aws-sftp-poc

Expose S3 bucket as SFTP using terraform Integration tests using Kitchen terraform

Installation

• Pre-req. Install bundler:

brew update

brew install ruby
gem install bundler

• Install ruby dependencies:

bundle install

• Pre-req. Install terraform:

brew install terraform

• Check terraform fmt:

terraform fmt -check

Environment variables (dotenv)

copy .env.example as .env and edit the file populating it with the desired values

cp .env.example .env

Generate SSH Key for SFTP

ssh-keygen -f poc_sftp_ssh -t rsa
ssh-add -K poc_sftp_ssh
pbcopy < poc_sftp_ssh.pub

• Now the public key will be already in the clipboard, paste in as the value for POC_SFTP_USER_SSH env var

Load environment vars

source .env

Deployments and testing from local machine

Make sure in every backend.tf and provider.tf uncomment the lines:

   shared_credentials_file = "~/.aws/credentials"
   profile                 = "your_aws_profile_here"

Unless you export your AWS credentials as environment variables

Terraform Remote State

• How to create a S3 remote state bucket (once per remote state)

Kitchen Terraform

• Run kitchen terraform (converge + verify + destroy):

bundle exec dotenv kitchen test -d always

• Kitchen. Deploy only:

bundle exec dotenv kitchen converge

• Kitchen. Test only:

bundle exec dotenv kitchen verify

• Kitchen. Destroy only:

bundle exec dotenv kitchen destroy

Test sftp connectivity

Once terraform is finished it will output the sftp endpoint. To manually test it works (takes around 15-20 min after it finishes), deposit a file in the bucket and:

sftp -i poc_sftp_ssh {username}@{endpoint_here}
sftp> cd {bucket_name}
sftp> ls
sftp> get {filename}