Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. transfer
  5. User

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi
pulumi/pulumi-aws-native

aws-native.transfer.User

Explore with Pulumi AI

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi
pulumi/pulumi-aws-native

Definition of AWS::Transfer::User Resource Type

Create User Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new User(name: string, args: UserArgs, opts?: CustomResourceOptions);
@overload
def User(resource_name: str,
         args: UserArgs,
         opts: Optional[ResourceOptions] = None)

@overload
def User(resource_name: str,
         opts: Optional[ResourceOptions] = None,
         role: Optional[str] = None,
         server_id: Optional[str] = None,
         home_directory: Optional[str] = None,
         home_directory_mappings: Optional[Sequence[UserHomeDirectoryMapEntryArgs]] = None,
         home_directory_type: Optional[UserHomeDirectoryType] = None,
         policy: Optional[str] = None,
         posix_profile: Optional[UserPosixProfileArgs] = None,
         ssh_public_keys: Optional[Sequence[str]] = None,
         tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
         user_name: Optional[str] = None)
func NewUser(ctx *Context, name string, args UserArgs, opts ...ResourceOption) (*User, error)
public User(string name, UserArgs args, CustomResourceOptions? opts = null)
public User(String name, UserArgs args)
public User(String name, UserArgs args, CustomResourceOptions options)

type: aws-native:transfer:User
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. UserArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. UserArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. UserArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. UserArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. UserArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

User Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The User resource accepts the following input properties:

Role This property is required. string
The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.
ServerId This property is required. string
A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.
HomeDirectory string

The landing directory (folder) for a user when they log in to the server using the client.

A HomeDirectory example is /bucket_name/home/mydirectory .

The HomeDirectory parameter is only used if HomeDirectoryType is set to PATH .

HomeDirectoryMappings List<Pulumi.AwsNative.Transfer.Inputs.UserHomeDirectoryMapEntry>

Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the Entry and Target pair, where Entry shows how the path is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your AWS Identity and Access Management (IAM) role provides access to paths in Target . This value can be set only when HomeDirectoryType is set to LOGICAL .

The following is an Entry and Target pair example.

[ { "Entry": "/directory1", "Target": "/bucket_name/home/mydirectory" } ]

In most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (" chroot "). To do this, you can set Entry to / and set Target to the value the user should see for their home directory when they log in.

The following is an Entry and Target pair example for chroot .

[ { "Entry": "/", "Target": "/bucket_name/home/mydirectory" } ]

HomeDirectoryType Pulumi.AwsNative.Transfer.UserHomeDirectoryType

The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to PATH , the user will see the absolute Amazon S3 bucket or Amazon EFS path as is in their file transfer protocol clients. If you set it to LOGICAL , you need to provide mappings in the HomeDirectoryMappings for how you want to make Amazon S3 or Amazon EFS paths visible to your users.

If HomeDirectoryType is LOGICAL , you must provide mappings, using the HomeDirectoryMappings parameter. If, on the other hand, HomeDirectoryType is PATH , you provide an absolute path using the HomeDirectory parameter. You cannot have both HomeDirectory and HomeDirectoryMappings in your template.

Policy string

A session policy for your user so you can use the same IAM role across multiple users. This policy restricts user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName} , ${Transfer:HomeDirectory} , and ${Transfer:HomeBucket} .

For session policies, AWS Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the Policy argument.

For an example of a session policy, see Example session policy .

For more information, see AssumeRole in the AWS Security Token Service API Reference .

PosixProfile Pulumi.AwsNative.Transfer.Inputs.UserPosixProfile
Specifies the full POSIX identity, including user ID ( Uid ), group ID ( Gid ), and any secondary groups IDs ( SecondaryGids ), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.
SshPublicKeys List<string>
This represents the SSH User Public Keys for CloudFormation resource
Tags List<Pulumi.AwsNative.Inputs.Tag>
Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.
UserName string
A unique string that identifies a user and is associated with a ServerId . This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.
Role This property is required. string
The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.
ServerId This property is required. string
A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.
HomeDirectory string

The landing directory (folder) for a user when they log in to the server using the client.

A HomeDirectory example is /bucket_name/home/mydirectory .

The HomeDirectory parameter is only used if HomeDirectoryType is set to PATH .

HomeDirectoryMappings []UserHomeDirectoryMapEntryArgs

Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the Entry and Target pair, where Entry shows how the path is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your AWS Identity and Access Management (IAM) role provides access to paths in Target . This value can be set only when HomeDirectoryType is set to LOGICAL .

The following is an Entry and Target pair example.

