AWS Storage Blog
Tag: AWS Transfer Family Authorization
Simplify Active Directory authentication with a custom identity provider for AWS Transfer Family
The secure exchange of files business-to-business is a common and important business practice in highly regulated industries. As organizations grow, maintaining separate user credentials for various platforms, such as file transfer services, can become increasingly complex and time-consuming. As customers build out Managed File Transfer (MFT) environments, often they end up having to create separate, […]
How to securely share application log files with third parties
What do we do when our applications fail, and we must provide instance-level log data to external entities for troubleshooting purposes? It’s best to limit direct human interaction with our production resources, so we often see temporary access provided for a fixed period. For highly regulated industries, the approval process for production access can be […]
Enabling user self-service key management with AWS Transfer Family and AWS Lambda
Customers who use the AWS Transfer Family service are typically exchanging files with their business partners who provide them with SSH public keys. In a large-scale deployment of the AWS Transfer Family service, public key management eventually becomes a time-consuming task to refresh expired keys and rotate keys for security. When using custom identity providers (custom IdP), […]
Enhance data access control with AWS Transfer Family and Amazon S3 Access Points
Sharing data is at the core of collaboration efforts sparking innovation. Many industries rely on secure data access solutions that scale with their business. From pharmaceutical companies exchanging research data with partners in Amazon S3, to financial customers migrating and modernizing transaction data with traditional file transfer protocols, there is a persistent ask for fine-grained […]
Announcing the open-source release of Web Client for AWS Transfer Family
AWS customers look for ways to simplify access to corporate SFTP environments by enabling end users with familiar and supported browser-based user interfaces. Traditional approaches when using commercial or open-source FTP software packages present various challenges. First, corporate IT resources have to install and maintain software packages across end-user devices and operating systems. Secondly, end […]
Using Okta as an identity provider with AWS Transfer Family and Amazon EFS
Earlier this year, AWS Transfer Family launched support for Amazon EFS. With this update, you can grant your end users access to files stored in Amazon EFS file systems using any of the protocols supported by Transfer Family. However, if you use Okta as the identity provider, there are additional considerations during setup. For example, […]
Enable password authentication for AWS Transfer Family using AWS Secrets Manager (updated)
This blog post was published as an update to another blog post, “Enable password authentication for AWS Transfer for SFTP using AWS Secrets Manager.” Update (1/25/2023): The format used for the AWS Secrets Manager entry has been changed to aws/transfer/server-id/username. This brings the format in-line with the requirements for pre-defined managed workflow like PGP decryption, […]
Simplify your AWS SFTP Structure with chroot and logical directories
UPDATE: The AWS CloudFormation template link provided in the “Try it for yourself” section was updated on 11/5/2020. Correspondingly, the blog post mentioned in the opening paragraph and shortly after the CloudFormation template as “my last blog post” has also been updated. In my last blog post, I showed how you can easily setup AWS […]
Using AWS SFTP logical directories to build a simple data distribution service
We launched the AWS Transfer for SFTP (AWS SFTP) service in November of 2018, and it has since been adopted by many organizations to enable secure SFTP access to data hosted in Amazon S3. At AWS, we are continuously iterating on our services, and many of our customers have told us that they would like […]
Enable password authentication for AWS Transfer for SFTP using AWS Secrets Manager
UPDATE: An updated version of this post was published on 11/5/2020. Please refer to that post for the most up-to-date content. Last year at re:Invent we launched AWS Transfer for SFTP (AWS SFTP), a fully managed service that makes it easy to migrate your file transfer workflows to AWS, without changing applications or clients. You […]