All BucketBridge configuration is performed via the AWS Systems Manager Parameter Store. All configuration must be encrypted using KMS. If you started BucketBridge via our provided quickstart CloudFormation template a KMS key has been created for this purpose.
Visit the Systems Manager Parameter Store page in the AWS console, and ensure that the region you launched the CloudFormation template in is selected in the upper-right corner.
You must prefix the username you are creating with
bucketbridge is the name of the CloudFormation stack you created earlier. Ensure
that Type is set to SecureString, and that you have selected the KMS key
created by the CloudFormation template. BucketBridge does not have access to use
other KMS keys, and will not be able to encrypt the data if an alternate key is
For example, to create a user with the username
fred and password
agreatpasswordreallythebest for a BucketBridge instance create in a stack
named bucketbridge, you would:
/bucketbridge/user/fredin the Name box
- Select SecureString under Type
- Select KMS key source of My current account
- Select the KMS key ID you created via the CloudFormation template
agreatpasswordreallythebestin the Value box
- Click Create Parameter
Resetting user password
To reset a user’s password, select the user from the parameter list and then Edit. Enter the new password in the Value box, and click Save Changes.
To delete a user, select the user from the parameter list and then Delete. Note that existing FTP sessions will not be disconnected on deletion.
Advanced: Adding multiple users
As above, you need to ensure all users created are done so with the string
/bucketbridge/user/ at the start.
Advanced: Using BucketBridge with multiple S3 Buckets
A single BucketBridge instance can be used with multiple S3 buckets. To do this,
you must create the S3 buckets separately, and ensure that the BucketBridge role
has appropriate permissions to access these buckets.
To set the S3 Bucket to be used for a given user, add a KMS encrypted parameter
of the name
bucketbridge is the name of the
CloudFormation stack, and
fred is the name of the user. The Value for the
parameter should be set to the name of the bucket you wish the user to access.