SecretArn (string) --

  Specifies the ARN for an Secrets Manager secret.

• SecretAccessRoleArn (string) --

  Specifies the ARN for the Identity and Access Management role that DataSync uses to access the secret specified for SecretArn.

rtype:

dict

returns:

Response Syntax

{
    'LocationArn': 'string'
}

Response Structure

• (dict) --

  • LocationArn (string) --

    The ARN of the FSx for Windows File Server file system location you created.

{'CmkSecretConfig': {'KmsKeyArn': 'string', 'SecretArn': 'string'},
 'CustomSecretConfig': {'SecretAccessRoleArn': 'string', 'SecretArn': 'string'}}

Creates a transfer location for a Hadoop Distributed File System (HDFS). DataSync can use this location as a source or destination for transferring data.

Before you begin, make sure that you understand how DataSync accesses HDFS clusters.

See also: AWS API Documentation

Request Syntax

client.create_location_hdfs(
    Subdirectory='string',
    NameNodes=[
        {
            'Hostname': 'string',
            'Port': 123
        },
    ],
    BlockSize=123,
    ReplicationFactor=123,
    KmsKeyProviderUri='string',
    QopConfiguration={
        'RpcProtection': 'DISABLED'|'AUTHENTICATION'|'INTEGRITY'|'PRIVACY',
        'DataTransferProtection': 'DISABLED'|'AUTHENTICATION'|'INTEGRITY'|'PRIVACY'
    },
    AuthenticationType='SIMPLE'|'KERBEROS',
    SimpleUser='string',
    KerberosPrincipal='string',
    KerberosKeytab=b'bytes',
    KerberosKrb5Conf=b'bytes',
    AgentArns=[
        'string',
    ],
    Tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ],
    CmkSecretConfig={
        'SecretArn': 'string',
        'KmsKeyArn': 'string'
    },
    CustomSecretConfig={
        'SecretArn': 'string',
        'SecretAccessRoleArn': 'string'
    }
)

type Subdirectory:

string

param Subdirectory:

A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to /.

type NameNodes:

list

param NameNodes:

[REQUIRED]

The NameNode that manages the HDFS namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes. You can use only one NameNode.

• (dict) --

  The NameNode of the Hadoop Distributed File System (HDFS). The NameNode manages the file system's namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes.

  • Hostname (string) -- [REQUIRED]

    The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network.

  • Port (integer) -- [REQUIRED]

    The port that the NameNode uses to listen to client requests.

type BlockSize:

integer

param BlockSize:

The size of data blocks to write into the HDFS cluster. The block size must be a multiple of 512 bytes. The default block size is 128 mebibytes (MiB).

type ReplicationFactor:

integer

param ReplicationFactor:

The number of DataNodes to replicate the data to when writing to the HDFS cluster. By default, data is replicated to three DataNodes.

type KmsKeyProviderUri:

string

param KmsKeyProviderUri:

The URI of the HDFS cluster's Key Management Server (KMS).

type QopConfiguration:

dict

param QopConfiguration:

The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the Hadoop Distributed File System (HDFS) cluster. If QopConfiguration isn't specified, RpcProtection and DataTransferProtection default to PRIVACY. If you set RpcProtection or DataTransferProtection, the other parameter assumes the same value.

• RpcProtection (string) --

  The RPC protection setting configured on the HDFS cluster. This setting corresponds to your hadoop.rpc.protection setting in your core-site.xml file on your Hadoop cluster.

• DataTransferProtection (string) --

  The data transfer protection setting configured on the HDFS cluster. This setting corresponds to your dfs.data.transfer.protection setting in the hdfs-site.xml file on your Hadoop cluster.

type AuthenticationType:

string

param AuthenticationType:

[REQUIRED]

The type of authentication used to determine the identity of the user.

type SimpleUser:

string

param SimpleUser:

The user name used to identify the client on the host operating system.

type KerberosPrincipal:

string

param KerberosPrincipal:

The Kerberos principal with access to the files and folders on the HDFS cluster.

type KerberosKeytab:

bytes

param KerberosKeytab:

The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. You can load the keytab from a file by providing the file's address.

type KerberosKrb5Conf:

bytes

param KerberosKrb5Conf:

The krb5.conf file that contains the Kerberos configuration information. You can load the krb5.conf file by providing the file's address. If you're using the CLI, it performs the base64 encoding for you. Otherwise, provide the base64-encoded text.

type AgentArns:

list

param AgentArns:

[REQUIRED]

The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your HDFS cluster.

• (string) --

type Tags:

list

param Tags:

The key-value pair that represents the tag that you want to add to the location. The value can be an empty string. We recommend using tags to name your resources.

• (dict) --

  A key-value pair representing a single tag that's been applied to an Amazon Web Services resource.

  • Key (string) -- [REQUIRED]

    The key for an Amazon Web Services resource tag.

  • Value (string) --

    The value for an Amazon Web Services resource tag.

type CmkSecretConfig:

dict

param CmkSecretConfig:

Specifies configuration information for a DataSync-managed secret, which includes the Kerberos keytab that DataSync uses to access a specific Hadoop Distributed File System (HDFS) storage location, with a customer-managed KMS key.

When you include this parameter as part of a CreateLocationHdfs request, you provide only the KMS key ARN. DataSync uses this KMS key together with the KerberosKeytab you specify for to create a DataSync-managed secret to store the location access credentials.

