- 最新
- 投票最多
- 评论最多
I think I just realized the Logical home directory type with mapping of a top-level path to the S3 path IS the restricted mode.
Hello jtd,
To use Restricted mode with Custom Identity Provider, you would have your IDP or your Lambda function return the HomeDirectoryDetails field along with the HomeDirectoryType field.
HomeDirectoryDetails field specifies your User configuration or landing directories within S3/EFS. HomeDirectoryType field specifies whether you want Logical Directories or Path based Directories. Logical is one that imitates the Restricted Option on AWS Console.
Example:
HomeDirectoryType: LOGICAL
HomeDirectoryDetails: [{"Entry": "/folder-a", "Target": "/my-bucket/folder-a"}]
You can also find more details on Logical Directories in the following blog post - https://aws.amazon.com/blogs/storage/simplify-your-aws-sftp-structure-with-chroot-and-logical-directories/
Let me know if you have further questions.
Sagar