| _key | core | string | |
| access_based_enumeration | core | bool | Indicates whether <code>AccessBasedEnumeration</code> is enabled. |
| account_id | core | string | |
| admin_user_list | core | array<string> | A list of users or groups in the Active Directory that have administrator rights to the file share. A group must be prefixed with the @ character. Acceptable formats include: <code>DOMAIN\User1</code>, <code>user1</code>, <code>@group1</code>, and <code>@DOMAIN\group1</code>. Can only be set if Authentication is set to <code>ActiveDirectory</code>. |
| audit_destination_arn | core | string | The Amazon Resource Name (ARN) of the storage used for audit logs. |
| authentication | core | string | |
| bucket_region | core | string | Specifies the Region of the S3 bucket where the SMB file share stores files. <note> This parameter is required for SMB file shares that connect to Amazon S3 through a VPC endpoint, a VPC access point, or an access point alias that points to a VPC access point. </note> |
| cache_attributes | core | json | Refresh cache information for the file share. |
| case_sensitivity | core | string | The case of an object name in an Amazon S3 bucket. For <code>ClientSpecified</code>, the client determines the case sensitivity. For <code>CaseSensitive</code>, the gateway determines the case sensitivity. The default value is <code>ClientSpecified</code>. |
| default_storage_class | core | string | The default storage class for objects put into an Amazon S3 bucket by the S3 File Gateway. The default value is <code>S3_STANDARD</code>. Optional. Valid Values: <code>S3_STANDARD</code> | <code>S3_INTELLIGENT_TIERING</code> | <code>S3_STANDARD_IA</code> | <code>S3_ONEZONE_IA</code> |
| encryption_type | core | string | A value that specifies the type of server-side encryption that the file share will use for the data that it stores in Amazon S3. <note> We recommend using <code>EncryptionType</code> instead of <code>KMSEncrypted</code> to set the file share encryption method. You do not need to provide values for both parameters. If values for both parameters exist in the same request, then the specified encryption methods must not conflict. For example, if <code>EncryptionType</code> is <code>SseS3</code>, then <code>KMSEncrypted</code> must be <code>false</code>. If <code>EncryptionType</code> is <code>SseKms</code> or <code>DsseKms</code>, then <code>KMSEncrypted</code> must be <code>true</code>. </note> |
| file_share_arn | core | string | |
| file_share_id | core | string | |
| file_share_name | core | string | The name of the file share. Optional. <note> <code>FileShareName</code> must be set if an S3 prefix name is set in <code>LocationARN</code>, or if an access point or access point alias is used. </note> |
| file_share_status | core | string | |
| gateway_arn | core | string | |
| guess_mime_type_enabled | core | bool | A value that enables guessing of the MIME type for uploaded objects based on file extensions. Set this value to <code>true</code> to enable MIME type guessing, otherwise set to <code>false</code>. The default value is <code>true</code>. Valid Values: <code>true</code> | <code>false</code> |
| invalid_user_list | core | array<string> | A list of users or groups in the Active Directory that are not allowed to access the file share. A group must be prefixed with the @ character. Acceptable formats include: <code>DOMAIN\User1</code>, <code>user1</code>, <code>@group1</code>, and <code>@DOMAIN\group1</code>. Can only be set if Authentication is set to <code>ActiveDirectory</code>. |
| kms_encrypted | core | bool | Optional. Set to <code>true</code> to use Amazon S3 server-side encryption with your own KMS key (SSE-KMS), or <code>false</code> to use a key managed by Amazon S3 (SSE-S3). To use dual-layer encryption (DSSE-KMS), set the <code>EncryptionType</code> parameter instead. <note> We recommend using <code>EncryptionType</code> instead of <code>KMSEncrypted</code> to set the file share encryption method. You do not need to provide values for both parameters. If values for both parameters exist in the same request, then the specified encryption methods must not conflict. For example, if <code>EncryptionType</code> is <code>SseS3</code>, then <code>KMSEncrypted</code> must be <code>false</code>. If <code>EncryptionType</code> is <code>SseKms</code> or <code>DsseKms</code>, then <code>KMSEncrypted</code> must be <code>true</code>. </note> Valid Values: <code>true</code> | <code>false</code> |
| location_arn | core | string | |
| notification_policy | core | string | The notification policy of the file share. <code>SettlingTimeInSeconds</code> controls the number of seconds to wait after the last point in time a client wrote to a file before generating an <code>ObjectUploaded</code> notification. Because clients can make many small writes to files, it's best to set this parameter for as long as possible to avoid generating multiple notifications for the same file in a small time period. <note> <code>SettlingTimeInSeconds</code> has no effect on the timing of the object uploading to Amazon S3, only the timing of the notification. This setting is not meant to specify an exact time at which the notification will be sent. In some cases, the gateway might require more than the specified delay time to generate and send notifications. </note> The following example sets <code>NotificationPolicy</code> on with <code>SettlingTimeInSeconds</code> set to 60. <code>{\"Upload\": {\"SettlingTimeInSeconds\": 60}}</code> The following example sets <code>NotificationPolicy</code> off. <code>{}</code> |
| object_acl | core | string | |
| oplocks_enabled | core | bool | Specifies whether opportunistic locking is enabled for the SMB file share. <note> Enabling opportunistic locking on case-sensitive shares is not recommended for workloads that involve access to files with the same name in different case. </note> Valid Values: <code>true</code> | <code>false</code> |
| path | core | string | The file share path used by the SMB client to identify the mount point. |
| read_only | core | bool | A value that sets the write status of a file share. Set this value to <code>true</code> to set the write status to read-only, otherwise set to <code>false</code>. Valid Values: <code>true</code> | <code>false</code> |
| requester_pays | core | bool | A value that sets who pays the cost of the request and the cost associated with data download from the S3 bucket. If this value is set to <code>true</code>, the requester pays the costs; otherwise, the S3 bucket owner pays. However, the S3 bucket owner always pays the cost of storing data. <note> <code>RequesterPays</code> is a configuration for the S3 bucket that backs the file share, so make sure that the configuration on the file share is the same as the S3 bucket configuration. </note> Valid Values: <code>true</code> | <code>false</code> |
| role | core | string | |
| smbacl_enabled | core | bool | If this value is set to <code>true</code>, it indicates that access control list (ACL) is enabled on the SMB file share. If it is set to <code>false</code>, it indicates that file and directory permissions are mapped to the POSIX permission. For more information, see <a href="https://docs.aws.amazon.com/filegateway/latest/files3/smb-acl.html">Using Windows ACLs to limit SMB file share access</a> in the <i>Amazon S3 File Gateway User Guide</i>. |
| tags | core | hstore | |
| valid_user_list | core | array<string> | A list of users or groups in the Active Directory that are allowed to access the file share. A group must be prefixed with the @ character. Acceptable formats include: <code>DOMAIN\User1</code>, <code>user1</code>, <code>@group1</code>, and <code>@DOMAIN\group1</code>. Can only be set if Authentication is set to <code>ActiveDirectory</code>. |
| vpc_endpoint_dns_name | core | string | Specifies the DNS name for the VPC endpoint that the SMB file share uses to connect to Amazon S3. <note> This parameter is required for SMB file shares that connect to Amazon S3 through a VPC endpoint, a VPC access point, or an access point alias that points to a VPC access point. </note> |