Make sure that DataSync has permission to access the KMS key that you specify. For more information, see Using a service-managed secret encrypted with a custom KMS key.

• SecretArn (string) --

  Specifies the ARN for the DataSync-managed Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for KmsKeyArn.

• KmsKeyArn (string) --

  Specifies the ARN for the customer-managed KMS key that DataSync uses to encrypt the DataSync-managed secret stored for SecretArn. DataSync provides this key to Secrets Manager.

type CustomSecretConfig:

dict

param CustomSecretConfig:

Specifies configuration information for a customer-managed Secrets Manager secret where the Kerberos keytab for the HDFS storage location is stored in binary, in Secrets Manager. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret. For more information, see Using a secret that you manage.

• SecretArn (string) --

  Specifies the ARN for an Secrets Manager secret.

• SecretAccessRoleArn (string) --

  Specifies the ARN for the Identity and Access Management role that DataSync uses to access the secret specified for SecretArn.

rtype:

dict

returns:

Response Syntax

{
    'LocationArn': 'string'
}

Response Structure

• (dict) --

  • LocationArn (string) --

    The ARN of the source HDFS cluster location that you create.

{'Protocol': {'SMB': {'CmkSecretConfig': {'KmsKeyArn': 'string',
                                          'SecretArn': 'string'},
                      'CustomSecretConfig': {'SecretAccessRoleArn': 'string',
                                             'SecretArn': 'string'},
                      'ManagedSecretConfig': {'SecretArn': 'string'}}}}

Provides details about how an DataSync transfer location for an Amazon FSx for NetApp ONTAP file system is configured.

See also: AWS API Documentation

Request Syntax

client.describe_location_fsx_ontap(
    LocationArn='string'
)

type LocationArn:

string

param LocationArn:

[REQUIRED]

Specifies the Amazon Resource Name (ARN) of the FSx for ONTAP file system location that you want information about.

rtype:

dict

returns:

Response Syntax

{
    'CreationTime': datetime(2015, 1, 1),
    'LocationArn': 'string',
    'LocationUri': 'string',
    'Protocol': {
        'NFS': {
            'MountOptions': {
                'Version': 'AUTOMATIC'|'NFS3'|'NFS4_0'|'NFS4_1'
            }
        },
        'SMB': {
            'Domain': 'string',
            'MountOptions': {
                'Version': 'AUTOMATIC'|'SMB2'|'SMB3'|'SMB1'|'SMB2_0'
            },
            'Password': 'string',
            'User': 'string',
            'ManagedSecretConfig': {
                'SecretArn': 'string'
            },
            'CmkSecretConfig': {
                'SecretArn': 'string',
                'KmsKeyArn': 'string'
            },
            'CustomSecretConfig': {
                'SecretArn': 'string',
                'SecretAccessRoleArn': 'string'
            }
        }
    },
    'SecurityGroupArns': [
        'string',
    ],
    'StorageVirtualMachineArn': 'string',
    'FsxFilesystemArn': 'string'
}

Response Structure

• (dict) --

  • CreationTime (datetime) --

    The time that the location was created.

  • LocationArn (string) --

    The ARN of the FSx for ONTAP file system location.

  • LocationUri (string) --

    The uniform resource identifier (URI) of the FSx for ONTAP file system location.

  • Protocol (dict) --

    Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system.

    • NFS (dict) --

      Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for OpenZFS file system or FSx for ONTAP file system's storage virtual machine (SVM).

      • MountOptions (dict) --

        Specifies how DataSync can access a location using the NFS protocol.

        • Version (string) --

          Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.

          You can specify the following options:

          • AUTOMATIC (default): DataSync chooses NFS version 4.1.

          • NFS3: Stateless protocol version that allows for asynchronous writes on the server.

          • NFSv4_0: Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.

          • NFSv4_1: Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.

    • SMB (dict) --

      Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM.

      • Domain (string) --

        Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.

        If you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.

        If you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.

      • MountOptions (dict) --

        Specifies the version of the Server Message Block (SMB) protocol that DataSync uses to access an SMB file server.

        • Version (string) --

          By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.

          These are the following options for configuring the SMB version:

          • AUTOMATIC (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1. This is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an Operation Not Supported error.

          • SMB3: Restricts the protocol negotiation to only SMB version 3.0.2.

          • SMB2: Restricts the protocol negotiation to only SMB version 2.1.

          • SMB2_0: Restricts the protocol negotiation to only SMB version 2.0.

          • SMB1: Restricts the protocol negotiation to only SMB version 1.0.

      • Password (string) --

        Specifies the password of a user who has permission to access your SVM.

      • User (string) --

        Specifies a user that can mount and access the files, folders, and metadata in your SVM.

        For information about choosing a user with the right level of access for your transfer, see Using the SMB protocol.

      • ManagedSecretConfig (dict) --

        Describes configuration information for a DataSync-managed secret, such as a Password that DataSync uses to access a specific storage location. DataSync uses the default Amazon Web Services-managed KMS key to encrypt this secret in Secrets Manager.

        • SecretArn (string) --

          Specifies the ARN for an Secrets Manager secret.

      • CmkSecretConfig (dict) --

        Specifies configuration information for a DataSync-managed secret, which includes the password that DataSync uses to access a specific FSx for ONTAP storage location (using SMB), with a customer-managed KMS key.

