pulumi-aws-kotlin/com.pulumi.aws.transfer.kotlin/Access

Access

class Access : KotlinCustomResource

Provides a AWS Transfer Access resource.

NOTE: We suggest using explicit JSON encoding or aws.iam.getPolicyDocument when assigning a value to policy. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.

Example Usage

Basic S3

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.transfer.Access("example", {
    externalId: "S-1-1-12-1234567890-123456789-1234567890-1234",
    serverId: exampleAwsTransferServer.id,
    role: exampleAwsIamRole.arn,
    homeDirectory: `/${exampleAwsS3Bucket.id}/`,
});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.transfer.Access("example",
    external_id="S-1-1-12-1234567890-123456789-1234567890-1234",
    server_id=example_aws_transfer_server["id"],
    role=example_aws_iam_role["arn"],
    home_directory=f"/{example_aws_s3_bucket['id']}/")
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var example = new Aws.Transfer.Access("example", new()
    {
        ExternalId = "S-1-1-12-1234567890-123456789-1234567890-1234",
        ServerId = exampleAwsTransferServer.Id,
        Role = exampleAwsIamRole.Arn,
        HomeDirectory = $"/{exampleAwsS3Bucket.Id}/",
    });
});
Content copied to clipboard
package main
import (
	"fmt"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := transfer.NewAccess(ctx, "example", &transfer.AccessArgs{
			ExternalId:    pulumi.String("S-1-1-12-1234567890-123456789-1234567890-1234"),
			ServerId:      pulumi.Any(exampleAwsTransferServer.Id),
			Role:          pulumi.Any(exampleAwsIamRole.Arn),
			HomeDirectory: pulumi.String(fmt.Sprintf("/%v/", exampleAwsS3Bucket.Id)),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Access;
import com.pulumi.aws.transfer.AccessArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Access("example", AccessArgs.builder()
            .externalId("S-1-1-12-1234567890-123456789-1234567890-1234")
            .serverId(exampleAwsTransferServer.id())
            .role(exampleAwsIamRole.arn())
            .homeDirectory(String.format("/%s/", exampleAwsS3Bucket.id()))
            .build());
    }
}
Content copied to clipboard
resources:
  example:
    type: aws:transfer:Access
    properties:
      externalId: S-1-1-12-1234567890-123456789-1234567890-1234
      serverId: ${exampleAwsTransferServer.id}
      role: ${exampleAwsIamRole.arn}
      homeDirectory: /${exampleAwsS3Bucket.id}/
Content copied to clipboard

Basic EFS

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const test = new aws.transfer.Access("test", {
    externalId: "S-1-1-12-1234567890-123456789-1234567890-1234",
    serverId: testAwsTransferServer.id,
    role: testAwsIamRole.arn,
    homeDirectory: `/${testAwsEfsFileSystem.id}/`,
    posixProfile: {
        gid: 1000,
        uid: 1000,
    },
});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
test = aws.transfer.Access("test",
    external_id="S-1-1-12-1234567890-123456789-1234567890-1234",
    server_id=test_aws_transfer_server["id"],
    role=test_aws_iam_role["arn"],
    home_directory=f"/{test_aws_efs_file_system['id']}/",
    posix_profile=aws.transfer.AccessPosixProfileArgs(
        gid=1000,
        uid=1000,
    ))
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var test = new Aws.Transfer.Access("test", new()
    {
        ExternalId = "S-1-1-12-1234567890-123456789-1234567890-1234",
        ServerId = testAwsTransferServer.Id,
        Role = testAwsIamRole.Arn,
        HomeDirectory = $"/{testAwsEfsFileSystem.Id}/",
        PosixProfile = new Aws.Transfer.Inputs.AccessPosixProfileArgs
        {
            Gid = 1000,
            Uid = 1000,
        },
    });
});
Content copied to clipboard
package main
import (
	"fmt"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := transfer.NewAccess(ctx, "test", &transfer.AccessArgs{
			ExternalId:    pulumi.String("S-1-1-12-1234567890-123456789-1234567890-1234"),
			ServerId:      pulumi.Any(testAwsTransferServer.Id),
			Role:          pulumi.Any(testAwsIamRole.Arn),
			HomeDirectory: pulumi.String(fmt.Sprintf("/%v/", testAwsEfsFileSystem.Id)),
			PosixProfile: &transfer.AccessPosixProfileArgs{
				Gid: pulumi.Int(1000),
				Uid: pulumi.Int(1000),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.transfer.Access;
import com.pulumi.aws.transfer.AccessArgs;
import com.pulumi.aws.transfer.inputs.AccessPosixProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var test = new Access("test", AccessArgs.builder()
            .externalId("S-1-1-12-1234567890-123456789-1234567890-1234")
            .serverId(testAwsTransferServer.id())
            .role(testAwsIamRole.arn())
            .homeDirectory(String.format("/%s/", testAwsEfsFileSystem.id()))
            .posixProfile(AccessPosixProfileArgs.builder()
                .gid(1000)
                .uid(1000)
                .build())
            .build());
    }
}
Content copied to clipboard
resources:
  test:
    type: aws:transfer:Access
    properties:
      externalId: S-1-1-12-1234567890-123456789-1234567890-1234
      serverId: ${testAwsTransferServer.id}
      role: ${testAwsIamRole.arn}
      homeDirectory: /${testAwsEfsFileSystem.id}/
      posixProfile:
        gid: 1000
        uid: 1000
Content copied to clipboard

Import

Using pulumi import, import Transfer Accesses using the server_id and external_id. For example:

$ pulumi import aws:transfer/access:Access example s-12345678/S-1-1-12-1234567890-123456789-1234567890-1234
Content copied to clipboard

Properties

Link copied to clipboard
val externalId: Output<String>

The SID of a group in the directory connected to the Transfer Server (e.g., S-1-1-12-1234567890-123456789-1234567890-1234)

Link copied to clipboard
val homeDirectory: Output<String>?

The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a /. The first item in the path is the name of the home bucket (accessible as ${Transfer:HomeBucket} in the policy) and the rest is the home directory (accessible as ${Transfer:HomeDirectory} in the policy). For example, /example-bucket-1234/username would set the home bucket to example-bucket-1234 and the home directory to username.

Link copied to clipboard
val homeDirectoryMappings: Output<List<AccessHomeDirectoryMapping>>?

Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.

Link copied to clipboard
val homeDirectoryType: Output<String>?

The type of landing directory (folder) you mapped for your users' home directory. Valid values are PATH and LOGICAL.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val policy: Output<String>?

An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}. These are evaluated on-the-fly when navigating the bucket.

Link copied to clipboard
val posixProfile: Output<AccessPosixProfile>?

Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val role: Output<String>?

Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.

Link copied to clipboard
val serverId: Output<String>

The Server ID of the Transfer Server (e.g., s-12345678)

Link copied to clipboard
val urn: Output<String>