AWS transfer server for sftp is fully managed SFTP service.
It is costly in my opinion. In most case, to save the cost, you needn't create different sftp servers for different environments (we used to do that for application deployment).
So manage different sftp groups on same sftp server is the way using by this repository.
This repository is forked from felipefrizzo/terraform-aws-transfer-server
I did lots of changes with below improvement:
- upgrade to terraform 0.12+
- remove the s3 bucket resources out of this repo. I would not recommend to manage s3 bucket with sftp service together. It has the risk to clean/delete the s3 bucket carelessly.
- manage different iam roles for transfer server and sftp users
- manage sftp users and their public keys as list.
- manage different sftp groups (optional) with different s3 bucket and its folders' permission.
Currently I set two groups as sample, dev and prod, both are optional. If you need add more environments, do it by yourself.
- Make sure you have created the s3 buckets for this aws transfer sftp server.
- update default value of project name, user name, user public keys in
variables.tf
or feed as variables - update iam role permission in folder
tempaltes
Examples are in folder examples
Name | Description | Type | Default | Required |
---|---|---|---|---|
application | application name | string | "sftp" |
no |
project | project name | string | "my-project" |
no |
s3_bucket_dev | s3 bucket name for dev | string | "" |
no |
s3_bucket_prod | s3 bucket name for prod | string | "" |
no |
transfer_server_ssh_key_dev | SSH publish key for transfer server user | list(string) | [] |
no |
transfer_server_ssh_key_prod | SSH publish key for transfer server user | list(string) | [] |
no |
transfer_server_user_name_dev | User name for SFTP server | list(string) | [] |
no |
transfer_server_user_name_prod | User name for SFTP server | list(string) | [] |
no |
Name | Description |
---|---|
transfer_server_endpoint | |
transfer_server_id |