        When you include this parameter as part of a CreateLocationFsxOntap request, you provide only the KMS key ARN. DataSync uses this KMS key together with the Password you specify for to create a DataSync-managed secret to store the location access credentials.

        Make sure that DataSync has permission to access the KMS key that you specify. For more information, see Using a service-managed secret encrypted with a custom KMS key.

        • SecretArn (string) --

          Specifies the ARN for the DataSync-managed Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for KmsKeyArn.

        • KmsKeyArn (string) --

          Specifies the ARN for the customer-managed KMS key that DataSync uses to encrypt the DataSync-managed secret stored for SecretArn. DataSync provides this key to Secrets Manager.

      • CustomSecretConfig (dict) --

        Specifies configuration information for a customer-managed Secrets Manager secret where the password for an FSx for ONTAP storage location (using SMB) is stored in plain text, in Secrets Manager. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret. For more information, see Using a secret that you manage.

        • SecretArn (string) --

          Specifies the ARN for an Secrets Manager secret.

        • SecretAccessRoleArn (string) --

          Specifies the ARN for the Identity and Access Management role that DataSync uses to access the secret specified for SecretArn.

  • SecurityGroupArns (list) --

    The security groups that DataSync uses to access your FSx for ONTAP file system.

    • (string) --

  • StorageVirtualMachineArn (string) --

    The ARN of the storage virtual machine (SVM) on your FSx for ONTAP file system where you're copying data to or from.

  • FsxFilesystemArn (string) --

    The ARN of the FSx for ONTAP file system.

{'Protocol': {'SMB': {'CmkSecretConfig': {'KmsKeyArn': 'string',
                                          'SecretArn': 'string'},
                      'CustomSecretConfig': {'SecretAccessRoleArn': 'string',
                                             'SecretArn': 'string'},
                      'ManagedSecretConfig': {'SecretArn': 'string'}}}}

Provides details about how an DataSync transfer location for an Amazon FSx for OpenZFS file system is configured.

See also: AWS API Documentation

Request Syntax

client.describe_location_fsx_open_zfs(
    LocationArn='string'
)

type LocationArn:

string

param LocationArn:

[REQUIRED]

The Amazon Resource Name (ARN) of the FSx for OpenZFS location to describe.

rtype:

dict

returns:

Response Syntax

{
    'LocationArn': 'string',
    'LocationUri': 'string',
    'SecurityGroupArns': [
        'string',
    ],
    'Protocol': {
        'NFS': {
            'MountOptions': {
                'Version': 'AUTOMATIC'|'NFS3'|'NFS4_0'|'NFS4_1'
            }
        },
        'SMB': {
            'Domain': 'string',
            'MountOptions': {
                'Version': 'AUTOMATIC'|'SMB2'|'SMB3'|'SMB1'|'SMB2_0'
            },
            'Password': 'string',
            'User': 'string',
            'ManagedSecretConfig': {
                'SecretArn': 'string'
            },
            'CmkSecretConfig': {
                'SecretArn': 'string',
                'KmsKeyArn': 'string'
            },
            'CustomSecretConfig': {
                'SecretArn': 'string',
                'SecretAccessRoleArn': 'string'
            }
        }
    },
    'CreationTime': datetime(2015, 1, 1)
}

Response Structure

• (dict) --

  • LocationArn (string) --

    The ARN of the FSx for OpenZFS location that was described.

  • LocationUri (string) --

    The uniform resource identifier (URI) of the FSx for OpenZFS location that was described.

    Example: fsxz://us-west-2.fs-1234567890abcdef02/fsx/folderA/folder

  • SecurityGroupArns (list) --

    The ARNs of the security groups that are configured for the FSx for OpenZFS file system.

    • (string) --

  • Protocol (dict) --

    The type of protocol that DataSync uses to access your file system.

    • NFS (dict) --

      Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for OpenZFS file system or FSx for ONTAP file system's storage virtual machine (SVM).

      • MountOptions (dict) --

        Specifies how DataSync can access a location using the NFS protocol.

        • Version (string) --

          Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.

          You can specify the following options:

          • AUTOMATIC (default): DataSync chooses NFS version 4.1.

          • NFS3: Stateless protocol version that allows for asynchronous writes on the server.

          • NFSv4_0: Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.

          • NFSv4_1: Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.

    • SMB (dict) --

      Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM.

      • Domain (string) --

        Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.

        If you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.

        If you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.

      • MountOptions (dict) --

        Specifies the version of the Server Message Block (SMB) protocol that DataSync uses to access an SMB file server.

        • Version (string) --

          By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.

          These are the following options for configuring the SMB version:

          • AUTOMATIC (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1. This is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an Operation Not Supported error.

          • SMB3: Restricts the protocol negotiation to only SMB version 3.0.2.

          • SMB2: Restricts the protocol negotiation to only SMB version 2.1.

          • SMB2_0: Restricts the protocol negotiation to only SMB version 2.0.

          • SMB1: Restricts the protocol negotiation to only SMB version 1.0.

      • Password (string) --

        Specifies the password of a user who has permission to access your SVM.

      • User (string) --

        Specifies a user that can mount and access the files, folders, and metadata in your SVM.

        For information about choosing a user with the right level of access for your transfer, see Using the SMB protocol.

      • ManagedSecretConfig (dict) --

        Describes configuration information for a DataSync-managed secret, such as a Password that DataSync uses to access a specific storage location. DataSync uses the default Amazon Web Services-managed KMS key to encrypt this secret in Secrets Manager.

