StorageGateway / Client / update_smb_security_strategy

update_smb_security_strategy#

StorageGateway.Client.update_smb_security_strategy(**kwargs)#

Updates the SMB security strategy level for an Amazon S3 file gateway. This action is only supported for Amazon S3 file gateways.

Note

For information about configuring this setting using the Amazon Web Services console, see Setting a security level for your gateway in the Amazon S3 File Gateway User Guide.

A higher security strategy level can affect performance of the gateway.

See also: AWS API Documentation

Request Syntax

response = client.update_smb_security_strategy(
    GatewayARN='string',
    SMBSecurityStrategy='ClientSpecified'|'MandatorySigning'|'MandatoryEncryption'|'MandatoryEncryptionNoAes128'
)
Parameters:

  • GatewayARN (string) –

    [REQUIRED]

    The Amazon Resource Name (ARN) of the gateway. Use the ListGateways operation to return a list of gateways for your account and Amazon Web Services Region.

  • SMBSecurityStrategy (string) –

    [REQUIRED]

    Specifies the type of security strategy.

    ClientSpecified: If you choose this option, requests are established based on what is negotiated by the client. This option is recommended when you want to maximize compatibility across different clients in your environment. Supported only for S3 File Gateway.

    MandatorySigning: If you choose this option, File Gateway only allows connections from SMBv2 or SMBv3 clients that have signing enabled. This option works with SMB clients on Microsoft Windows Vista, Windows Server 2008 or newer.

    MandatoryEncryption: If you choose this option, File Gateway only allows connections from SMBv3 clients that have encryption enabled. This option is recommended for environments that handle sensitive data. This option works with SMB clients on Microsoft Windows 8, Windows Server 2012 or newer.

    MandatoryEncryptionNoAes128: If you choose this option, File Gateway only allows connections from SMBv3 clients that use 256-bit AES encryption algorithms. 128-bit algorithms are not allowed. This option is recommended for environments that handle sensitive data. It works with SMB clients on Microsoft Windows 8, Windows Server 2012, or later.

Return type:

dict

Returns:

Response Syntax

{
    'GatewayARN': 'string'
}

Response Structure

  • (dict) –

    • GatewayARN (string) –

      The Amazon Resource Name (ARN) of the gateway. Use the ListGateways operation to return a list of gateways for your account and Amazon Web Services Region.

Exceptions

  • StorageGateway.Client.exceptions.InvalidGatewayRequestException

  • StorageGateway.Client.exceptions.InternalServerError