Try AWS Native preview for resources not in the classic version.
aws.transfer.Access
Explore with Pulumi AI
Try AWS Native preview for resources not in the classic version.
Provides a AWS Transfer Access resource.
Example Usage
Basic S3
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Transfer.Access("example", new()
{
ExternalId = "S-1-1-12-1234567890-123456789-1234567890-1234",
ServerId = aws_transfer_server.Example.Id,
Role = aws_iam_role.Example.Arn,
HomeDirectory = $"/{aws_s3_bucket.Example.Id}/",
});
});
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := transfer.NewAccess(ctx, "example", &transfer.AccessArgs{
ExternalId: pulumi.String("S-1-1-12-1234567890-123456789-1234567890-1234"),
ServerId: pulumi.Any(aws_transfer_server.Example.Id),
Role: pulumi.Any(aws_iam_role.Example.Arn),
HomeDirectory: pulumi.String(fmt.Sprintf("/%v/", aws_s3_bucket.Example.Id)),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Access;
import com.pulumi.aws.transfer.AccessArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Access("example", AccessArgs.builder()
.externalId("S-1-1-12-1234567890-123456789-1234567890-1234")
.serverId(aws_transfer_server.example().id())
.role(aws_iam_role.example().arn())
.homeDirectory(String.format("/%s/", aws_s3_bucket.example().id()))
.build());
}
}
import pulumi
import pulumi_aws as aws
example = aws.transfer.Access("example",
external_id="S-1-1-12-1234567890-123456789-1234567890-1234",
server_id=aws_transfer_server["example"]["id"],
role=aws_iam_role["example"]["arn"],
home_directory=f"/{aws_s3_bucket['example']['id']}/")
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.transfer.Access("example", {
externalId: "S-1-1-12-1234567890-123456789-1234567890-1234",
serverId: aws_transfer_server.example.id,
role: aws_iam_role.example.arn,
homeDirectory: `/${aws_s3_bucket.example.id}/`,
});
resources:
example:
type: aws:transfer:Access
properties:
externalId: S-1-1-12-1234567890-123456789-1234567890-1234
serverId: ${aws_transfer_server.example.id}
role: ${aws_iam_role.example.arn}
homeDirectory: /${aws_s3_bucket.example.id}/
Basic EFS
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var test = new Aws.Transfer.Access("test", new()
{
ExternalId = "S-1-1-12-1234567890-123456789-1234567890-1234",
ServerId = aws_transfer_server.Test.Id,
Role = aws_iam_role.Test.Arn,
HomeDirectory = $"/{aws_efs_file_system.Test.Id}/",
PosixProfile = new Aws.Transfer.Inputs.AccessPosixProfileArgs
{
Gid = 1000,
Uid = 1000,
},
});
});
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := transfer.NewAccess(ctx, "test", &transfer.AccessArgs{
ExternalId: pulumi.String("S-1-1-12-1234567890-123456789-1234567890-1234"),
ServerId: pulumi.Any(aws_transfer_server.Test.Id),
Role: pulumi.Any(aws_iam_role.Test.Arn),
HomeDirectory: pulumi.String(fmt.Sprintf("/%v/", aws_efs_file_system.Test.Id)),
PosixProfile: &transfer.AccessPosixProfileArgs{
Gid: pulumi.Int(1000),
Uid: pulumi.Int(1000),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Access;
import com.pulumi.aws.transfer.AccessArgs;
import com.pulumi.aws.transfer.inputs.AccessPosixProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var test = new Access("test", AccessArgs.builder()
.externalId("S-1-1-12-1234567890-123456789-1234567890-1234")
.serverId(aws_transfer_server.test().id())
.role(aws_iam_role.test().arn())
.homeDirectory(String.format("/%s/", aws_efs_file_system.test().id()))
.posixProfile(AccessPosixProfileArgs.builder()
.gid(1000)
.uid(1000)
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
test = aws.transfer.Access("test",
external_id="S-1-1-12-1234567890-123456789-1234567890-1234",
server_id=aws_transfer_server["test"]["id"],
role=aws_iam_role["test"]["arn"],
home_directory=f"/{aws_efs_file_system['test']['id']}/",
posix_profile=aws.transfer.AccessPosixProfileArgs(
gid=1000,
uid=1000,
))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const test = new aws.transfer.Access("test", {
externalId: "S-1-1-12-1234567890-123456789-1234567890-1234",
serverId: aws_transfer_server.test.id,
role: aws_iam_role.test.arn,
homeDirectory: `/${aws_efs_file_system.test.id}/`,
posixProfile: {
gid: 1000,
uid: 1000,
},
});
resources:
test:
type: aws:transfer:Access
properties:
externalId: S-1-1-12-1234567890-123456789-1234567890-1234
serverId: ${aws_transfer_server.test.id}
role: ${aws_iam_role.test.arn}
homeDirectory: /${aws_efs_file_system.test.id}/
posixProfile:
gid: 1000
uid: 1000
Create Access Resource
new Access(name: string, args: AccessArgs, opts?: CustomResourceOptions);
@overload
def Access(resource_name: str,
opts: Optional[ResourceOptions] = None,