        • SecretArn (string) --

          Specifies the ARN for an Secrets Manager secret.

      • CmkSecretConfig (dict) --

        Specifies configuration information for a DataSync-managed secret, which includes the password that DataSync uses to access a specific FSx for ONTAP storage location (using SMB), with a customer-managed KMS key.

        When you include this parameter as part of a CreateLocationFsxOntap request, you provide only the KMS key ARN. DataSync uses this KMS key together with the Password you specify for to create a DataSync-managed secret to store the location access credentials.

        Make sure that DataSync has permission to access the KMS key that you specify. For more information, see Using a service-managed secret encrypted with a custom KMS key.

        • SecretArn (string) --

          Specifies the ARN for the DataSync-managed Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for KmsKeyArn.

        • KmsKeyArn (string) --

          Specifies the ARN for the customer-managed KMS key that DataSync uses to encrypt the DataSync-managed secret stored for SecretArn. DataSync provides this key to Secrets Manager.

      • CustomSecretConfig (dict) --

        Specifies configuration information for a customer-managed Secrets Manager secret where the password for an FSx for ONTAP storage location (using SMB) is stored in plain text, in Secrets Manager. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret. For more information, see Using a secret that you manage.

        • SecretArn (string) --

          Specifies the ARN for an Secrets Manager secret.

        • SecretAccessRoleArn (string) --

          Specifies the ARN for the Identity and Access Management role that DataSync uses to access the secret specified for SecretArn.

  • CreationTime (datetime) --

    The time that the FSx for OpenZFS location was created.

{'CmkSecretConfig': {'KmsKeyArn': 'string', 'SecretArn': 'string'},
 'CustomSecretConfig': {'SecretAccessRoleArn': 'string', 'SecretArn': 'string'},
 'ManagedSecretConfig': {'SecretArn': 'string'}}

Provides details about how an DataSync transfer location for an Amazon FSx for Windows File Server file system is configured.

See also: AWS API Documentation

Request Syntax

client.describe_location_fsx_windows(
    LocationArn='string'
)

type LocationArn:

string

param LocationArn:

[REQUIRED]

Specifies the Amazon Resource Name (ARN) of the FSx for Windows File Server location.

rtype:

dict

returns:

Response Syntax

{
    'LocationArn': 'string',
    'LocationUri': 'string',
    'SecurityGroupArns': [
        'string',
    ],
    'CreationTime': datetime(2015, 1, 1),
    'User': 'string',
    'Domain': 'string',
    'ManagedSecretConfig': {
        'SecretArn': 'string'
    },
    'CmkSecretConfig': {
        'SecretArn': 'string',
        'KmsKeyArn': 'string'
    },
    'CustomSecretConfig': {
        'SecretArn': 'string',
        'SecretAccessRoleArn': 'string'
    }
}

Response Structure

• (dict) --

  • LocationArn (string) --

    The ARN of the FSx for Windows File Server location.

  • LocationUri (string) --

    The uniform resource identifier (URI) of the FSx for Windows File Server location.

  • SecurityGroupArns (list) --

    The ARNs of the Amazon EC2 security groups that provide access to your file system's preferred subnet.

    For information about configuring security groups for file system access, see the Amazon FSx for Windows File Server User Guide.

    • (string) --

  • CreationTime (datetime) --

    The time that the FSx for Windows File Server location was created.

  • User (string) --

    The user with the permissions to mount and access the FSx for Windows File Server file system.

  • Domain (string) --

    The name of the Microsoft Active Directory domain that the FSx for Windows File Server file system belongs to.

  • ManagedSecretConfig (dict) --

    Describes configuration information for a DataSync-managed secret, such as a Password that DataSync uses to access a specific storage location. DataSync uses the default Amazon Web Services-managed KMS key to encrypt this secret in Secrets Manager.

    • SecretArn (string) --

      Specifies the ARN for an Secrets Manager secret.

  • CmkSecretConfig (dict) --

    Describes configuration information for a DataSync-managed secret, such as a Password that DataSync uses to access a specific storage location, with a customer-managed KMS key.

    • SecretArn (string) --

      Specifies the ARN for the DataSync-managed Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for KmsKeyArn.

    • KmsKeyArn (string) --

      Specifies the ARN for the customer-managed KMS key that DataSync uses to encrypt the DataSync-managed secret stored for SecretArn. DataSync provides this key to Secrets Manager.

  • CustomSecretConfig (dict) --

    Describes configuration information for a customer-managed secret, such as a Password that DataSync uses to access a specific storage location, with a customer-managed Identity and Access Management (IAM) role that provides access to the secret.

    • SecretArn (string) --

      Specifies the ARN for an Secrets Manager secret.

    • SecretAccessRoleArn (string) --

      Specifies the ARN for the Identity and Access Management role that DataSync uses to access the secret specified for SecretArn.

{'CmkSecretConfig': {'KmsKeyArn': 'string', 'SecretArn': 'string'},
 'CustomSecretConfig': {'SecretAccessRoleArn': 'string', 'SecretArn': 'string'},
 'ManagedSecretConfig': {'SecretArn': 'string'}}

Provides details about how an DataSync transfer location for a Hadoop Distributed File System (HDFS) is configured.

