Server
Provides a AWS Transfer Server resource.
NOTE on AWS IAM permissions: If the
endpoint_typeis set toVPC, theec2:DescribeVpcEndpointsandec2:ModifyVpcEndpointactions are used. NOTE: Use theaws.transfer.Tagresource to manage the system tags used for custom hostnames.
Example Usage
Basic
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Server;
import com.pulumi.aws.transfer.ServerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Server("example", ServerArgs.builder()
.tags(Map.of("Name", "Example"))
.build());
}
}Security Policy Name
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Server;
import com.pulumi.aws.transfer.ServerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Server("example", ServerArgs.builder()
.securityPolicyName("TransferSecurityPolicy-2020-06")
.build());
}
}VPC Endpoint
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Server;
import com.pulumi.aws.transfer.ServerArgs;
import com.pulumi.aws.transfer.inputs.ServerEndpointDetailsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Server("example", ServerArgs.builder()
.endpointType("VPC")
.endpointDetails(ServerEndpointDetailsArgs.builder()
.addressAllocationIds(aws_eip.example().id())
.subnetIds(aws_subnet.example().id())
.vpcId(aws_vpc.example().id())
.build())
.build());
}
}AWS Directory authentication
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Server;
import com.pulumi.aws.transfer.ServerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Server("example", ServerArgs.builder()
.identityProviderType("AWS_DIRECTORY_SERVICE")
.directoryId(aws_directory_service_directory.example().id())
.build());
}
}AWS Lambda authentication
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Server;
import com.pulumi.aws.transfer.ServerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Server("example", ServerArgs.builder()
.identityProviderType("AWS_LAMBDA")
.function(aws_lambda_identity_provider.example().arn())
.build());
}
}Protocols
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Server;
import com.pulumi.aws.transfer.ServerArgs;
import com.pulumi.aws.transfer.inputs.ServerEndpointDetailsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Server("example", ServerArgs.builder()
.endpointType("VPC")
.endpointDetails(ServerEndpointDetailsArgs.builder()
.subnetIds(aws_subnet.example().id())
.vpcId(aws_vpc.example().id())
.build())
.protocols(
"FTP",
"FTPS")
.certificate(aws_acm_certificate.example().arn())
.identityProviderType("API_GATEWAY")
.url(String.format("%s%s", aws_api_gateway_deployment.example().invoke_url(),aws_api_gateway_resource.example().path()))
.build());
}
}Import
Transfer Servers can be imported using the server id, e.g.,
$ pulumi import aws:transfer/server:Server example s-12345678Certain resource arguments, such as host_key, cannot be read via the API and imported into the provider. This provider will display a difference for these arguments the first run after import if declared in the provider configuration for an imported resource.
Properties
The mode of authentication enabled for this service. The default value is SERVICE_MANAGED, which allows you to store and access SFTP user credentials within the service. API_GATEWAY indicates that user authentication requires a call to an API Gateway endpoint URL provided by you to integrate an identity provider of your choice. Using AWS_DIRECTORY_SERVICE will allow for authentication against AWS Managed Active Directory or Microsoft Active Directory in your on-premises environment, or in AWS using AD Connectors. Use the AWS_LAMBDA value to directly use a Lambda function as your identity provider. If you choose this value, you must specify the ARN for the lambda function in the function argument.