external_id: Optional[str] = None,
home_directory: Optional[str] = None,
home_directory_mappings: Optional[Sequence[AccessHomeDirectoryMappingArgs]] = None,
home_directory_type: Optional[str] = None,
policy: Optional[str] = None,
posix_profile: Optional[AccessPosixProfileArgs] = None,
role: Optional[str] = None,
server_id: Optional[str] = None)
@overload
def Access(resource_name: str,
args: AccessArgs,
opts: Optional[ResourceOptions] = None)
func NewAccess(ctx *Context, name string, args AccessArgs, opts ...ResourceOption) (*Access, error)
public Access(string name, AccessArgs args, CustomResourceOptions? opts = null)
public Access(String name, AccessArgs args)
public Access(String name, AccessArgs args, CustomResourceOptions options)
type: aws:transfer:Access
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AccessArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AccessArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AccessArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AccessArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AccessArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Access Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Access resource accepts the following input properties:
- External
Id string The SID of a group in the directory connected to the Transfer Server (e.g.,
S-1-1-12-1234567890-123456789-1234567890-1234
)- Server
Id string The Server ID of the Transfer Server (e.g.,
s-12345678
)- Home
Directory string The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a
/
. The first item in the path is the name of the home bucket (accessible as${Transfer:HomeBucket}
in the policy) and the rest is the home directory (accessible as${Transfer:HomeDirectory}
in the policy). For example,/example-bucket-1234/username
would set the home bucket toexample-bucket-1234
and the home directory tousername
.- Home
Directory List<AccessMappings Home Directory Mapping> Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
- Home
Directory stringType The type of landing directory (folder) you mapped for your users' home directory. Valid values are
PATH
andLOGICAL
.- Policy string
An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
. These are evaluated on-the-fly when navigating the bucket.- Posix
Profile AccessPosix Profile Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
- Role string
Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
- External
Id string The SID of a group in the directory connected to the Transfer Server (e.g.,
S-1-1-12-1234567890-123456789-1234567890-1234
)- Server
Id string The Server ID of the Transfer Server (e.g.,
s-12345678
)- Home
Directory string The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a
/
. The first item in the path is the name of the home bucket (accessible as${Transfer:HomeBucket}
in the policy) and the rest is the home directory (accessible as${Transfer:HomeDirectory}
in the policy). For example,/example-bucket-1234/username
would set the home bucket toexample-bucket-1234
and the home directory tousername
.- Home
Directory []AccessMappings Home Directory Mapping Args Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
- Home
Directory stringType The type of landing directory (folder) you mapped for your users' home directory. Valid values are
PATH
andLOGICAL
.- Policy string
An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
. These are evaluated on-the-fly when navigating the bucket.- Posix
Profile AccessPosix Profile Args Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
- Role string
Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
- external
Id String The SID of a group in the directory connected to the Transfer Server (e.g.,
S-1-1-12-1234567890-123456789-1234567890-1234
)- server
Id String The Server ID of the Transfer Server (e.g.,
s-12345678
)- home
Directory String The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a
/
. The first item in the path is the name of the home bucket (accessible as${Transfer:HomeBucket}
in the policy) and the rest is the home directory (accessible as${Transfer:HomeDirectory}
in the policy). For example,/example-bucket-1234/username
would set the home bucket toexample-bucket-1234
and the home directory tousername
.- home
Directory List<AccessMappings Home Directory Mapping> Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
- home
Directory StringType The type of landing directory (folder) you mapped for your users' home directory. Valid values are
PATH
andLOGICAL
.- policy String
An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
. These are evaluated on-the-fly when navigating the bucket.- posix
