![]() ![]() Leave the policy as “None”, and choose the S3 bucket you created earlier as the home directory. You should see something like the images below:Įnter the username you want to add, and select the role you created earlier as the access role. Select the server you just created in the AWS Transfer Family console and click on the “Add User” button. ![]() Now that the resources are deployed, it’s time to add users to the SFTP server. SFTP SecurityPolicyName: TransferSecurityPolicy-2020-06 s3:PutObject - s3:GetObject - s3:GetObjectVersion - s3:DeleteObject - s3:DeleteObjectVersion Resource: ! Sub "$/*" sftpServer:ĮndpointType: PUBLIC IdentityProviderType: SERVICE_MANAGED Protocols: ![]() s3:ListBucket Resource: ! GetAtt sftpBucket.Arn - PolicyName: HomeDirObjectAccess PolicyDocument: s3:ListAllMyBuckets - s3:GetBucketLocation Resource: "*" - PolicyName: AllowListingOfUserFolder PolicyDocument: PolicyName: S3FullAccess PolicyDocument: SSEAlgorithm: AES256 PublicAccessBlockConfiguration:īlockPublicAcls: true BlockPublicPolicy: true IgnorePublicAcls: true RestrictPublicBuckets: true sftpRole: Type: AWS::S3::Bucket DeletionPolicy: Retain Properties: To deploy the necessary resources using CloudFormation, use a template like the one below:ĪWSTemplateFormatVersion: '' Description: Deploy resources for sftp server Resources: Select “Create a new role” as the logging role, select “TransferSecurityPolicy-2020-06” as the Security Policy, then click “Next”.Select “Publicly Accessible” as the endpoint type and click “Next”.Select “Service Managed” as the identity provider and click “Next”.Navigate to the AWS Transfer Family Service in the AWS Console.These policies will allow users in your SFTP server to upload, download, and delete files in the S3 bucket.įinally, create an SFTP server using the AWS Transfer Family service by following the steps below: "PolicyName": "AllowListingOfUserFolder", ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |