Overview
SFTPGo allows you to securely share your files over SFTP and optionally over HTTP/S, FTP/S and WebDAV as well.
With SFTPGo you can leverage the reliability and scale of Amazon S3 (and other storage providers) for exchanging and storing files internally or with business partners using the same tools and processes you are already familiar with.
Several storage backends are supported and they are configurable per-user, so you can serve a local directory for a user and an S3 bucket (or part of it) for another one.
SFTPGo also supports virtual folders, a virtual folder can use any of the supported storage backends. So you can have, for example, a user with the S3 backend mapping a Google Cloud Storage bucket (or part of it) on a specified path and an encrypted local filesystem on another one. Virtual folders can be private or shared among multiple users, for shared virtual folders you can define different quota limits for each user.
The WebClient user interface allows end users to change their credentials, browse and manage their files in the browser and setup two-factor authentication which works with Authy, Google Authenticator and other compatible apps.
Using the WebClient each authorized user can create HTTP/S links to externally share files and folders securely, by setting limits to the number of downloads/uploads, protecting the share with a password, limiting access by source IP address, setting an automatic expiration date.
Other notable features:
- REST API.
- Web based administration interface to easily manage users, groups, folders and connections.
- Integration with external identity providers via OpenID Connect.
- Simplified user administrations using groups.
- Custom workflows based on server events or schedules.
- ACME protocol is supported: you can obtain and automatically renew TLS certificates for HTTPS, WebDAV and FTPS.
- Branding: the web UIs can be customized to match your brand.
- Configurable custom commands and/or HTTP notifications on upload, pre-upload, download, pre-download, delete, pre-delete, rename, mkdir, rmdir and on user add, update and delete.
- Chroot isolation for local accounts. Cloud-based accounts can be restricted to a certain base path.
- Per-user and per-directory virtual permissions.
- Public key and password authentication. Multiple public keys per user are supported.
- Multi-factor authentication and multi-step authentication.
- Disk quota and bandwidth throttling.
- Data transfer bandwidth limits, with total limit or separate settings for uploads and downloads and overrides based on the client's IP address. Limits can be reset using the REST API.
- Per-protocol rate limiting.
- Per-user and global IP filters.
- Automatic blocklist.
- SQLite, MySQL, PostgreSQL, CockroachDB, Bolt (embedded key/value store) and in-memory data providers are supported.
Highlights
- Local storage, S3, Google Cloud, Azure Blob over SFTP/HTTP/FTP/WebDAV
- Custom workflows based on server events or schedules
- Highly customizable and extensible to suit your needs
Details
Features and programs
Financing for AWS Marketplace purchases
Pricing
Dimension | Description | Cost/unit/hour |
---|---|---|
Hours | Container Hours | $0.05 |
Vendor refund policy
This is a placeholder value. Please update this value via the AWS Marketplace Management Portal.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
v2.6.4
- Amazon ECS
- Amazon EKS
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
Additional details
Usage instructions
Run the container using an IAM role with the following permissions:
- AWSMarketplaceMeteringRegisterUsage, required for AWS marketplace integration.
- SecretsManagerReadWrite, required to store and retrieve the initial installation code.
The container uses the following TCP ports:
- 8080, for the web UI
- 2022, for the SFTP service
Volumes:
- "/srv/sftpgo" provides storage for local SFTPGo users and backups
- "/var/lib/sftpgo", is the container working directory, the SFTPGo embedded database and the SFTP host keys will be created here when using the default configuration
To access SFTPGo after launching the container, simply open http://<instance IP>:8080/web/admin in your browser, create the first admin user and start using SFTPGo.
Please see our documentation for more detailed usage instructions.
- https://docs.sftpgo.com/latest/docker/
- https://docs.sftpgo.com/latest/initial-configuration/#initial-configuration
- https://docs.sftpgo.com/latest/tutorials/lets-encrypt-certificate/
- https://docs.sftpgo.com/latest/tutorials/two-factor-authentication/
- https://docs.sftpgo.com/latest/features/
This container is based on the Debian stable based image with all the optional dependencies and plugins installed.
Resources
Support
Vendor support
We, the authors of the SFTPGo open source project, offer free email support for basic configuration customization and basic troubleshooting. You can get in touch with us at support@sftpgo.com . We also offer paid support plans for more advanced support, in-depth troubleshooting and product customization. Please always include your AWS Account ID in support requests.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.