Profile AccessPosix Profile Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
- role String
Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
- external
Id string The SID of a group in the directory connected to the Transfer Server (e.g.,
S-1-1-12-1234567890-123456789-1234567890-1234
)- server
Id string The Server ID of the Transfer Server (e.g.,
s-12345678
)- home
Directory string The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a
/
. The first item in the path is the name of the home bucket (accessible as${Transfer:HomeBucket}
in the policy) and the rest is the home directory (accessible as${Transfer:HomeDirectory}
in the policy). For example,/example-bucket-1234/username
would set the home bucket toexample-bucket-1234
and the home directory tousername
.- home
Directory AccessMappings Home Directory Mapping[] Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
- home
Directory stringType The type of landing directory (folder) you mapped for your users' home directory. Valid values are
PATH
andLOGICAL
.- policy string
An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
. These are evaluated on-the-fly when navigating the bucket.- posix
Profile AccessPosix Profile Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
- role string
Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
- external_
id str The SID of a group in the directory connected to the Transfer Server (e.g.,
S-1-1-12-1234567890-123456789-1234567890-1234
)- server_
id str The Server ID of the Transfer Server (e.g.,
s-12345678
)- home_
directory str The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a
/
. The first item in the path is the name of the home bucket (accessible as${Transfer:HomeBucket}
in the policy) and the rest is the home directory (accessible as${Transfer:HomeDirectory}
in the policy). For example,/example-bucket-1234/username
would set the home bucket toexample-bucket-1234
and the home directory tousername
.- home_
directory_ Sequence[Accessmappings Home Directory Mapping Args] Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
- home_
directory_ strtype The type of landing directory (folder) you mapped for your users' home directory. Valid values are
PATH
andLOGICAL
.- policy str
An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
. These are evaluated on-the-fly when navigating the bucket.- posix_
profile AccessPosix Profile Args Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
- role str
Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
- external
Id String The SID of a group in the directory connected to the Transfer Server (e.g.,
S-1-1-12-1234567890-123456789-1234567890-1234
)- server
Id String The Server ID of the Transfer Server (e.g.,
s-12345678
)- home
Directory String The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a
/
. The first item in the path is the name of the home bucket (accessible as${Transfer:HomeBucket}
in the policy) and the rest is the home directory (accessible as${Transfer:HomeDirectory}
in the policy). For example,/example-bucket-1234/username
would set the home bucket toexample-bucket-1234
and the home directory tousername
.- home
Directory List<Property Map>Mappings Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
- home
Directory StringType The type of landing directory (folder) you mapped for your users' home directory. Valid values are
PATH
andLOGICAL
.- policy String
An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
. These are evaluated on-the-fly when navigating the bucket.- posix
Profile Property Map Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
- role String
Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
Outputs
All input properties are implicitly available as output properties. Additionally, the Access resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing Access Resource
Get an existing Access resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AccessState, opts?: CustomResourceOptions): Access
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
external_id: Optional[str] = None,
home_directory: Optional[str] = None,
home_directory_mappings: Optional[Sequence[AccessHomeDirectoryMappingArgs]] = None,
home_directory_type: Optional[str] = None,
policy: Optional[str] = None,
posix_profile: Optional[AccessPosixProfileArgs] = None,
role: Optional[str] = None,
server_id: Optional[str] = None) -> Access
func GetAccess(ctx *Context, name string, id IDInput, state *AccessState, opts ...ResourceOption) (*Access, error)
public static Access Get(string name, Input<string> id, AccessState? state, CustomResourceOptions? opts = null)
public static Access get(String name, Output<String> id, AccessState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- External
Id string The SID of a group in the directory connected to the Transfer Server (e.g.,
S-1-1-12-1234567890-123456789-1234567890-1234
)- Home
Directory string The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a
/
. The first item in the path is the name of the home bucket (accessible as${Transfer:HomeBucket}
in the policy) and the rest is the home directory (accessible as${Transfer:HomeDirectory}
in the policy). For example,/example-bucket-1234/username
would set the home bucket toexample-bucket-1234
and the home directory tousername
.- Home
Directory List<AccessMappings Home Directory Mapping> Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
- Home
Directory stringType The type of landing directory (folder) you mapped for your users' home directory. Valid values are
PATH
andLOGICAL
.- Policy string
An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
. These are evaluated on-the-fly when navigating the bucket.- Posix
Profile AccessPosix Profile Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
- Role string
Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
- Server
Id string The Server ID of the Transfer Server (e.g.,
s-12345678
)
- External
Id string The SID of a group in the directory connected to the Transfer Server (e.g.,
S-1-1-12-1234567890-123456789-1234567890-1234
)- Home
Directory string The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a
/
. The first item in the path is the name of the home bucket (accessible as${Transfer:HomeBucket}
in the policy) and the rest is the home directory (accessible as${Transfer:HomeDirectory}
in the policy). For example,/example-bucket-1234/username
would set the home bucket toexample-bucket-1234
and the home directory tousername
.- Home
Directory []AccessMappings Home Directory Mapping Args Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
- Home
Directory stringType The type of landing directory (folder) you mapped for your users' home directory. Valid values are
PATH
andLOGICAL
.- Policy string
An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
. These are evaluated on-the-fly when navigating the bucket.- Posix
Profile AccessPosix Profile Args Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
- Role string
Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
- Server
Id string The Server ID of the Transfer Server (e.g.,
s-12345678
)
- external
Id String The SID of a group in the directory connected to the Transfer Server (e.g.,
S-1-1-12-1234567890-123456789-1234567890-1234
)- home
Directory String The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a
/
. The first item in the path is the name of the home bucket (accessible as${Transfer:HomeBucket}
in the policy) and the rest is the home directory (accessible as${Transfer:HomeDirectory}
in the policy). For example,/example-bucket-1234/username
would set the home bucket toexample-bucket-1234
and the home directory tousername
.- home
Directory List<AccessMappings Home Directory Mapping> Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
- home
Directory StringType The type of landing directory (folder) you mapped for your users' home directory. Valid values are
PATH
andLOGICAL
.- policy String
An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
. These are evaluated on-the-fly when navigating the bucket.- posix
Profile AccessPosix Profile Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
- role String
Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
- server
Id String The Server ID of the Transfer Server (e.g.,
s-12345678
)
- external
Id string The SID of a group in the directory connected to the Transfer Server (e.g.,
S-1-1-12-1234567890-123456789-1234567890-1234
)- home
Directory string The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a
/
. The first item in the path is the name of the home bucket (accessible as${Transfer:HomeBucket}
in the policy) and the rest is the home directory (accessible as${Transfer:HomeDirectory}
in the policy). For example,/example-bucket-1234/username
would set the home bucket toexample-bucket-1234
and the home directory tousername
.- home
Directory AccessMappings Home Directory Mapping[] Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
- home
Directory stringType The type of landing directory (folder) you mapped for your users' home directory. Valid values are
PATH
andLOGICAL
.- policy string
An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
. These are evaluated on-the-fly when navigating the bucket.- posix
