createLocationSmb method

Future<CreateLocationSmbResponse> createLocationSmb({
  1. required List<String> agentArns,
  2. required String serverHostname,
  3. required String subdirectory,
  4. SmbAuthenticationType? authenticationType,
  5. CmkSecretConfig? cmkSecretConfig,
  6. CustomSecretConfig? customSecretConfig,
  7. List<String>? dnsIpAddresses,
  8. String? domain,
  9. Uint8List? kerberosKeytab,
  10. Uint8List? kerberosKrb5Conf,
  11. String? kerberosPrincipal,
  12. SmbMountOptions? mountOptions,
  13. String? password,
  14. List<TagListEntry>? tags,
  15. String? user,
})

Creates a transfer location for a Server Message Block (SMB) file server. DataSync can use this location as a source or destination for transferring data.

Before you begin, make sure that you understand how DataSync accesses SMB file servers. For more information, see Providing DataSync access to SMB file servers.

May throw InternalException. May throw InvalidRequestException.

Parameter agentArns : Specifies the DataSync agent (or agents) that can connect to your SMB file server. You specify an agent by using its Amazon Resource Name (ARN).

Parameter serverHostname : Specifies the domain name or IP address (IPv4 or IPv6) of the SMB file server that your DataSync agent connects to.

Parameter subdirectory : Specifies the name of the share exported by your SMB file server where DataSync will read or write data. You can include a subdirectory in the share path (for example, /path/to/subdirectory). Make sure that other SMB clients in your network can also mount this path.

To copy all data in the subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see Providing DataSync access to SMB file servers.

Parameter authenticationType : Specifies the authentication protocol that DataSync uses to connect to your SMB file server. DataSync supports NTLM (default) and KERBEROS authentication.

For more information, see Providing DataSync access to SMB file servers.

Parameter cmkSecretConfig : Specifies configuration information for a DataSync-managed secret, either a Password or KerberosKeytab (for NTLM (default) and KERBEROS authentication types, respectively) that DataSync uses to access a specific SMB storage location, with a customer-managed KMS key.

When you include this parameter as part of a CreateLocationSmbRequest request, you provide only the KMS key ARN. DataSync uses this KMS key together with either the Password or KerberosKeytab you specify to create a DataSync-managed secret to store the location access credentials.

Make sure that DataSync has permission to access the KMS key that you specify. For more information, see Using a service-managed secret encrypted with a custom KMS key.

Parameter customSecretConfig : Specifies configuration information for a customer-managed Secrets Manager secret where the SMB storage location credentials is stored in Secrets Manager as plain text (for Password) or binary (for KerberosKeytab). This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret. For more information, see Using a secret that you manage.

Parameter dnsIpAddresses : Specifies the IPv4 or IPv6 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS.

If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server.

Parameter domain : Specifies the Windows domain name that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to NTLM.

If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right file server.

Parameter kerberosKeytab : Specifies your Kerberos key table (keytab) file, which includes mappings between your Kerberos principal and encryption keys.

To avoid task execution errors, make sure that the Kerberos principal that you use to create the keytab file matches exactly what you specify for KerberosPrincipal.

Parameter kerberosKrb5Conf : Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration.

The file must be base64 encoded. If you're using the CLI, the encoding is done for you.

Parameter kerberosPrincipal : Specifies a Kerberos principal, which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server.

A Kerberos principal might look like HOST/kerberosuser@MYDOMAIN.ORG.

Principal names are case sensitive. Your DataSync task execution will fail if the principal that you specify for this parameter doesn’t exactly match the principal that you use to create the keytab file.

Parameter mountOptions : Specifies the version of the SMB protocol that DataSync uses to access your SMB file server.

Parameter password : Specifies the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only if AuthenticationType is set to NTLM.

Parameter tags : Specifies labels that help you categorize, filter, and search for your Amazon Web Services resources. We recommend creating at least a name tag for your location.

Parameter user : Specifies the user that can mount and access the files, folders, and file metadata in your SMB file server. This parameter applies only if AuthenticationType is set to NTLM.

For information about choosing a user with the right level of access for your transfer, see Providing DataSync access to SMB file servers.

Implementation

Future<CreateLocationSmbResponse> createLocationSmb({
  required List<String> agentArns,
  required String serverHostname,
  required String subdirectory,
  SmbAuthenticationType? authenticationType,
  CmkSecretConfig? cmkSecretConfig,
  CustomSecretConfig? customSecretConfig,
  List<String>? dnsIpAddresses,
  String? domain,
  Uint8List? kerberosKeytab,
  Uint8List? kerberosKrb5Conf,
  String? kerberosPrincipal,
  SmbMountOptions? mountOptions,
  String? password,
  List<TagListEntry>? tags,
  String? user,
}) async {
  final headers = <String, String>{
    'Content-Type': 'application/x-amz-json-1.1',
    'X-Amz-Target': 'FmrsService.CreateLocationSmb'
  };
  final jsonResponse = await _protocol.send(
    method: 'POST',
    requestUri: '/',
    exceptionFnMap: _exceptionFns,
    // TODO queryParams
    headers: headers,
    payload: {
      'AgentArns': agentArns,
      'ServerHostname': serverHostname,
      'Subdirectory': subdirectory,
      if (authenticationType != null)
        'AuthenticationType': authenticationType.value,
      if (cmkSecretConfig != null) 'CmkSecretConfig': cmkSecretConfig,
      if (customSecretConfig != null)
        'CustomSecretConfig': customSecretConfig,
      if (dnsIpAddresses != null) 'DnsIpAddresses': dnsIpAddresses,
      if (domain != null) 'Domain': domain,
      if (kerberosKeytab != null)
        'KerberosKeytab': base64Encode(kerberosKeytab),
      if (kerberosKrb5Conf != null)
        'KerberosKrb5Conf': base64Encode(kerberosKrb5Conf),
      if (kerberosPrincipal != null) 'KerberosPrincipal': kerberosPrincipal,
      if (mountOptions != null) 'MountOptions': mountOptions,
      if (password != null) 'Password': password,
      if (tags != null) 'Tags': tags,
      if (user != null) 'User': user,
    },
  );

  return CreateLocationSmbResponse.fromJson(jsonResponse.body);
}