AWS Classic v6.13.2, Dec 7 23

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.13.2 published on Thursday, Dec 7, 2023 by Pulumi

pulumi/pulumi-aws

aws.transfer.Access

Explore with Pulumi AI

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.13.2 published on Thursday, Dec 7, 2023 by Pulumi

pulumi/pulumi-aws

Example Usage

Basic S3

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = new Aws.Transfer.Access("example", new()
    {
        ExternalId = "S-1-1-12-1234567890-123456789-1234567890-1234",
        ServerId = aws_transfer_server.Example.Id,
        Role = aws_iam_role.Example.Arn,
        HomeDirectory = $"/{aws_s3_bucket.Example.Id}/",
    });

});

package main

import (
	"fmt"

	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := transfer.NewAccess(ctx, "example", &transfer.AccessArgs{
			ExternalId:    pulumi.String("S-1-1-12-1234567890-123456789-1234567890-1234"),
			ServerId:      pulumi.Any(aws_transfer_server.Example.Id),
			Role:          pulumi.Any(aws_iam_role.Example.Arn),
			HomeDirectory: pulumi.String(fmt.Sprintf("/%v/", aws_s3_bucket.Example.Id)),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Access;
import com.pulumi.aws.transfer.AccessArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new Access("example", AccessArgs.builder()        
            .externalId("S-1-1-12-1234567890-123456789-1234567890-1234")
            .serverId(aws_transfer_server.example().id())
            .role(aws_iam_role.example().arn())
            .homeDirectory(String.format("/%s/", aws_s3_bucket.example().id()))
            .build());

    }
}

import pulumi
import pulumi_aws as aws

example = aws.transfer.Access("example",
    external_id="S-1-1-12-1234567890-123456789-1234567890-1234",
    server_id=aws_transfer_server["example"]["id"],
    role=aws_iam_role["example"]["arn"],
    home_directory=f"/{aws_s3_bucket['example']['id']}/")

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.transfer.Access("example", {
    externalId: "S-1-1-12-1234567890-123456789-1234567890-1234",
    serverId: aws_transfer_server.example.id,
    role: aws_iam_role.example.arn,
    homeDirectory: `/${aws_s3_bucket.example.id}/`,
});

resources:
  example:
    type: aws:transfer:Access
    properties:
      externalId: S-1-1-12-1234567890-123456789-1234567890-1234
      serverId: ${aws_transfer_server.example.id}
      role: ${aws_iam_role.example.arn}
      homeDirectory: /${aws_s3_bucket.example.id}/

Basic EFS

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var test = new Aws.Transfer.Access("test", new()
    {
        ExternalId = "S-1-1-12-1234567890-123456789-1234567890-1234",
        ServerId = aws_transfer_server.Test.Id,
        Role = aws_iam_role.Test.Arn,
        HomeDirectory = $"/{aws_efs_file_system.Test.Id}/",
        PosixProfile = new Aws.Transfer.Inputs.AccessPosixProfileArgs
        {
            Gid = 1000,
            Uid = 1000,
        },
    });

});

package main

import (
	"fmt"

	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := transfer.NewAccess(ctx, "test", &transfer.AccessArgs{
			ExternalId:    pulumi.String("S-1-1-12-1234567890-123456789-1234567890-1234"),
			ServerId:      pulumi.Any(aws_transfer_server.Test.Id),
			Role:          pulumi.Any(aws_iam_role.Test.Arn),
			HomeDirectory: pulumi.String(fmt.Sprintf("/%v/", aws_efs_file_system.Test.Id)),
			PosixProfile: &transfer.AccessPosixProfileArgs{
				Gid: pulumi.Int(1000),
				Uid: pulumi.Int(1000),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Access;
import com.pulumi.aws.transfer.AccessArgs;
import com.pulumi.aws.transfer.inputs.AccessPosixProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var test = new Access("test", AccessArgs.builder()        
            .externalId("S-1-1-12-1234567890-123456789-1234567890-1234")
            .serverId(aws_transfer_server.test().id())
            .role(aws_iam_role.test().arn())
            .homeDirectory(String.format("/%s/", aws_efs_file_system.test().id()))
            .posixProfile(AccessPosixProfileArgs.builder()
                .gid(1000)
                .uid(1000)
                .build())
            .build());

    }
}

import pulumi
import pulumi_aws as aws

test = aws.transfer.Access("test",
    external_id="S-1-1-12-1234567890-123456789-1234567890-1234",
    server_id=aws_transfer_server["test"]["id"],
    role=aws_iam_role["test"]["arn"],
    home_directory=f"/{aws_efs_file_system['test']['id']}/",
    posix_profile=aws.transfer.AccessPosixProfileArgs(
        gid=1000,
        uid=1000,
    ))

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const test = new aws.transfer.Access("test", {
    externalId: "S-1-1-12-1234567890-123456789-1234567890-1234",
    serverId: aws_transfer_server.test.id,
    role: aws_iam_role.test.arn,
    homeDirectory: `/${aws_efs_file_system.test.id}/`,
    posixProfile: {
        gid: 1000,
        uid: 1000,
    },
});

resources:
  test:
    type: aws:transfer:Access
    properties:
      externalId: S-1-1-12-1234567890-123456789-1234567890-1234
      serverId: ${aws_transfer_server.test.id}
      role: ${aws_iam_role.test.arn}
      homeDirectory: /${aws_efs_file_system.test.id}/
      posixProfile:
        gid: 1000
        uid: 1000

Create Access Resource

new Access(name: string, args: AccessArgs, opts?: CustomResourceOptions);

@overload
def Access(resource_name: str,
           opts: Optional[ResourceOptions] = None,
           external_id: Optional[str] = None,
           home_directory: Optional[str] = None,
           home_directory_mappings: Optional[Sequence[AccessHomeDirectoryMappingArgs]] = None,
           home_directory_type: Optional[str] = None,
           policy: Optional[str] = None,
           posix_profile: Optional[AccessPosixProfileArgs] = None,
           role: Optional[str] = None,
           server_id: Optional[str] = None)
@overload
def Access(resource_name: str,
           args: AccessArgs,
           opts: Optional[ResourceOptions] = None)

func NewAccess(ctx *Context, name string, args AccessArgs, opts ...ResourceOption) (*Access, error)

public Access(string name, AccessArgs args, CustomResourceOptions? opts = null)

public Access(String name, AccessArgs args)
public Access(String name, AccessArgs args, CustomResourceOptions options)

type: aws:transfer:Access
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args AccessArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args AccessArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args AccessArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args AccessArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args AccessArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Access Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Access resource accepts the following input properties:

ExternalId string: The SID of a group in the directory connected to the Transfer Server (e.g., S-1-1-12-1234567890-123456789-1234567890-1234)
ServerId string: The Server ID of the Transfer Server (e.g., s-12345678)
HomeDirectory string: The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a /. The first item in the path is the name of the home bucket (accessible as ${Transfer:HomeBucket} in the policy) and the rest is the home directory (accessible as ${Transfer:HomeDirectory} in the policy). For example, /example-bucket-1234/username would set the home bucket to example-bucket-1234 and the home directory to username.
HomeDirectoryMappings List<AccessHomeDirectoryMapping>: Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
HomeDirectoryType string: The type of landing directory (folder) you mapped for your users' home directory. Valid values are PATH and LOGICAL.
Policy string: An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}. These are evaluated on-the-fly when navigating the bucket.
PosixProfile AccessPosixProfile: Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
Role string: Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.

ExternalId string: The SID of a group in the directory connected to the Transfer Server (e.g., S-1-1-12-1234567890-123456789-1234567890-1234)
ServerId string: The Server ID of the Transfer Server (e.g., s-12345678)
HomeDirectory string: The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a /. The first item in the path is the name of the home bucket (accessible as ${Transfer:HomeBucket} in the policy) and the rest is the home directory (accessible as ${Transfer:HomeDirectory} in the policy). For example, /example-bucket-1234/username would set the home bucket to example-bucket-1234 and the home directory to username.
HomeDirectoryMappings []AccessHomeDirectoryMappingArgs: Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
HomeDirectoryType string: The type of landing directory (folder) you mapped for your users' home directory. Valid values are PATH and LOGICAL.
Policy string: An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}. These are evaluated on-the-fly when navigating the bucket.
PosixProfile AccessPosixProfileArgs: Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
Role string: Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.

