Alchemy

Appearance

User ​

The User resource lets you manage AWS Transfer Users for secure file transfers via SFTP, FTPS, and FTP. This resource allows you to configure user permissions, home directories, and other user-related properties.

Minimal Example ​

Create a basic AWS Transfer User with required properties and a simple home directory setting.

ts
import AWS from "alchemy/aws/control";

const transferUser = await AWS.Transfer.User("basicTransferUser", {
  Role: "arn:aws:iam::123456789012:role/MyTransferRole",
  ServerId: "s-12345678",
  UserName: "transferUser01",
  HomeDirectory: "/home/transferUser01"
});

Advanced Configuration ​

Configure an AWS Transfer User with additional security settings like SSH public keys and IAM policy.

ts
const advancedTransferUser = await AWS.Transfer.User("advancedTransferUser", {
  Role: "arn:aws:iam::123456789012:role/MyTransferRole",
  ServerId: "s-12345678",
  UserName: "transferUser02",
  HomeDirectory: "/home/transferUser02",
  SshPublicKeys: [
    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3...",
    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCr..."
  ],
  Policy: JSON.stringify({
    Version: "2012-10-17",
    Statement: [
      {
        Effect: "Allow",
        Action: "transfer:List*",
        Resource: "*"
      },
      {
        Effect: "Allow",
        Action: "s3:GetObject",
        Resource: "arn:aws:s3:::my-bucket-name/*"
      }
    ]
  })
});

Home Directory Mappings ​

Demonstrate how to map a user’s home directory to specific S3 paths using home directory mappings.

ts
const mappedTransferUser = await AWS.Transfer.User("mappedTransferUser", {
  Role: "arn:aws:iam::123456789012:role/MyTransferRole",
  ServerId: "s-12345678",
  UserName: "transferUser03",
  HomeDirectory: "/home/transferUser03",
  HomeDirectoryMappings: [
    {
      Entry: "/home/transferUser03",
      Target: "arn:aws:s3:::my-bucket-name/user01"
    },
    {
      Entry: "/uploads",
      Target: "arn:aws:s3:::my-bucket-name/user01/uploads"
    }
  ]
});

POSIX Profile Configuration ​

Create a user with a POSIX profile for managing UNIX-like permissions.

ts
const posixUser = await AWS.Transfer.User("posixTransferUser", {
  Role: "arn:aws:iam::123456789012:role/MyTransferRole",
  ServerId: "s-12345678",
  UserName: "transferUser04",
  HomeDirectory: "/home/transferUser04",
  PosixProfile: {
    Gid: 1001,
    SecondaryGids: [1002, 1003],
    Uid: 1000
  }
});