See also: AWS API Documentation

Request Syntax

client.describe_location_hdfs(
    LocationArn='string'
)

type LocationArn:

string

param LocationArn:

[REQUIRED]

Specifies the Amazon Resource Name (ARN) of the HDFS location.

rtype:

dict

returns:

Response Syntax

{
    'LocationArn': 'string',
    'LocationUri': 'string',
    'NameNodes': [
        {
            'Hostname': 'string',
            'Port': 123
        },
    ],
    'BlockSize': 123,
    'ReplicationFactor': 123,
    'KmsKeyProviderUri': 'string',
    'QopConfiguration': {
        'RpcProtection': 'DISABLED'|'AUTHENTICATION'|'INTEGRITY'|'PRIVACY',
        'DataTransferProtection': 'DISABLED'|'AUTHENTICATION'|'INTEGRITY'|'PRIVACY'
    },
    'AuthenticationType': 'SIMPLE'|'KERBEROS',
    'SimpleUser': 'string',
    'KerberosPrincipal': 'string',
    'AgentArns': [
        'string',
    ],
    'CreationTime': datetime(2015, 1, 1),
    'ManagedSecretConfig': {
        'SecretArn': 'string'
    },
    'CmkSecretConfig': {
        'SecretArn': 'string',
        'KmsKeyArn': 'string'
    },
    'CustomSecretConfig': {
        'SecretArn': 'string',
        'SecretAccessRoleArn': 'string'
    }
}

Response Structure

• (dict) --

  • LocationArn (string) --

    The ARN of the HDFS location.

  • LocationUri (string) --

    The URI of the HDFS location.

  • NameNodes (list) --

    The NameNode that manages the HDFS namespace.

    • (dict) --

      The NameNode of the Hadoop Distributed File System (HDFS). The NameNode manages the file system's namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes.

      • Hostname (string) --

        The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network.

      • Port (integer) --

        The port that the NameNode uses to listen to client requests.

  • BlockSize (integer) --

    The size of the data blocks to write into the HDFS cluster.

  • ReplicationFactor (integer) --

    The number of DataNodes to replicate the data to when writing to the HDFS cluster.

  • KmsKeyProviderUri (string) --

    The URI of the HDFS cluster's Key Management Server (KMS).

  • QopConfiguration (dict) --

    The Quality of Protection (QOP) configuration, which specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the HDFS cluster.

    • RpcProtection (string) --

      The RPC protection setting configured on the HDFS cluster. This setting corresponds to your hadoop.rpc.protection setting in your core-site.xml file on your Hadoop cluster.

    • DataTransferProtection (string) --

      The data transfer protection setting configured on the HDFS cluster. This setting corresponds to your dfs.data.transfer.protection setting in the hdfs-site.xml file on your Hadoop cluster.

  • AuthenticationType (string) --

    The type of authentication used to determine the identity of the user.

  • SimpleUser (string) --

    The user name to identify the client on the host operating system. This parameter is used if the AuthenticationType is defined as SIMPLE.

  • KerberosPrincipal (string) --

    The Kerberos principal with access to the files and folders on the HDFS cluster. This parameter is used if the AuthenticationType is defined as KERBEROS.

  • AgentArns (list) --

    The ARNs of the DataSync agents that can connect with your HDFS cluster.

    • (string) --

  • CreationTime (datetime) --

    The time that the HDFS location was created.

  • ManagedSecretConfig (dict) --

    Describes configuration information for a DataSync-managed secret, such as a KerberosKeytab that DataSync uses to access a specific storage location. DataSync uses the default Amazon Web Services-managed KMS key to encrypt this secret in Secrets Manager.

    • SecretArn (string) --

      Specifies the ARN for an Secrets Manager secret.

  • CmkSecretConfig (dict) --

    Describes configuration information for a DataSync-managed secret, such as a KerberosKeytab that DataSync uses to access a specific storage location, with a customer-managed KMS key.

    • SecretArn (string) --

      Specifies the ARN for the DataSync-managed Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for KmsKeyArn.

    • KmsKeyArn (string) --

      Specifies the ARN for the customer-managed KMS key that DataSync uses to encrypt the DataSync-managed secret stored for SecretArn. DataSync provides this key to Secrets Manager.

  • CustomSecretConfig (dict) --

    Describes configuration information for a customer-managed secret, such as a KerberosKeytab that DataSync uses to access a specific storage location, with a customer-managed Identity and Access Management (IAM) role that provides access to the secret.

    • SecretArn (string) --

      Specifies the ARN for an Secrets Manager secret.

    • SecretAccessRoleArn (string) --

      Specifies the ARN for the Identity and Access Management role that DataSync uses to access the secret specified for SecretArn.

{'Protocol': {'SMB': {'CmkSecretConfig': {'KmsKeyArn': 'string',
                                          'SecretArn': 'string'},
                      'CustomSecretConfig': {'SecretAccessRoleArn': 'string',
                                             'SecretArn': 'string'}}}}

Modifies the following configuration parameters of the Amazon FSx for NetApp ONTAP transfer location that you're using with DataSync.

For more information, see Configuring DataSync transfers with FSx for ONTAP.