[ { "Entry": "/directory1", "Target": "/bucket_name/home/mydirectory" } ]

In most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (" chroot "). To do this, you can set Entry to / and set Target to the value the user should see for their home directory when they log in.

The following is an Entry and Target pair example for chroot .

[ { "Entry": "/", "Target": "/bucket_name/home/mydirectory" } ]

HomeDirectoryType UserHomeDirectoryType

The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to PATH , the user will see the absolute Amazon S3 bucket or Amazon EFS path as is in their file transfer protocol clients. If you set it to LOGICAL , you need to provide mappings in the HomeDirectoryMappings for how you want to make Amazon S3 or Amazon EFS paths visible to your users.

If HomeDirectoryType is LOGICAL , you must provide mappings, using the HomeDirectoryMappings parameter. If, on the other hand, HomeDirectoryType is PATH , you provide an absolute path using the HomeDirectory parameter. You cannot have both HomeDirectory and HomeDirectoryMappings in your template.

Policy string

A session policy for your user so you can use the same IAM role across multiple users. This policy restricts user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName} , ${Transfer:HomeDirectory} , and ${Transfer:HomeBucket} .

For session policies, AWS Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the Policy argument.

For an example of a session policy, see Example session policy .

For more information, see AssumeRole in the AWS Security Token Service API Reference .

PosixProfile UserPosixProfileArgs
Specifies the full POSIX identity, including user ID ( Uid ), group ID ( Gid ), and any secondary groups IDs ( SecondaryGids ), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.
SshPublicKeys []string
This represents the SSH User Public Keys for CloudFormation resource
Tags TagArgs
Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.
UserName string
A unique string that identifies a user and is associated with a ServerId . This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.
role This property is required. String
The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.
serverId This property is required. String
A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.
homeDirectory String

The landing directory (folder) for a user when they log in to the server using the client.

A HomeDirectory example is /bucket_name/home/mydirectory .

The HomeDirectory parameter is only used if HomeDirectoryType is set to PATH .

homeDirectoryMappings List<UserHomeDirectoryMapEntry>

Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the Entry and Target pair, where Entry shows how the path is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your AWS Identity and Access Management (IAM) role provides access to paths in Target . This value can be set only when HomeDirectoryType is set to LOGICAL .

The following is an Entry and Target pair example.

[ { "Entry": "/directory1", "Target": "/bucket_name/home/mydirectory" } ]

In most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (" chroot "). To do this, you can set Entry to / and set Target to the value the user should see for their home directory when they log in.

The following is an Entry and Target pair example for chroot .

[ { "Entry": "/", "Target": "/bucket_name/home/mydirectory" } ]

homeDirectoryType UserHomeDirectoryType

The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to PATH , the user will see the absolute Amazon S3 bucket or Amazon EFS path as is in their file transfer protocol clients. If you set it to LOGICAL , you need to provide mappings in the HomeDirectoryMappings for how you want to make Amazon S3 or Amazon EFS paths visible to your users.

If HomeDirectoryType is LOGICAL , you must provide mappings, using the HomeDirectoryMappings parameter. If, on the other hand, HomeDirectoryType is PATH , you provide an absolute path using the HomeDirectory parameter. You cannot have both HomeDirectory and HomeDirectoryMappings in your template.

policy String

A session policy for your user so you can use the same IAM role across multiple users. This policy restricts user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName} , ${Transfer:HomeDirectory} , and ${Transfer:HomeBucket} .

For session policies, AWS Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the Policy argument.

For an example of a session policy, see Example session policy .

For more information, see AssumeRole in the AWS Security Token Service API Reference .

posixProfile UserPosixProfile
Specifies the full POSIX identity, including user ID ( Uid ), group ID ( Gid ), and any secondary groups IDs ( SecondaryGids ), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.
sshPublicKeys List<String>
This represents the SSH User Public Keys for CloudFormation resource
tags List<Tag>
Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.
userName String
A unique string that identifies a user and is associated with a ServerId . This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.
role This property is required. string
The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.
serverId This property is required. string
A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.
homeDirectory string

The landing directory (folder) for a user when they log in to the server using the client.

A HomeDirectory example is /bucket_name/home/mydirectory .

The HomeDirectory parameter is only used if HomeDirectoryType is set to PATH .

homeDirectoryMappings UserHomeDirectoryMapEntry[]

Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the Entry and Target pair, where Entry shows how the path is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your AWS Identity and Access Management (IAM) role provides access to paths in Target . This value can be set only when HomeDirectoryType is set to LOGICAL .

The following is an Entry and Target pair example.

[ { "Entry": "/directory1", "Target": "/bucket_name/home/mydirectory" } ]

In most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (" chroot "). To do this, you can set Entry to / and set Target to the value the user should see for their home directory when they log in.

