SFTP setup
Create bucket
Buckets for POC
Create roll for tf service. (Base config from documentation)
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowListingOfUserFolder",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-tf-poc-bucket"
]
},
{
"Sid": "HomeDirObjectAccess",
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject",
"s3:DeleteObjectVersion",
"s3:GetObjectVersion",
"s3:GetObjectACL",
"s3:PutObjectACL"
],
"Resource": "arn:aws:s3:::aws-tf-poc-bucket/*"
}
]
}
Create transfer server
Chose protocol
Chose what will manage identity
Select networking options
- Selected option VPC Hosted, will allow us to use Security Groups and Network Access Control
- VPC / subnet(s) / elastic IP need to be already created
Security Group
Security group needs to have port 22 (SSH) open to allow incoming connections from EIP
Choosing domain aka. Storage Backend
Logging settings
Display Banner if you need one.
Add user to server
User can connect
Create files to test.
for x in {1..10}; do dd if=/dev/urandom of=test_$x.data bs=1024 count=10240; done
List and upload files
Each file is 10mb in size.
Creating workflow
Workflow will copy uploaded files to bucket called archive, And run lambda function.
In transfer family portal go to workflows and create one or add existing. You will see modal which will guide you, click add step and start adding workflow.
Attaching workflow
Click edit "Additional details" In Managed workflows add your workflow and IAM role which will allow in this example to run Lambda function and use different bucket.
Testing
main bucket
archive bucket
lambda test output