AWS Transfer Family adds pre-defined security policies to choose cryptographic algorithms
AWS Transfer Family now offers pre-defined security policies to control cryptographic algorithms used for communication between your end users’ file transfer clients and AWS Transfer Family server endpoints, helping you meet your organization’s requirements for security and compatibility.
AWS Transfer Family provides fully managed support for Secure File Transfer Protocol (SFTP), File Transfer Protocol (FTP) over SSL, and FTP into and out of Amazon S3. With this launch, you can select one of three security policies to control the cryptographic algorithms that will be advertised by your server endpoints: Transfer-Security-Policy-2018-11 (default), Transfer-Security-Policy-2020-06 (restrictive – No SHA-1 algorithms), and Transfer-FIPS-2020-06 (FIPS compliant algorithms). When your end users’ file transfer clients attempt to connect to your server, only the algorithms specified in the policy will be used to negotiate the connection.
This new feature is available in all Regions where AWS Transfer Family is available. To learn more, visit the AWS Transfer Family product page and view the user guide on Security Policies. Access the AWS Transfer Family Console to get started.