The following is an Entry and Target pair example for chroot .

[ { "Entry": "/", "Target": "/bucket_name/home/mydirectory" } ]

homeDirectoryType UserHomeDirectoryType

The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to PATH , the user will see the absolute Amazon S3 bucket or Amazon EFS path as is in their file transfer protocol clients. If you set it to LOGICAL , you need to provide mappings in the HomeDirectoryMappings for how you want to make Amazon S3 or Amazon EFS paths visible to your users.

If HomeDirectoryType is LOGICAL , you must provide mappings, using the HomeDirectoryMappings parameter. If, on the other hand, HomeDirectoryType is PATH , you provide an absolute path using the HomeDirectory parameter. You cannot have both HomeDirectory and HomeDirectoryMappings in your template.

policy string

A session policy for your user so you can use the same IAM role across multiple users. This policy restricts user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName} , ${Transfer:HomeDirectory} , and ${Transfer:HomeBucket} .

For session policies, AWS Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the Policy argument.

For an example of a session policy, see Example session policy .

For more information, see AssumeRole in the AWS Security Token Service API Reference .

posixProfile UserPosixProfile
Specifies the full POSIX identity, including user ID ( Uid ), group ID ( Gid ), and any secondary groups IDs ( SecondaryGids ), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.
sshPublicKeys string[]
This represents the SSH User Public Keys for CloudFormation resource
tags Tag[]
Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.
userName string
A unique string that identifies a user and is associated with a ServerId . This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.
role This property is required. str
The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.
server_id This property is required. str
A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.
home_directory str

The landing directory (folder) for a user when they log in to the server using the client.

A HomeDirectory example is /bucket_name/home/mydirectory .

The HomeDirectory parameter is only used if HomeDirectoryType is set to PATH .

home_directory_mappings Sequence[UserHomeDirectoryMapEntryArgs]

Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the Entry and Target pair, where Entry shows how the path is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your AWS Identity and Access Management (IAM) role provides access to paths in Target . This value can be set only when HomeDirectoryType is set to LOGICAL .

The following is an Entry and Target pair example.

[ { "Entry": "/directory1", "Target": "/bucket_name/home/mydirectory" } ]

In most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (" chroot "). To do this, you can set Entry to / and set Target to the value the user should see for their home directory when they log in.

The following is an Entry and Target pair example for chroot .

[ { "Entry": "/", "Target": "/bucket_name/home/mydirectory" } ]

home_directory_type UserHomeDirectoryType

The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to PATH , the user will see the absolute Amazon S3 bucket or Amazon EFS path as is in their file transfer protocol clients. If you set it to LOGICAL , you need to provide mappings in the HomeDirectoryMappings for how you want to make Amazon S3 or Amazon EFS paths visible to your users.

If HomeDirectoryType is LOGICAL , you must provide mappings, using the HomeDirectoryMappings parameter. If, on the other hand, HomeDirectoryType is PATH , you provide an absolute path using the HomeDirectory parameter. You cannot have both HomeDirectory and HomeDirectoryMappings in your template.

policy str

A session policy for your user so you can use the same IAM role across multiple users. This policy restricts user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName} , ${Transfer:HomeDirectory} , and ${Transfer:HomeBucket} .

For session policies, AWS Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the Policy argument.

For an example of a session policy, see Example session policy .

For more information, see AssumeRole in the AWS Security Token Service API Reference .

posix_profile UserPosixProfileArgs
Specifies the full POSIX identity, including user ID ( Uid ), group ID ( Gid ), and any secondary groups IDs ( SecondaryGids ), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.
ssh_public_keys Sequence[str]
This represents the SSH User Public Keys for CloudFormation resource
tags Sequence[TagArgs]
Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.
user_name str
A unique string that identifies a user and is associated with a ServerId . This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.
role This property is required. String
The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.
serverId This property is required. String
A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.
homeDirectory String

The landing directory (folder) for a user when they log in to the server using the client.

A HomeDirectory example is /bucket_name/home/mydirectory .

The HomeDirectory parameter is only used if HomeDirectoryType is set to PATH .

homeDirectoryMappings List<Property Map>

Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the Entry and Target pair, where Entry shows how the path is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your AWS Identity and Access Management (IAM) role provides access to paths in Target . This value can be set only when HomeDirectoryType is set to LOGICAL .

The following is an Entry and Target pair example.

[ { "Entry": "/directory1", "Target": "/bucket_name/home/mydirectory" } ]

In most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (" chroot "). To do this, you can set Entry to / and set Target to the value the user should see for their home directory when they log in.

The following is an Entry and Target pair example for chroot .

