By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

cloudformation SFTP transfer service with custom hostname

0

First off I am very new to AWS cloudformation, been working on templates for a couple months

trying to create a cloudformation template that creates an SFTP transfer service and adds a custom hostname. I was able to create the route 53 hostname and it all works fine with the exception the AWS Transfer Family dashboard does not show the Hostname for the server. I suspect it has to do with tags as I found this doc. I am using a parameter to get the HostedZoneId and use it via HostedZoneId: !Ref HostedZoneIdParam in the SFTPServerDNSRecord resource. is there a way to use t hat same parameter in a key/value as in Key: aws:transfer:route53HostedZoneId Value: /hostedzone/!Ref HostedZoneIdParam

Any assistance or guidance would be appreciated

Topics
Migration & ModernizationManagement & GovernanceNetworking & Content Delivery
Tags
AWS Transfer for SFTPAWS CloudFormationAmazon Route 53
Language
English
dnew
asked 2 years ago1511 views
3 Answers
0
Accepted Answer

Hello dnew@,

For Custom Hostname to show up on the Transfer console server dashboard, you'll have to add the the Key/Value pairs aws:transfer:customHostname and aws:transfer:route53HostedZoneId within the Tags field of the server property.

I'll share an example CloudFormation template snippet below:

...
Parameters:
    HostedZoneID:
        Type: String
        Description: "Enter your R53 HostedZone-ID"
    CustomHostname:
        Type: String
        Description: "Enter your Custom Hostname"
Resources:
...
  SFTPServer:
    Type: 'AWS::Transfer::Server'
    Properties:
      Tags:
        - Key: "aws:transfer:customHostname"
          Value: !Ref CustomHostname
        - Key: "aws:transfer:route53HostedZoneId"
          Value: !Join [ '/', [ "/hostedzone", !Ref HostedZoneID] ]
...

The above should help you achieve your use-case. Let me know if you have questions.

References:

[1] https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-transfer-server.html

-- Sagar

AWS
EXPERT
sagarb-aws
answered 2 years ago
  • dnew
    2 years ago

    Thank you for the answer and YES! that was the fix. However, my syntax was a little different. yours looks cleaner than mine, can you explain the !join syntax a bit? like is yours better/more acceptable than my code below? I i found the syntax I used referencing the Fn::Join AWS documentation

    Tags: - Key: Ownership Value: it_infrastructure - Key: aws:transfer:route53HostedZoneId Value: !Join - '' - - '/hostedzone/' - !Ref HostedZoneIdParam - Key: aws:transfer:customHostname Value: !Ref SFTPHostnameParam

  • sagarb-aws EXPERT
    2 years ago

    Hello dnew@,

    Glad to hear that your issue is resolved. To your question, both syntax's are correct and I believe its just a matter of preference on which one you are more comfortable with.

    -- Sagar

  • ErikS
    a year ago

    For those that stumble upon this post in the future... the tag names have been updated to remove the restricted "aws:" prefix. The tag is now "transfer:customHostname"

    https://docs.aws.amazon.com/transfer/latest/userguide/requirements-dns.html#tag-custom-hostname-cdk

0

The following does add the custom host name but doesn't add the CNAME host record. I have tried all kinds of combination, Not sure what I am missing..

SftpServer:
    Type: 'AWS::Transfer::Server'
    Properties:
      Protocols: ['SFTP']
      IdentityProviderType: SERVICE_MANAGED
      EndpointType: PUBLIC
        Tags:
        - Key: transfer:route53HostedZoneId
          Value: !Join [ '/', [ "/hostedzone", !Ref HostedZoneIdParam] ]
        - Key: transfer:customHostname
          Value: !Ref CustomHostname
shyam
answered 7 months ago
0

Eventually I have to add this to Resources to add the custom host name to hosted zone:, If someone is struggling with this scenario

myDNSRecord:
    Type: AWS::Route53::RecordSet
    Properties:
      HostedZoneId : !Ref HostedZoneIdParam
      Name: !Ref CustomHostname
      ResourceRecords:
        - !Join 
          - ''
          - - !GetAtt SftpServer.ServerId
            - '.server.transfer.'
            - !Ref AWS::Region
            - '.amazonaws.com'
      TTL: 300
      Type: CNAME
shyam
answered 7 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content