Top / Amazon Web Service / AWS Transfer Family / User

AWS Transfer Family User

This page shows how to write Terraform and CloudFormation for AWS Transfer Family User and write them securely.

terraform-logo

Review your .tf file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

aws_transfer_user (Terraform)

The User in AWS Transfer Family can be configured in Terraform with the resource name aws_transfer_user. The following sections describe 1 example of how to use the resource and its parameters.

Example Usage from GitHub

main.tf#L32
resource "aws_transfer_user" "this" {
  for_each            = { for u in var.users : u.name => u }
  server_id           = aws_transfer_server.this.id
  user_name           = each.value.name
  role                = each.value.role
  home_directory_type = "LOGICAL"

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Provides a AWS Transfer User resource. Managing SSH keys can be accomplished with the aws_transfer_ssh_key resource.

>> from Terraform Registry

AWS::Transfer::User (CloudFormation)

The User in Transfer can be configured in CloudFormation with the resource name AWS::Transfer::User. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

template.yml#L84
    Type: 'AWS::Transfer::User'
    Properties:
      Role: !GetAtt SFTPUserRole.Arn
      ServerId: !GetAtt TransferServer.ServerId
      HomeDirectory: !Sub "/${ImportBucket}/"
      UserName: !Ref SftpUsername
SFTP-S3-UserCreation.yml#L33
    Type: AWS::Transfer::User
    Properties:
      ServerId: !Ref SFTPServerId
      UserName: !Ref 'SFTPUserName'
      HomeDirectory: !Ref 'HomeDirectory'
      Policy: >
template-basic.yml#L27
    Type: AWS::Transfer::User
    Properties:
      Role: !GetAtt UserRole.Arn
      ServerId: !GetAtt Server.ServerId
      UserName: dummyuser
      SshPublicKeys:
IaC.yml#L21
        Type: AWS::Transfer::User
        Properties:
          HomeDirectory: /sftp-realblocks
          Role: !Sub "arn:aws:iam::${AWS::AccountId}:role/Transfer-S3"
          ServerId: !GetAtt SftpServer.ServerId
          SshPublicKeys:
sftp_user.yml#L18
    Type: AWS::Transfer::User
    Properties:
      UserName: !Ref UserName
      HomeDirectory: !Ref HomeDirectory
      Role: !Ref Role
      ServerId: !Ref ServerId
transfer-sftp-template.json#L67
      "Type": "AWS::Transfer::User",
      "Properties": {
        "HomeDirectoryType": "LOGICAL",
        "HomeDirectoryMappings": [
          {
            "Entry": "/",
TransferUserSpecification.json#L3
    "AWS::Transfer::User.HomeDirectoryMapEntry": {
      "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-transfer-user-homedirectorymapentry.html",
      "Properties": {
        "Entry": {
          "Required": true,
          "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-transfer-user-homedirectorymapentry.html#cfn-transfer-user-homedirectorymapentry-entry",
template.json#L2539
    "AWS::Transfer::User": {
      "Type": "AWS::Transfer::User",
      "Properties": {}
    },
    "AWS::EventSchemas::Schema": {
      "Type": "AWS::EventSchemas::Schema",
cloudFormationSftp.json#L252
    "Type": "AWS::Transfer::User",
    "Properties": {
      "HomeDirectoryMappings": [
        {
          "Entry": {
            "Ref": "SftepServerEntryFiles"
sftp-user.json#L210
            "Type": "AWS::Transfer::User",
            "Properties": {
                "HomeDirectory": {
                    "Fn::Sub": "/${SftpBucket}/${RemoteUserName}"
                },
                "Role": {

Parameters

>> from AWS CloudFormation Documentation

Explanation in CloudFormation Registry

The AWS::Transfer::User resource creates a user and associates them with an existing server. You can only create and associate users with servers that have the IdentityProviderType set to SERVICE_MANAGED. Using parameters for CreateUser, you can specify the user name, set the home directory, store the user's public key, and assign the user's AWS Identity and Access Management (IAM) role. You can also optionally add a session policy, and assign metadata with tags that can be used to group and search for users.

>> from AWS CloudFormation Documentation

The Other Related AWS Transfer Family Resources

Frequently asked questions

What is AWS Transfer Family User?

AWS Transfer Family User is a resource for Transfer Family of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Transfer Family User?

For Terraform, the seiji/terraform-aws-modules source code example is useful. See the Terraform Example section for further details.

For CloudFormation, the daaru00/sam-templates, pavantocemca40/DevOps and agibalov/aws-experiment source code examples are useful. See the CloudFormation Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents