Posted On: Mar 27, 2019

AWS customers can now configure and use AWS Transfer for SFTP (AWS SFTP) within their Amazon Virtual Private Cloud (Amazon VPC) using VPC endpoints, without using public IP addresses or traversing the internet. VPC endpoints for AWS SFTP are powered by AWS PrivateLink, which provides secure, private connectivity between VPCs and AWS services.  

AWS SFTP enables you to move SFTP file transfer workloads to AWS without needing to modify applications or manage any servers. PrivateLink support helps improve security for internal applications that need SFTP access to Amazon S3. When you create or update an AWS SFTP server, you can specify whether your server endpoint should be public or accessible only to SFTP clients in your VPC. You can also access the VPC endpoint from on-premises environments or from other VPCs using AWS VPN, AWS Direct Connect, or VPC Peering.  

Additionally, you can now deploy a network load balancer (NLB) that uses your SFTP server’s VPC endpoint to associate Elastic IPs, enabling your end users to whitelist your SFTP server’s IP addresses.

This feature is available in all regions where AWS SFTP is available. To learn more, visit the AWS SFTP website, or get started in the AWS Console.