[ { "Entry": "/", "Target": "/bucket_name/home/mydirectory" } ]

homeDirectoryType "PATH" | "LOGICAL"

The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to PATH , the user will see the absolute Amazon S3 bucket or Amazon EFS path as is in their file transfer protocol clients. If you set it to LOGICAL , you need to provide mappings in the HomeDirectoryMappings for how you want to make Amazon S3 or Amazon EFS paths visible to your users.

If HomeDirectoryType is LOGICAL , you must provide mappings, using the HomeDirectoryMappings parameter. If, on the other hand, HomeDirectoryType is PATH , you provide an absolute path using the HomeDirectory parameter. You cannot have both HomeDirectory and HomeDirectoryMappings in your template.

policy String

A session policy for your user so you can use the same IAM role across multiple users. This policy restricts user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName} , ${Transfer:HomeDirectory} , and ${Transfer:HomeBucket} .

For session policies, AWS Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the Policy argument.

For an example of a session policy, see Example session policy .

For more information, see AssumeRole in the AWS Security Token Service API Reference .

posixProfile Property Map
Specifies the full POSIX identity, including user ID ( Uid ), group ID ( Gid ), and any secondary groups IDs ( SecondaryGids ), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.
sshPublicKeys List<String>
This represents the SSH User Public Keys for CloudFormation resource
tags List<Property Map>
Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.
userName String
A unique string that identifies a user and is associated with a ServerId . This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.

Outputs

All input properties are implicitly available as output properties. Additionally, the User resource produces the following output properties:

Arn string

The Amazon Resource Name associated with the user, in the form arn:aws:transfer:region: *account-id* :user/ *server-id* / *username* .

An example of a user ARN is: arn:aws:transfer:us-east-1:123456789012:user/user1 .

Id string
The provider-assigned unique ID for this managed resource.
Arn string

The Amazon Resource Name associated with the user, in the form arn:aws:transfer:region: *account-id* :user/ *server-id* / *username* .

An example of a user ARN is: arn:aws:transfer:us-east-1:123456789012:user/user1 .

Id string
The provider-assigned unique ID for this managed resource.
arn String

The Amazon Resource Name associated with the user, in the form arn:aws:transfer:region: *account-id* :user/ *server-id* / *username* .

An example of a user ARN is: arn:aws:transfer:us-east-1:123456789012:user/user1 .

id String
The provider-assigned unique ID for this managed resource.
arn string

The Amazon Resource Name associated with the user, in the form arn:aws:transfer:region: *account-id* :user/ *server-id* / *username* .

An example of a user ARN is: arn:aws:transfer:us-east-1:123456789012:user/user1 .

id string
The provider-assigned unique ID for this managed resource.
arn str

The Amazon Resource Name associated with the user, in the form arn:aws:transfer:region: *account-id* :user/ *server-id* / *username* .

An example of a user ARN is: arn:aws:transfer:us-east-1:123456789012:user/user1 .

id str
The provider-assigned unique ID for this managed resource.
arn String

The Amazon Resource Name associated with the user, in the form arn:aws:transfer:region: *account-id* :user/ *server-id* / *username* .

An example of a user ARN is: arn:aws:transfer:us-east-1:123456789012:user/user1 .

id String
The provider-assigned unique ID for this managed resource.

Supporting Types

Tag
, TagArgs

Key This property is required. string
The key name of the tag
Value This property is required. string
The value of the tag
Key This property is required. string
The key name of the tag
Value This property is required. string
The value of the tag
key This property is required. String
The key name of the tag
value This property is required. String
The value of the tag
key This property is required. string
The key name of the tag
value This property is required. string
The value of the tag
key This property is required. str
The key name of the tag
value This property is required. str
The value of the tag
key This property is required. String
The key name of the tag
value This property is required. String
The value of the tag

UserHomeDirectoryMapEntry
, UserHomeDirectoryMapEntryArgs

Entry This property is required. string
Represents an entry for HomeDirectoryMappings .
Target This property is required. string
Represents the map target that is used in a HomeDirectoryMapEntry .
Type Pulumi.AwsNative.Transfer.UserMapType

Specifies the type of mapping. Set the type to FILE if you want the mapping to point to a file, or DIRECTORY for the directory to point to a directory.

By default, home directory mappings have a Type of DIRECTORY when you create a Transfer Family server. You would need to explicitly set Type to FILE if you want a mapping to have a file target.

Entry This property is required. string
Represents an entry for HomeDirectoryMappings .
Target This property is required. string
Represents the map target that is used in a HomeDirectoryMapEntry .
Type UserMapType

Specifies the type of mapping. Set the type to FILE if you want the mapping to point to a file, or DIRECTORY for the directory to point to a directory.

