Copyright | (c) 2013-2023 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
Synopsis
- data DescribedUser = DescribedUser' {
- homeDirectory :: Maybe Text
- homeDirectoryMappings :: Maybe (NonEmpty HomeDirectoryMapEntry)
- homeDirectoryType :: Maybe HomeDirectoryType
- policy :: Maybe Text
- posixProfile :: Maybe PosixProfile
- role' :: Maybe Text
- sshPublicKeys :: Maybe [SshPublicKey]
- tags :: Maybe (NonEmpty Tag)
- userName :: Maybe Text
- arn :: Text
- newDescribedUser :: Text -> DescribedUser
- describedUser_homeDirectory :: Lens' DescribedUser (Maybe Text)
- describedUser_homeDirectoryMappings :: Lens' DescribedUser (Maybe (NonEmpty HomeDirectoryMapEntry))
- describedUser_homeDirectoryType :: Lens' DescribedUser (Maybe HomeDirectoryType)
- describedUser_policy :: Lens' DescribedUser (Maybe Text)
- describedUser_posixProfile :: Lens' DescribedUser (Maybe PosixProfile)
- describedUser_role :: Lens' DescribedUser (Maybe Text)
- describedUser_sshPublicKeys :: Lens' DescribedUser (Maybe [SshPublicKey])
- describedUser_tags :: Lens' DescribedUser (Maybe (NonEmpty Tag))
- describedUser_userName :: Lens' DescribedUser (Maybe Text)
- describedUser_arn :: Lens' DescribedUser Text
Documentation
data DescribedUser Source #
Describes the properties of a user that was specified.
See: newDescribedUser
smart constructor.
DescribedUser' | |
|
Instances
Create a value of DescribedUser
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:homeDirectory:DescribedUser'
, describedUser_homeDirectory
- The landing directory (folder) for a user when they log in to the server
using the client.
A HomeDirectory
example is /bucket_name/home/mydirectory
.
$sel:homeDirectoryMappings:DescribedUser'
, describedUser_homeDirectoryMappings
- Logical directory mappings that specify what Amazon S3 or Amazon EFS
paths and keys should be visible to your user and how you want to make
them visible. You must specify the Entry
and Target
pair, where
Entry
shows how the path is made visible and Target
is the actual
Amazon S3 or Amazon EFS path. If you only specify a target, it is
displayed as is. You also must ensure that your Identity and Access
Management (IAM) role provides access to paths in Target
. This value
can be set only when HomeDirectoryType
is set to LOGICAL.
In most cases, you can use this value instead of the session policy to
lock your user down to the designated home directory ("chroot
"). To
do this, you can set Entry
to '/' and set Target
to the
HomeDirectory parameter value.
$sel:homeDirectoryType:DescribedUser'
, describedUser_homeDirectoryType
- The type of landing directory (folder) that you want your users' home
directory to be when they log in to the server. If you set it to PATH
,
the user will see the absolute Amazon S3 bucket or EFS paths as is in
their file transfer protocol clients. If you set it LOGICAL
, you need
to provide mappings in the HomeDirectoryMappings
for how you want to
make Amazon S3 or Amazon EFS paths visible to your users.
$sel:policy:DescribedUser'
, describedUser_policy
- A session policy for your user so that you can use the same Identity and
Access Management (IAM) role across multiple users. This policy scopes
down a user's access to portions of their Amazon S3 bucket. Variables
that you can use inside this policy include ${Transfer:UserName}
,
${Transfer:HomeDirectory}
, and ${Transfer:HomeBucket}
.
$sel:posixProfile:DescribedUser'
, describedUser_posixProfile
- Specifies the full POSIX identity, including user ID (Uid
), group ID
(Gid
), and any secondary groups IDs (SecondaryGids
), that controls
your users' access to your Amazon Elastic File System (Amazon EFS) file
systems. The POSIX permissions that are set on files and directories in
your file system determine the level of access your users get when
transferring files into and out of your Amazon EFS file systems.