externalId String: The SID of a group in the directory connected to the Transfer Server (e.g., S-1-1-12-1234567890-123456789-1234567890-1234)
serverId String: The Server ID of the Transfer Server (e.g., s-12345678)
homeDirectory String: The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a /. The first item in the path is the name of the home bucket (accessible as ${Transfer:HomeBucket} in the policy) and the rest is the home directory (accessible as ${Transfer:HomeDirectory} in the policy). For example, /example-bucket-1234/username would set the home bucket to example-bucket-1234 and the home directory to username.
homeDirectoryMappings List<AccessHomeDirectoryMapping>: Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
homeDirectoryType String: The type of landing directory (folder) you mapped for your users' home directory. Valid values are PATH and LOGICAL.
policy String: An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}. These are evaluated on-the-fly when navigating the bucket.
posixProfile AccessPosixProfile: Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
role String: Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.

externalId string: The SID of a group in the directory connected to the Transfer Server (e.g., S-1-1-12-1234567890-123456789-1234567890-1234)
serverId string: The Server ID of the Transfer Server (e.g., s-12345678)
homeDirectory string: The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a /. The first item in the path is the name of the home bucket (accessible as ${Transfer:HomeBucket} in the policy) and the rest is the home directory (accessible as ${Transfer:HomeDirectory} in the policy). For example, /example-bucket-1234/username would set the home bucket to example-bucket-1234 and the home directory to username.
homeDirectoryMappings AccessHomeDirectoryMapping[]: Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
homeDirectoryType string: The type of landing directory (folder) you mapped for your users' home directory. Valid values are PATH and LOGICAL.
policy string: An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}. These are evaluated on-the-fly when navigating the bucket.
posixProfile AccessPosixProfile: Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
role string: Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.

external_id str: The SID of a group in the directory connected to the Transfer Server (e.g., S-1-1-12-1234567890-123456789-1234567890-1234)
server_id str: The Server ID of the Transfer Server (e.g., s-12345678)
home_directory str: The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a /. The first item in the path is the name of the home bucket (accessible as ${Transfer:HomeBucket} in the policy) and the rest is the home directory (accessible as ${Transfer:HomeDirectory} in the policy). For example, /example-bucket-1234/username would set the home bucket to example-bucket-1234 and the home directory to username.
home_directory_mappings Sequence[AccessHomeDirectoryMappingArgs]: Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
home_directory_type str: The type of landing directory (folder) you mapped for your users' home directory. Valid values are PATH and LOGICAL.
policy str: An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}. These are evaluated on-the-fly when navigating the bucket.
posix_profile AccessPosixProfileArgs: Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
role str: Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.

externalId String: The SID of a group in the directory connected to the Transfer Server (e.g., S-1-1-12-1234567890-123456789-1234567890-1234)
serverId String: The Server ID of the Transfer Server (e.g., s-12345678)
homeDirectory String: The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a /. The first item in the path is the name of the home bucket (accessible as ${Transfer:HomeBucket} in the policy) and the rest is the home directory (accessible as ${Transfer:HomeDirectory} in the policy). For example, /example-bucket-1234/username would set the home bucket to example-bucket-1234 and the home directory to username.
homeDirectoryMappings List<Property Map>: Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
homeDirectoryType String: The type of landing directory (folder) you mapped for your users' home directory. Valid values are PATH and LOGICAL.
policy String: An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}. These are evaluated on-the-fly when navigating the bucket.
posixProfile Property Map: Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
role String: Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.