By default, home directory mappings have a Type of DIRECTORY when you create a Transfer Family server. You would need to explicitly set Type to FILE if you want a mapping to have a file target.

entry This property is required. String
Represents an entry for HomeDirectoryMappings .
target This property is required. String
Represents the map target that is used in a HomeDirectoryMapEntry .
type UserMapType

Specifies the type of mapping. Set the type to FILE if you want the mapping to point to a file, or DIRECTORY for the directory to point to a directory.

By default, home directory mappings have a Type of DIRECTORY when you create a Transfer Family server. You would need to explicitly set Type to FILE if you want a mapping to have a file target.

entry This property is required. string
Represents an entry for HomeDirectoryMappings .
target This property is required. string
Represents the map target that is used in a HomeDirectoryMapEntry .
type UserMapType

Specifies the type of mapping. Set the type to FILE if you want the mapping to point to a file, or DIRECTORY for the directory to point to a directory.

By default, home directory mappings have a Type of DIRECTORY when you create a Transfer Family server. You would need to explicitly set Type to FILE if you want a mapping to have a file target.

entry This property is required. str
Represents an entry for HomeDirectoryMappings .
target This property is required. str
Represents the map target that is used in a HomeDirectoryMapEntry .
type UserMapType

Specifies the type of mapping. Set the type to FILE if you want the mapping to point to a file, or DIRECTORY for the directory to point to a directory.

By default, home directory mappings have a Type of DIRECTORY when you create a Transfer Family server. You would need to explicitly set Type to FILE if you want a mapping to have a file target.

entry This property is required. String
Represents an entry for HomeDirectoryMappings .
target This property is required. String
Represents the map target that is used in a HomeDirectoryMapEntry .
type "FILE" | "DIRECTORY"

Specifies the type of mapping. Set the type to FILE if you want the mapping to point to a file, or DIRECTORY for the directory to point to a directory.

By default, home directory mappings have a Type of DIRECTORY when you create a Transfer Family server. You would need to explicitly set Type to FILE if you want a mapping to have a file target.

UserHomeDirectoryType
, UserHomeDirectoryTypeArgs

Path
PATH
Logical
LOGICAL
UserHomeDirectoryTypePath
PATH
UserHomeDirectoryTypeLogical
LOGICAL
Path
PATH
Logical
LOGICAL
Path
PATH
Logical
LOGICAL
PATH
PATH
LOGICAL
LOGICAL
"PATH"
PATH
"LOGICAL"
LOGICAL

UserMapType
, UserMapTypeArgs

File
FILE
Directory
DIRECTORY
UserMapTypeFile
FILE
UserMapTypeDirectory
DIRECTORY
File
FILE
Directory
DIRECTORY
File
FILE
Directory
DIRECTORY
FILE
FILE
DIRECTORY
DIRECTORY
"FILE"
FILE
"DIRECTORY"
DIRECTORY

UserPosixProfile
, UserPosixProfileArgs

Gid This property is required. double
The POSIX group ID used for all EFS operations by this user.
Uid This property is required. double
The POSIX user ID used for all EFS operations by this user.
SecondaryGids List<double>
The secondary POSIX group IDs used for all EFS operations by this user.
Gid This property is required. float64
The POSIX group ID used for all EFS operations by this user.
Uid This property is required. float64
The POSIX user ID used for all EFS operations by this user.
SecondaryGids []float64
The secondary POSIX group IDs used for all EFS operations by this user.
gid This property is required. Double
The POSIX group ID used for all EFS operations by this user.
uid This property is required. Double
The POSIX user ID used for all EFS operations by this user.
secondaryGids List<Double>
The secondary POSIX group IDs used for all EFS operations by this user.
gid This property is required. number
The POSIX group ID used for all EFS operations by this user.
uid This property is required. number
The POSIX user ID used for all EFS operations by this user.
secondaryGids number[]
The secondary POSIX group IDs used for all EFS operations by this user.
gid This property is required. float
The POSIX group ID used for all EFS operations by this user.
uid This property is required. float
The POSIX user ID used for all EFS operations by this user.
secondary_gids Sequence[float]
The secondary POSIX group IDs used for all EFS operations by this user.
gid This property is required. Number
The POSIX group ID used for all EFS operations by this user.
uid This property is required. Number
The POSIX user ID used for all EFS operations by this user.
secondaryGids List<Number>
The secondary POSIX group IDs used for all EFS operations by this user.

Package Details

Repository
AWS Native pulumi/pulumi-aws-native
License
Apache-2.0

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi
pulumi/pulumi-aws-native