- Newest
- Most votes
- Most comments
To create an SFTP user with access to specific folders in AWS Transfer Family and modify their permissions to allow uploading and downloading files, you can follow these steps:
-
First, ensure you have an SFTP-enabled server set up in AWS Transfer Family.
-
To add a new user with access to the specific 'test' directory:
a. Go to the AWS Transfer Family console and select your server. b. Choose "Add user". c. Enter a username for the new user. d. For Access, select the IAM role you've created with the policy you provided.
-
The IAM policy you've shared already grants the necessary permissions for the user to access the 'test' directory within the 'abc-sftp' bucket. This policy allows listing the contents of the 'test' directory, as well as getting, putting, deleting, and managing object ACLs within that directory.
-
To enable the user to upload and download files, you don't need to modify the policy as it already includes the required permissions:
- 's3:GetObject' allows downloading files
- 's3:PutObject' allows uploading files
-
If the user still can't upload or download files, double-check that:
- The IAM role is correctly attached to the user in AWS Transfer Family.
- The trust relationship for the IAM role is correctly set up (which it appears to be based on what you've provided).
- The S3 bucket permissions allow the actions defined in the IAM policy.
-
To restrict the user to only the 'test' directory, you can set the user's home directory in AWS Transfer Family: a. In the user's settings, find the "Home directory" option. b. Set it to '/abc-sftp/test'.
-
If you want to provide a logical view of just the 'test' directory to the user: a. In the user's settings, enable "Restrict user to home directory". b. This will make the 'test' directory appear as the root directory to the user.
By following these steps, you should have a user who can list, upload, and download files specifically within the 'test' directory of your 'abc-sftp' S3 bucket using SFTP through AWS Transfer Family.
Sources
Getting started with AWS Transfer Family server endpoints - AWS Transfer Family
Configure SFTP connectors - AWS Transfer Family
Create an SFTP-enabled server - AWS Transfer Family
Relevant content
- asked 6 months ago
- asked 2 months ago
- asked 3 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 4 days ago