Outputs

All input properties are implicitly available as output properties. Additionally, the Access resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing Access Resource

Get an existing Access resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AccessState, opts?: CustomResourceOptions): Access

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        external_id: Optional[str] = None,
        home_directory: Optional[str] = None,
        home_directory_mappings: Optional[Sequence[AccessHomeDirectoryMappingArgs]] = None,
        home_directory_type: Optional[str] = None,
        policy: Optional[str] = None,
        posix_profile: Optional[AccessPosixProfileArgs] = None,
        role: Optional[str] = None,
        server_id: Optional[str] = None) -> Access

func GetAccess(ctx *Context, name string, id IDInput, state *AccessState, opts ...ResourceOption) (*Access, error)

public static Access Get(string name, Input<string> id, AccessState? state, CustomResourceOptions? opts = null)

public static Access get(String name, Output<String> id, AccessState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

ExternalId string: The SID of a group in the directory connected to the Transfer Server (e.g., S-1-1-12-1234567890-123456789-1234567890-1234)
HomeDirectory string: The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a /. The first item in the path is the name of the home bucket (accessible as ${Transfer:HomeBucket} in the policy) and the rest is the home directory (accessible as ${Transfer:HomeDirectory} in the policy). For example, /example-bucket-1234/username would set the home bucket to example-bucket-1234 and the home directory to username.
HomeDirectoryMappings List<AccessHomeDirectoryMapping>: Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
HomeDirectoryType string: The type of landing directory (folder) you mapped for your users' home directory. Valid values are PATH and LOGICAL.
Policy string: An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}. These are evaluated on-the-fly when navigating the bucket.
PosixProfile AccessPosixProfile: Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
Role string: Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
ServerId string: The Server ID of the Transfer Server (e.g., s-12345678)

ExternalId string: The SID of a group in the directory connected to the Transfer Server (e.g., S-1-1-12-1234567890-123456789-1234567890-1234)
HomeDirectory string: The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a /. The first item in the path is the name of the home bucket (accessible as ${Transfer:HomeBucket} in the policy) and the rest is the home directory (accessible as ${Transfer:HomeDirectory} in the policy). For example, /example-bucket-1234/username would set the home bucket to example-bucket-1234 and the home directory to username.
HomeDirectoryMappings []AccessHomeDirectoryMappingArgs: Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
HomeDirectoryType string: The type of landing directory (folder) you mapped for your users' home directory. Valid values are PATH and LOGICAL.
Policy string: An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}. These are evaluated on-the-fly when navigating the bucket.
PosixProfile AccessPosixProfileArgs: Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
Role string: Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
ServerId string: The Server ID of the Transfer Server (e.g., s-12345678)

externalId String: The SID of a group in the directory connected to the Transfer Server (e.g., S-1-1-12-1234567890-123456789-1234567890-1234)
homeDirectory String: The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a /. The first item in the path is the name of the home bucket (accessible as ${Transfer:HomeBucket} in the policy) and the rest is the home directory (accessible as ${Transfer:HomeDirectory} in the policy). For example, /example-bucket-1234/username would set the home bucket to example-bucket-1234 and the home directory to username.
homeDirectoryMappings List<AccessHomeDirectoryMapping>: Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
homeDirectoryType String: The type of landing directory (folder) you mapped for your users' home directory. Valid values are PATH and LOGICAL.
policy String: An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}. These are evaluated on-the-fly when navigating the bucket.
posixProfile AccessPosixProfile: Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
role String: Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
serverId String: The Server ID of the Transfer Server (e.g., s-12345678)

externalId string: The SID of a group in the directory connected to the Transfer Server (e.g., S-1-1-12-1234567890-123456789-1234567890-1234)
homeDirectory string: The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a /. The first item in the path is the name of the home bucket (accessible as ${Transfer:HomeBucket} in the policy) and the rest is the home directory (accessible as ${Transfer:HomeDirectory} in the policy). For example, /example-bucket-1234/username would set the home bucket to example-bucket-1234 and the home directory to username.
homeDirectoryMappings AccessHomeDirectoryMapping[]: Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
homeDirectoryType string: The type of landing directory (folder) you mapped for your users' home directory. Valid values are PATH and LOGICAL.
policy string: An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}. These are evaluated on-the-fly when navigating the bucket.
posixProfile AccessPosixProfile: Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
role string: Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
serverId string: The Server ID of the Transfer Server (e.g., s-12345678)

