AWS Transfer Family enables Source IP as a factor for authorization

Posted on: Jun 10, 2020

AWS Transfer Family adds support for using end users’ Source IP addresses as a factor for authorization, enabling you to apply an additional layer of security when authorizing access over Secure File Transfer Protocol (SFTP), File Transfer Protocol over SSL (FTPS), or FTP.  

AWS Transfer Family simplifies migration of file transfer workflows to AWS, without needing to modify end user credentials, scripts, network configurations, or manage servers. When using an identity provider to authenticate and authorize end users, in addition to validating their credentials, you can now allow, deny, or limit access based on the IP addresses of clients used by your end users. This enables you to ensure that data stored in your Amazon S3 buckets can be accessed over the supported protocols only from IP addresses that you have specified as trusted. 

This new feature is available in all Regions where AWS Transfer Family is available. To learn more, visit the AWS Transfer Family product page, user guide, and get started in the AWS Console