See also: AWS API Documentation

Request Syntax

client.update_location_fsx_ontap(
    LocationArn='string',
    Protocol={
        'NFS': {
            'MountOptions': {
                'Version': 'AUTOMATIC'|'NFS3'|'NFS4_0'|'NFS4_1'
            }
        },
        'SMB': {
            'Domain': 'string',
            'MountOptions': {
                'Version': 'AUTOMATIC'|'SMB2'|'SMB3'|'SMB1'|'SMB2_0'
            },
            'Password': 'string',
            'User': 'string',
            'CmkSecretConfig': {
                'SecretArn': 'string',
                'KmsKeyArn': 'string'
            },
            'CustomSecretConfig': {
                'SecretArn': 'string',
                'SecretAccessRoleArn': 'string'
            }
        }
    },
    Subdirectory='string'
)

type LocationArn:

string

param LocationArn:

[REQUIRED]

Specifies the Amazon Resource Name (ARN) of the FSx for ONTAP transfer location that you're updating.

type Protocol:

dict

param Protocol:

Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system.

• NFS (dict) --

  Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for OpenZFS file system or FSx for ONTAP file system's storage virtual machine (SVM).

  • MountOptions (dict) --

    Specifies how DataSync can access a location using the NFS protocol.

    • Version (string) --

      Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.

      You can specify the following options:

      • AUTOMATIC (default): DataSync chooses NFS version 4.1.

      • NFS3: Stateless protocol version that allows for asynchronous writes on the server.

      • NFSv4_0: Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.

      • NFSv4_1: Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.

• SMB (dict) --

  Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's storage virtual machine (SVM).

  • Domain (string) --

    Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.

    If you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.

  • MountOptions (dict) --

    Specifies the version of the Server Message Block (SMB) protocol that DataSync uses to access an SMB file server.

    • Version (string) --

      By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.

      These are the following options for configuring the SMB version:

      • AUTOMATIC (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1. This is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an Operation Not Supported error.

      • SMB3: Restricts the protocol negotiation to only SMB version 3.0.2.

      • SMB2: Restricts the protocol negotiation to only SMB version 2.1.

      • SMB2_0: Restricts the protocol negotiation to only SMB version 2.0.

      • SMB1: Restricts the protocol negotiation to only SMB version 1.0.

  • Password (string) --

    Specifies the password of a user who has permission to access your SVM.

  • User (string) --

    Specifies a user that can mount and access the files, folders, and metadata in your SVM.

    For information about choosing a user with the right level of access for your transfer, see Using the SMB protocol.

  • CmkSecretConfig (dict) --

    Specifies configuration information for a DataSync-managed secret, such as a Password or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed KMS key.

    • SecretArn (string) --

      Specifies the ARN for the DataSync-managed Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for KmsKeyArn.

    • KmsKeyArn (string) --

      Specifies the ARN for the customer-managed KMS key that DataSync uses to encrypt the DataSync-managed secret stored for SecretArn. DataSync provides this key to Secrets Manager.

  • CustomSecretConfig (dict) --

    Specifies configuration information for a customer-managed secret, such as a Password or set of credentials that DataSync uses to access a specific transfer location. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.

    • SecretArn (string) --

      Specifies the ARN for an Secrets Manager secret.

    • SecretAccessRoleArn (string) --

      Specifies the ARN for the Identity and Access Management role that DataSync uses to access the secret specified for SecretArn.

type Subdirectory:

string

param Subdirectory:

Specifies a path to the file share in the storage virtual machine (SVM) where you want to transfer data to or from.

You can specify a junction path (also known as a mount point), qtree path (for NFS file shares), or share name (for SMB file shares). For example, your mount path might be /vol1, /vol1/tree1, or /share1.

rtype:

dict

returns:

Response Syntax

{}

Response Structure

• (dict) --

{'Protocol': {'SMB': {'CmkSecretConfig': {'KmsKeyArn': 'string',
                                          'SecretArn': 'string'},
                      'CustomSecretConfig': {'SecretAccessRoleArn': 'string',
                                             'SecretArn': 'string'},
                      'ManagedSecretConfig': {'SecretArn': 'string'}}}}

Modifies the following configuration parameters of the Amazon FSx for OpenZFS transfer location that you're using with DataSync.

For more information, see Configuring DataSync transfers with FSx for OpenZFS.

See also: AWS API Documentation

Request Syntax

client.update_location_fsx_open_zfs(
    LocationArn='string',
    Protocol={
        'NFS': {
            'MountOptions': {
                'Version': 'AUTOMATIC'|'NFS3'|'NFS4_0'|'NFS4_1'
            }
        },
        'SMB': {
            'Domain': 'string',
            'MountOptions': {
                'Version': 'AUTOMATIC'|'SMB2'|'SMB3'|'SMB1'|'SMB2_0'
            },
            'Password': 'string',
            'User': 'string',
            'ManagedSecretConfig': {
                'SecretArn': 'string'
            },
            'CmkSecretConfig': {
                'SecretArn': 'string',
                'KmsKeyArn': 'string'
            },
            'CustomSecretConfig': {
                'SecretArn': 'string',
                'SecretAccessRoleArn': 'string'
            }
        }
    },
    Subdirectory='string'
)

type LocationArn:

string

param LocationArn:

[REQUIRED]

Specifies the Amazon Resource Name (ARN) of the FSx for OpenZFS transfer location that you're updating.

type Protocol:

dict

param Protocol:

Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system.

• NFS (dict) --

  Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for OpenZFS file system or FSx for ONTAP file system's storage virtual machine (SVM).

  • MountOptions (dict) --

    Specifies how DataSync can access a location using the NFS protocol.

    • Version (string) --

      Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.

