When creating a scope-down policy for users in an AWS Transfer SFTP server, one can use the policy variables ${transfer:HomeFolder} and ${transfer:HomeDirectory} in that policy, according to the documentation. However, I couldn't find any description of what the difference between the two is. Can someone explain, or link to relevant documentation?
Different between transfer:HomeFolder and transfer:HomeDirectory in AWS policies
7.3k Views Asked by Björn Pollex At
1
There are 1 best solutions below
Related Questions in AMAZON-S3
- How to grant privileges to current user
- Drop DB2 database if exist
- DB2, Hibernate, JPA: Schema does not exist
- Can you check for a DB2 license in C#?
- DB2 Join Query that Maximizes Column
- How to access a Row Type within an Array Type in DB2 SQL PL
- IBM DB2 native encryption applied on live database
- Using an ODBC connection in Access get retrieve data from DB2
- join 2 tables and get some columns from 1st table and max timestamp value from second table
- How to connect to DB2 SQL database with node JS?
Related Questions in AWS-SFTP
- How to grant privileges to current user
- Drop DB2 database if exist
- DB2, Hibernate, JPA: Schema does not exist
- Can you check for a DB2 license in C#?
- DB2 Join Query that Maximizes Column
- How to access a Row Type within an Array Type in DB2 SQL PL
- IBM DB2 native encryption applied on live database
- Using an ODBC connection in Access get retrieve data from DB2
- join 2 tables and get some columns from 1st table and max timestamp value from second table
- How to connect to DB2 SQL database with node JS?
Related Questions in AWS-POLICIES
- How to grant privileges to current user
- Drop DB2 database if exist
- DB2, Hibernate, JPA: Schema does not exist
- Can you check for a DB2 license in C#?
- DB2 Join Query that Maximizes Column
- How to access a Row Type within an Array Type in DB2 SQL PL
- IBM DB2 native encryption applied on live database
- Using an ODBC connection in Access get retrieve data from DB2
- join 2 tables and get some columns from 1st table and max timestamp value from second table
- How to connect to DB2 SQL database with node JS?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
The difference is kind of implied by the example on that page.
${transfer:HomeFolder}is just the key prefix (e.g.,/my-folder/sub-folder), while${transfer:HomeDirectory}also contains the bucket name (e.g.,/my-bucket/my-folder/sub-folder).AWS Transfer for SFTP recently added support for Logical Home Directories, which you can use to provide a "chroot-like" behavior and lock down your users access to a designated home folder. So if all you're trying to do is restrict a user to a single S3 folder, edit the user's profile in the AWS Transfer console and click the "Restricted" check box. Then you don't have to mess with scopedown policies at all.
If you’re using Custom IDP, follow this blog for a similar set up:
https://aws.amazon.com/blogs/storage/simplify-your-aws-sftp-structure-with-chroot-and-logical-directories/