What is the CloudFormation equivalent of the "Restricted" user?

leshik:

Thank you for submitting your request for supporting HomeDirectoryType and HomeDirectoryMappings parameter to build CloudFormation templates for your SFTP server and users. We will add it to our backlog and make an announcement in the forum once it is available. Meanwhile, would you consider the option of scripting out using API or CLI commands for the CreateUser/UpdateUser operations to get access to the same 'restricted' functionality?

Thanks,
Smitha

Thanks, smithaAWS. I create users with CloudFormation, then I apply type and mappings using aws transfer update-user command. I'm glad that you consider adding this functionality to templates, this would simplify things.

leshik:

Following up on your request, you can now use the "Restricted" feature when creating users through CloudFormation templates. Please refer to the documentation for details:https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-transfer-user.html and let us know if you have any questions.

Thanks,
Smitha

I don't see any documentation in that link on how to specify the restricted user in the template.

Edit: Is the use of 'LOGICAL' directory type with a mapping to the home directory the equivalent of the 'restricted' option?

Edited by: jtd on Jan 28, 2021 10:18 AM