      You can specify the following options:

      • AUTOMATIC (default): DataSync chooses NFS version 4.1.

      • NFS3: Stateless protocol version that allows for asynchronous writes on the server.

      • NFSv4_0: Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.

      • NFSv4_1: Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.

• SMB (dict) --

  Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM.

  • Domain (string) --

    Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.

    If you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.

    If you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.

  • MountOptions (dict) --

    Specifies the version of the Server Message Block (SMB) protocol that DataSync uses to access an SMB file server.

    • Version (string) --

      By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.

      These are the following options for configuring the SMB version:

      • AUTOMATIC (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1. This is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an Operation Not Supported error.

      • SMB3: Restricts the protocol negotiation to only SMB version 3.0.2.

      • SMB2: Restricts the protocol negotiation to only SMB version 2.1.

      • SMB2_0: Restricts the protocol negotiation to only SMB version 2.0.

      • SMB1: Restricts the protocol negotiation to only SMB version 1.0.

  • Password (string) --

    Specifies the password of a user who has permission to access your SVM.

  • User (string) -- [REQUIRED]

    Specifies a user that can mount and access the files, folders, and metadata in your SVM.

    For information about choosing a user with the right level of access for your transfer, see Using the SMB protocol.

  • ManagedSecretConfig (dict) --

    Describes configuration information for a DataSync-managed secret, such as a Password that DataSync uses to access a specific storage location. DataSync uses the default Amazon Web Services-managed KMS key to encrypt this secret in Secrets Manager.

    • SecretArn (string) --

      Specifies the ARN for an Secrets Manager secret.

  • CmkSecretConfig (dict) --

    Specifies configuration information for a DataSync-managed secret, which includes the password that DataSync uses to access a specific FSx for ONTAP storage location (using SMB), with a customer-managed KMS key.

    When you include this parameter as part of a CreateLocationFsxOntap request, you provide only the KMS key ARN. DataSync uses this KMS key together with the Password you specify for to create a DataSync-managed secret to store the location access credentials.

    Make sure that DataSync has permission to access the KMS key that you specify. For more information, see Using a service-managed secret encrypted with a custom KMS key.

    • SecretArn (string) --

      Specifies the ARN for the DataSync-managed Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for KmsKeyArn.

    • KmsKeyArn (string) --

      Specifies the ARN for the customer-managed KMS key that DataSync uses to encrypt the DataSync-managed secret stored for SecretArn. DataSync provides this key to Secrets Manager.

  • CustomSecretConfig (dict) --

    Specifies configuration information for a customer-managed Secrets Manager secret where the password for an FSx for ONTAP storage location (using SMB) is stored in plain text, in Secrets Manager. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret. For more information, see Using a secret that you manage.

    • SecretArn (string) --

      Specifies the ARN for an Secrets Manager secret.

    • SecretAccessRoleArn (string) --

      Specifies the ARN for the Identity and Access Management role that DataSync uses to access the secret specified for SecretArn.

type Subdirectory:

string

param Subdirectory:

Specifies a subdirectory in the location's path that must begin with /fsx. DataSync uses this subdirectory to read or write data (depending on whether the file system is a source or destination location).

rtype:

dict

returns:

Response Syntax

{}

Response Structure

• (dict) --

{'CmkSecretConfig': {'KmsKeyArn': 'string', 'SecretArn': 'string'},
 'CustomSecretConfig': {'SecretAccessRoleArn': 'string', 'SecretArn': 'string'}}

Modifies the following configuration parameters of the Amazon FSx for Windows File Server transfer location that you're using with DataSync.

For more information, see Configuring DataSync transfers with FSx for Windows File Server.

See also: AWS API Documentation

Request Syntax

client.update_location_fsx_windows(
    LocationArn='string',
    Subdirectory='string',
    Domain='string',
    User='string',
    Password='string',
    CmkSecretConfig={
        'SecretArn': 'string',
        'KmsKeyArn': 'string'
    },
    CustomSecretConfig={
        'SecretArn': 'string',
        'SecretAccessRoleArn': 'string'
    }
)

type LocationArn:

string

param LocationArn:

[REQUIRED]

Specifies the ARN of the FSx for Windows File Server transfer location that you're updating.

type Subdirectory:

string

param Subdirectory:

Specifies a mount path for your file system using forward slashes. DataSync uses this subdirectory to read or write data (depending on whether the file system is a source or destination location).

type Domain:

string

param Domain:

Specifies the name of the Windows domain that your FSx for Windows File Server file system belongs to.

If you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right file system.

type User:

string

param User:

Specifies the user with the permissions to mount and access the files, folders, and file metadata in your FSx for Windows File Server file system.

For information about choosing a user with the right level of access for your transfer, see required permissions for FSx for Windows File Server locations.

type Password:

string

param Password:

Specifies the password of the user with the permissions to mount and access the files, folders, and file metadata in your FSx for Windows File Server file system.

type CmkSecretConfig:

dict

param CmkSecretConfig:

Specifies configuration information for a DataSync-managed secret, such as a Password or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed KMS key.

• SecretArn (string) --

  Specifies the ARN for the DataSync-managed Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for KmsKeyArn.

• KmsKeyArn (string) --

  Specifies the ARN for the customer-managed KMS key that DataSync uses to encrypt the DataSync-managed secret stored for SecretArn. DataSync provides this key to Secrets Manager.

type CustomSecretConfig:

dict

param CustomSecretConfig:

Specifies configuration information for a customer-managed secret, such as a Password or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed Identity and Access Management (IAM) role that provides access to the secret.

• SecretArn (string) --

  Specifies the ARN for an Secrets Manager secret.

• SecretAccessRoleArn (string) --

  Specifies the ARN for the Identity and Access Management role that DataSync uses to access the secret specified for SecretArn.

rtype:

dict

returns:

Response Syntax

{}

Response Structure

• (dict) --

{'CmkSecretConfig': {'KmsKeyArn': 'string', 'SecretArn': 'string'},
 'CustomSecretConfig': {'SecretAccessRoleArn': 'string', 'SecretArn': 'string'}}

Modifies the following configuration parameters of the Hadoop Distributed File System (HDFS) transfer location that you're using with DataSync.

For more information, see Configuring DataSync transfers with an HDFS cluster.

See also: AWS API Documentation

Request Syntax

client.update_location_hdfs(
    LocationArn='string',
    Subdirectory='string',
    NameNodes=[
        {
            'Hostname': 'string',
            'Port': 123
        },
    ],
    BlockSize=123,
    ReplicationFactor=123,
    KmsKeyProviderUri='string',
    QopConfiguration={
        'RpcProtection': 'DISABLED'|'AUTHENTICATION'|'INTEGRITY'|'PRIVACY',
        'DataTransferProtection': 'DISABLED'|'AUTHENTICATION'|'INTEGRITY'|'PRIVACY'
    },
    AuthenticationType='SIMPLE'|'KERBEROS',
    SimpleUser='string',
    KerberosPrincipal='string',
    KerberosKeytab=b'bytes',
    KerberosKrb5Conf=b'bytes',
    AgentArns=[
        'string',
    ],
    CmkSecretConfig={
        'SecretArn': 'string',
        'KmsKeyArn': 'string'
    },
    CustomSecretConfig={
        'SecretArn': 'string',
        'SecretAccessRoleArn': 'string'
    }
)

type LocationArn:

string

param LocationArn:

[REQUIRED]

The Amazon Resource Name (ARN) of the source HDFS cluster location.

type Subdirectory:

string

param Subdirectory:

A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster.

type NameNodes:

list

param NameNodes:

The NameNode that manages the HDFS namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes. You can use only one NameNode.

• (dict) --

  The NameNode of the Hadoop Distributed File System (HDFS). The NameNode manages the file system's namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes.

  • Hostname (string) -- [REQUIRED]

    The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network.

  • Port (integer) -- [REQUIRED]

    The port that the NameNode uses to listen to client requests.

type BlockSize:

integer

param BlockSize:

The size of the data blocks to write into the HDFS cluster.

type ReplicationFactor:

integer

param ReplicationFactor:

The number of DataNodes to replicate the data to when writing to the HDFS cluster.

type KmsKeyProviderUri:

string

param KmsKeyProviderUri:

The URI of the HDFS cluster's Key Management Server (KMS).

type QopConfiguration:

dict

param QopConfiguration:

The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer privacy settings configured on the Hadoop Distributed File System (HDFS) cluster.

• RpcProtection (string) --

  The RPC protection setting configured on the HDFS cluster. This setting corresponds to your hadoop.rpc.protection setting in your core-site.xml file on your Hadoop cluster.

• DataTransferProtection (string) --

  The data transfer protection setting configured on the HDFS cluster. This setting corresponds to your dfs.data.transfer.protection setting in the hdfs-site.xml file on your Hadoop cluster.

type AuthenticationType:

string

param AuthenticationType:

The type of authentication used to determine the identity of the user.

type SimpleUser:

string

param SimpleUser:

The user name used to identify the client on the host operating system.

type KerberosPrincipal:

string

param KerberosPrincipal:

The Kerberos principal with access to the files and folders on the HDFS cluster.

type KerberosKeytab:

bytes

param KerberosKeytab:

The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. You can load the keytab from a file by providing the file's address.

type KerberosKrb5Conf:

bytes

param KerberosKrb5Conf:

The krb5.conf file that contains the Kerberos configuration information. You can load the krb5.conf file by providing the file's address. If you're using the CLI, it performs the base64 encoding for you. Otherwise, provide the base64-encoded text.

type AgentArns:

list

param AgentArns:

The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your HDFS cluster.

• (string) --

type CmkSecretConfig:

dict

param CmkSecretConfig:

Specifies configuration information for a DataSync-managed secret, such as a KerberosKeytab or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed KMS key.

• SecretArn (string) --

  Specifies the ARN for the DataSync-managed Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for KmsKeyArn.

• KmsKeyArn (string) --

  Specifies the ARN for the customer-managed KMS key that DataSync uses to encrypt the DataSync-managed secret stored for SecretArn. DataSync provides this key to Secrets Manager.

type CustomSecretConfig:

dict

param CustomSecretConfig:

Specifies configuration information for a customer-managed secret, such as a KerberosKeytab or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed Identity and Access Management (IAM) role that provides access to the secret.

• SecretArn (string) --

  Specifies the ARN for an Secrets Manager secret.

• SecretAccessRoleArn (string) --

  Specifies the ARN for the Identity and Access Management role that DataSync uses to access the secret specified for SecretArn.

rtype:

dict

returns:

Response Syntax

{}

Response Structure

• (dict) --