Profile AccessPosix Profile Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
- role string
Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
- server
Id string The Server ID of the Transfer Server (e.g.,
s-12345678
)
- external_
id str The SID of a group in the directory connected to the Transfer Server (e.g.,
S-1-1-12-1234567890-123456789-1234567890-1234
)- home_
directory str The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a
/
. The first item in the path is the name of the home bucket (accessible as${Transfer:HomeBucket}
in the policy) and the rest is the home directory (accessible as${Transfer:HomeDirectory}
in the policy). For example,/example-bucket-1234/username
would set the home bucket toexample-bucket-1234
and the home directory tousername
.- home_
directory_ Sequence[Accessmappings Home Directory Mapping Args] Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
- home_
directory_ strtype The type of landing directory (folder) you mapped for your users' home directory. Valid values are
PATH
andLOGICAL
.- policy str
An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
. These are evaluated on-the-fly when navigating the bucket.- posix_
profile AccessPosix Profile Args Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
- role str
Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
- server_
id str The Server ID of the Transfer Server (e.g.,
s-12345678
)
- external
Id String The SID of a group in the directory connected to the Transfer Server (e.g.,
S-1-1-12-1234567890-123456789-1234567890-1234
)- home
Directory String The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a
/
. The first item in the path is the name of the home bucket (accessible as${Transfer:HomeBucket}
in the policy) and the rest is the home directory (accessible as${Transfer:HomeDirectory}
in the policy). For example,/example-bucket-1234/username
would set the home bucket toexample-bucket-1234
and the home directory tousername
.- home
Directory List<Property Map>Mappings Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.
- home
Directory StringType The type of landing directory (folder) you mapped for your users' home directory. Valid values are
PATH
andLOGICAL
.- policy String
An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include
${Transfer:UserName}
,${Transfer:HomeDirectory}
, and${Transfer:HomeBucket}
. These are evaluated on-the-fly when navigating the bucket.- posix
Profile Property Map Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.
- role String
Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.
- server
Id String The Server ID of the Transfer Server (e.g.,
s-12345678
)
Supporting Types
AccessHomeDirectoryMapping, AccessHomeDirectoryMappingArgs
AccessPosixProfile, AccessPosixProfileArgs
- Gid int
The POSIX group ID used for all EFS operations by this user.
- Uid int
The POSIX user ID used for all EFS operations by this user.
- Secondary
Gids List<int> The secondary POSIX group IDs used for all EFS operations by this user.
- Gid int
The POSIX group ID used for all EFS operations by this user.
- Uid int
The POSIX user ID used for all EFS operations by this user.
- Secondary
Gids []int The secondary POSIX group IDs used for all EFS operations by this user.
- gid Integer
The POSIX group ID used for all EFS operations by this user.
- uid Integer
The POSIX user ID used for all EFS operations by this user.
- secondary
Gids List<Integer> The secondary POSIX group IDs used for all EFS operations by this user.
- gid number
The POSIX group ID used for all EFS operations by this user.
- uid number
The POSIX user ID used for all EFS operations by this user.
- secondary
Gids number[] The secondary POSIX group IDs used for all EFS operations by this user.
- gid int
The POSIX group ID used for all EFS operations by this user.
- uid int
The POSIX user ID used for all EFS operations by this user.
- secondary_
gids Sequence[int] The secondary POSIX group IDs used for all EFS operations by this user.
- gid Number
The POSIX group ID used for all EFS operations by this user.
- uid Number
The POSIX user ID used for all EFS operations by this user.
- secondary
Gids List<Number> The secondary POSIX group IDs used for all EFS operations by this user.
Import
Using pulumi import
, import Transfer Accesses using the server_id
and external_id
. For example:
$ pulumi import aws:transfer/access:Access example s-12345678/S-1-1-12-1234567890-123456789-1234567890-1234
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
aws
Terraform Provider.
Try AWS Native preview for resources not in the classic version.