external_id str: The SID of a group in the directory connected to the Transfer Server (e.g., S-1-1-12-1234567890-123456789-1234567890-1234)
home_directory str: The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a /. The first item in the path is the name of the home bucket (accessible as ${Transfer:HomeBucket} in the policy) and the rest is the home directory (accessible as ${Transfer:HomeDirectory} in the policy). For example, /example-bucket-1234/username would set the home bucket to example-bucket-1234 and the home directory to username.
home_directory_mappings Sequence[AccessHomeDirectoryMappingArgs]: Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
home_directory_type str: The type of landing directory (folder) you mapped for your users' home directory. Valid values are PATH and LOGICAL.
policy str: An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}. These are evaluated on-the-fly when navigating the bucket.
posix_profile AccessPosixProfileArgs: Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
role str: Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
server_id str: The Server ID of the Transfer Server (e.g., s-12345678)

externalId String: The SID of a group in the directory connected to the Transfer Server (e.g., S-1-1-12-1234567890-123456789-1234567890-1234)
homeDirectory String: The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a /. The first item in the path is the name of the home bucket (accessible as ${Transfer:HomeBucket} in the policy) and the rest is the home directory (accessible as ${Transfer:HomeDirectory} in the policy). For example, /example-bucket-1234/username would set the home bucket to example-bucket-1234 and the home directory to username.
homeDirectoryMappings List<Property Map>: Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
homeDirectoryType String: The type of landing directory (folder) you mapped for your users' home directory. Valid values are PATH and LOGICAL.
policy String: An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}. These are evaluated on-the-fly when navigating the bucket.
posixProfile Property Map: Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
role String: Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
serverId String: The Server ID of the Transfer Server (e.g., s-12345678)

Supporting Types

AccessHomeDirectoryMapping, AccessHomeDirectoryMappingArgs

Entry string: Represents an entry and a target.
Target string: Represents the map target.

Entry string: Represents an entry and a target.
Target string: Represents the map target.

entry String: Represents an entry and a target.
target String: Represents the map target.

entry string: Represents an entry and a target.
target string: Represents the map target.

entry str: Represents an entry and a target.
target str: Represents the map target.

entry String: Represents an entry and a target.
target String: Represents the map target.

AccessPosixProfile, AccessPosixProfileArgs

Gid int: The POSIX group ID used for all EFS operations by this user.
Uid int: The POSIX user ID used for all EFS operations by this user.
SecondaryGids List<int>: The secondary POSIX group IDs used for all EFS operations by this user.

Gid int: The POSIX group ID used for all EFS operations by this user.
Uid int: The POSIX user ID used for all EFS operations by this user.
SecondaryGids []int: The secondary POSIX group IDs used for all EFS operations by this user.

gid Integer: The POSIX group ID used for all EFS operations by this user.
uid Integer: The POSIX user ID used for all EFS operations by this user.
secondaryGids List<Integer>: The secondary POSIX group IDs used for all EFS operations by this user.

gid number: The POSIX group ID used for all EFS operations by this user.
uid number: The POSIX user ID used for all EFS operations by this user.
secondaryGids number[]: The secondary POSIX group IDs used for all EFS operations by this user.

gid int: The POSIX group ID used for all EFS operations by this user.
uid int: The POSIX user ID used for all EFS operations by this user.
secondary_gids Sequence[int]: The secondary POSIX group IDs used for all EFS operations by this user.

gid Number: The POSIX group ID used for all EFS operations by this user.
uid Number: The POSIX user ID used for all EFS operations by this user.
secondaryGids List<Number>: The secondary POSIX group IDs used for all EFS operations by this user.

Import

Using pulumi import, import Transfer Accesses using the server_id and external_id. For example:

 $ pulumi import aws:transfer/access:Access example s-12345678/S-1-1-12-1234567890-123456789-1234567890-1234

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.13.2 published on Thursday, Dec 7, 2023 by Pulumi

pulumi/pulumi-aws

aws.transfer.Access

On this page

On this page

Example Usage

Basic S3

Basic EFS

Create Access Resource

Access Resource Properties

Inputs

Outputs

Look up Existing Access Resource

Supporting Types

AccessHomeDirectoryMapping, AccessHomeDirectoryMappingArgs

AccessPosixProfile, AccessPosixProfileArgs

Import

Package Details

On this page

On this page