-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtransfer-family.tf
43 lines (36 loc) · 1.23 KB
/
transfer-family.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
resource "aws_transfer_server" "default" {
identity_provider_type = "SERVICE_MANAGED"
protocols = ["SFTP"]
endpoint_type = "PUBLIC"
force_destroy = true
security_policy_name = var.security_policy_name
logging_role = join("", aws_iam_role.logging[*].arn)
tags = {
Name = var.server_name
}
}
resource "aws_transfer_user" "default" {
for_each = { for user in var.sftp_users : user.username => user }
server_id = join("", aws_transfer_server.default[*].id)
role = aws_iam_role.s3_access_for_sftp_users[each.value.username].arn
user_name = each.value.username
home_directory_type = "LOGICAL"
home_directory_mappings {
entry = "/"
target = "/${var.s3_bucket_name}/$${Transfer:UserName}"
}
lifecycle {
ignore_changes = [
home_directory_mappings
]
}
}
resource "aws_transfer_ssh_key" "default" {
for_each = { for user in var.sftp_users : user.username => user }
server_id = join("", aws_transfer_server.default[*].id)
user_name = each.value.username
body = tls_private_key.sftp_ssh_key[each.value.username].public_key_openssh
depends_on = [
aws_transfer_user.default
]
}