$sel:role':DescribedUser'
, describedUser_role
- The Amazon Resource Name (ARN) of the Identity and Access Management
(IAM) role that controls your users' access to your Amazon S3 bucket or
Amazon EFS file system. The policies attached to this role determine the
level of access that you want to provide your users when transferring
files into and out of your Amazon S3 bucket or Amazon EFS file system.
The IAM role should also contain a trust relationship that allows the
server to access your resources when servicing your users' transfer
requests.
$sel:sshPublicKeys:DescribedUser'
, describedUser_sshPublicKeys
- Specifies the public key portion of the Secure Shell (SSH) keys stored
for the described user.
$sel:tags:DescribedUser'
, describedUser_tags
- Specifies the key-value pairs for the user requested. Tag can be used to
search for and group users for a variety of purposes.
$sel:userName:DescribedUser'
, describedUser_userName
- Specifies the name of the user that was requested to be described. User
names are used for authentication purposes. This is the string that will
be used by your user when they log in to your server.
$sel:arn:DescribedUser'
, describedUser_arn
- Specifies the unique Amazon Resource Name (ARN) for the user that was
requested to be described.
describedUser_homeDirectory :: Lens' DescribedUser (Maybe Text) Source #
The landing directory (folder) for a user when they log in to the server using the client.
A HomeDirectory
example is /bucket_name/home/mydirectory
.
describedUser_homeDirectoryMappings :: Lens' DescribedUser (Maybe (NonEmpty HomeDirectoryMapEntry)) Source #
Logical directory mappings that specify what Amazon S3 or Amazon EFS
paths and keys should be visible to your user and how you want to make
them visible. You must specify the Entry
and Target
pair, where
Entry
shows how the path is made visible and Target
is the actual
Amazon S3 or Amazon EFS path. If you only specify a target, it is
displayed as is. You also must ensure that your Identity and Access
Management (IAM) role provides access to paths in Target
. This value
can be set only when HomeDirectoryType
is set to LOGICAL.
In most cases, you can use this value instead of the session policy to
lock your user down to the designated home directory ("chroot
"). To
do this, you can set Entry
to '/' and set Target
to the
HomeDirectory parameter value.
describedUser_homeDirectoryType :: Lens' DescribedUser (Maybe HomeDirectoryType) Source #
The type of landing directory (folder) that you want your users' home
directory to be when they log in to the server. If you set it to PATH
,
the user will see the absolute Amazon S3 bucket or EFS paths as is in
their file transfer protocol clients. If you set it LOGICAL
, you need
to provide mappings in the HomeDirectoryMappings
for how you want to
make Amazon S3 or Amazon EFS paths visible to your users.
describedUser_policy :: Lens' DescribedUser (Maybe Text) Source #
A session policy for your user so that you can use the same Identity and
Access Management (IAM) role across multiple users. This policy scopes
down a user's access to portions of their Amazon S3 bucket. Variables
that you can use inside this policy include ${Transfer:UserName}
,
${Transfer:HomeDirectory}
, and ${Transfer:HomeBucket}
.
describedUser_posixProfile :: Lens' DescribedUser (Maybe PosixProfile) Source #
Specifies the full POSIX identity, including user ID (Uid
), group ID
(Gid
), and any secondary groups IDs (SecondaryGids
), that controls
your users' access to your Amazon Elastic File System (Amazon EFS) file
systems. The POSIX permissions that are set on files and directories in
your file system determine the level of access your users get when
transferring files into and out of your Amazon EFS file systems.
describedUser_role :: Lens' DescribedUser (Maybe Text) Source #
The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.
describedUser_sshPublicKeys :: Lens' DescribedUser (Maybe [SshPublicKey]) Source #
Specifies the public key portion of the Secure Shell (SSH) keys stored for the described user.
describedUser_tags :: Lens' DescribedUser (Maybe (NonEmpty Tag)) Source #
Specifies the key-value pairs for the user requested. Tag can be used to search for and group users for a variety of purposes.
describedUser_userName :: Lens' DescribedUser (Maybe Text) Source #
Specifies the name of the user that was requested to be described. User names are used for authentication purposes. This is the string that will be used by your user when they log in to your server.
describedUser_arn :: Lens' DescribedUser Text Source #
Specifies the unique Amazon Resource Name (ARN) for the user that was requested to be described.