Differences
This shows you the differences between the selected revisions of the page.
| guide_amazon_s3_sftp 2018-12-10 | guide_amazon_s3_sftp 2023-05-30 (current) | ||
| Line 4: | Line 4: | ||
| If you need to access/manage files stored on Amazon S3 (Simple Storage Service) bucket via SFTP, there are two options. You can use a native managed SFTP service recently added by Amazon (which is easier to set up). Or you can mount the bucket to a file system on a Linux server and access the files using the SFTP as any other files on the server (which gives you greater control). | If you need to access/manage files stored on Amazon S3 (Simple Storage Service) bucket via SFTP, there are two options. You can use a native managed SFTP service recently added by Amazon (which is easier to set up). Or you can mount the bucket to a file system on a Linux server and access the files using the SFTP as any other files on the server (which gives you greater control). | ||
| - | ===== Managed SFTP Service ===== | + | ===== [[managed]] Managed SFTP Service ===== |
| ==== Creating Managed SFTP Server ==== | ==== Creating Managed SFTP Server ==== | ||
| - | * To create a Managed SFTP server for S3, in your Amazon AWS Console, go to [[https://console.aws.amazon.com/transfer/|AWS Transfer for SFTP]] and create a new server (you can keep server options to their defaults for a start). | + | * To create a Managed SFTP server for S3, in your Amazon AWS Console, go to [[https://console.aws.amazon.com/transfer|AWS Transfer for SFTP]] and create a new server (you can keep server options to their defaults for a start). |
| * In SFTP server page, add a new SFTP user (or users). | * In SFTP server page, add a new SFTP user (or users). | ||
| - | * Permissions of users are governed by an associated [[https://console.aws.amazon.com/iam/|AWS role]] in IAM service. To create a role which has a full access to all your S3 buckets, just create an //S3// service role with //AmazonS3FullAccess// policy. \\ The role must have trust relationship to ''transfer.amazonaws.com''. On a role page, select //Trust relationships// tab, click //Edit trust relationship// button, and in the access control policy JSON document, change ''Statement[].Principal.Service'' value to ''transfer.amazonaws.com'':((Based on the answer by @ChristopherTull to [[https://stackoverflow.com/q/53642132/850848#53648926|Connecting to AWS Transfer for SFTP]] on Stack Overflow.)) \\ <code php> | + | * Permissions of users are governed by an associated [[https://console.aws.amazon.com/iamv2/#/roles|AWS role]] in IAM service. To create a role which has a full access to all your S3 buckets, just create an //S3// service role with //AmazonS3FullAccess// policy. \\ The role must have trust relationship to ''transfer.amazonaws.com''. On a role page, select //Trust relationships// tab, click //Edit trust relationship// button, and in the access control policy JSON document, change ''Statement[].Principal.Service'' value to ''transfer.amazonaws.com'':((Based on the answer by @ChristopherTull to [[https://stackoverflow.com/q/53642132/850848#53648926|Connecting to AWS Transfer for SFTP]] on Stack Overflow.)) \\ <code php> |
| { | { | ||
| "Version": "2012-10-17", | "Version": "2012-10-17", | ||
| Line 32: | Line 32: | ||
| The host name of the server can be found on the server page as //Endpoint// in a format ''server_id.server.transfer.region.amazonaws.com''. | The host name of the server can be found on the server page as //Endpoint// in a format ''server_id.server.transfer.region.amazonaws.com''. | ||
| - | ===== Mounting Bucket to Linux Server ===== | + | ===== [[mounting]] Mounting Bucket to Linux Server ===== |
| This guide shows how to mount the %%S3%% bucket using [[https://github.com/s3fs-fuse/s3fs-fuse|''s3fs'' file system]] to an Amazon EC2 server and access it using WinSCP. | This guide shows how to mount the %%S3%% bucket using [[https://github.com/s3fs-fuse/s3fs-fuse|''s3fs'' file system]] to an Amazon EC2 server and access it using WinSCP. | ||
| ==== Creating Access Server ==== | ==== Creating Access Server ==== | ||
| - | If you do not have a Linux server available for the mounting, [[https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/launching-instance.html|launch a new Amazon EC2 server]]. | + | If you do not have a Linux server available for the mounting, [[https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html|launch a new Amazon EC2 server]]. |
| A basic Amazon Linux AMI (free tier eligible) server will generally suffice and the following instructions are tested on this distribution. Instructions for other distributions may differ. | A basic Amazon Linux AMI (free tier eligible) server will generally suffice and the following instructions are tested on this distribution. Instructions for other distributions may differ. | ||
| Line 43: | Line 43: | ||
| ==== Installing s3fs ==== | ==== Installing s3fs ==== | ||
| - | Start by [[https://github.com/s3fs-fuse/s3fs-fuse#user-content-installation-from-pre-built-packages|installing ''s3fs'' file system]]. | + | Start by [[https://github.com/s3fs-fuse/s3fs-fuse#installation|installing ''s3fs'' file system]]. |
| ==== Mounting S3 Bucket to File System ==== | ==== Mounting S3 Bucket to File System ==== | ||