Posted On: Jan 10, 2020

AWS Transfer for SFTP (AWS SFTP) customers can now whitelist client IP addresses using Amazon Virtual Private Cloud (VPC) Security Groups, providing an additional layer of security to their SFTP servers. Customers can also associate Elastic IP addresses with their server’s endpoint, enabling end users behind firewalls to whitelist access to the endpoint. 

AWS SFTP enables the movement of Secure Shell File Transfer Protocol (SFTP) based workloads to AWS, without needing to modify applications, or manage any servers. When creating or updating an SFTP server, you can choose to host the endpoint within your VPC, associate Elastic IP addresses (including Bring Your Own IPs), and attach VPC Security Groups with rules to filter incoming traffic to your endpoint. This ensures that access is restricted to authenticated users whose requests originate from whitelisted IP addresses only. 

Additionally, you can use VPC Flow Logs for capturing your endpoint’s traffic information, and view your end users’ source IP addresses in Amazon CloudWatch.  

The new features are available in all regions where AWS SFTP is available. To learn more, visit the AWS SFTP website, or get started in the AWS Console