This Guidance shows how to automate file scanning to protect against malicious content in business-to-business (B2B) file transfers across various industries and regulatory environments. If not detected, malware in inventory data, invoices, or compliance information can compromise your system, cause data breaches, or lead to ransomware events. By using AWS Transfer Family and other AWS services, you can automatically preprocess, scan, and validate incoming files to make sure they are free of malware threats. As a result, you can protect the integrity of your data, safeguard against potential financial losses and reputational damage, and instill confidence in your business interactions.

Please note: [Disclaimer]

Architecture Diagram

[Architecture diagram description]

Download the architecture diagram PDF 

Well-Architected Pillars

The AWS Well-Architected Framework helps you understand the pros and cons of the decisions you make when building systems in the cloud. The six pillars of the Framework allow you to learn architectural best practices for designing and operating reliable, secure, efficient, cost-effective, and sustainable systems. Using the AWS Well-Architected Tool, available at no charge in the AWS Management Console, you can review your workloads against these best practices by answering a set of questions for each pillar.

The architecture diagram above is an example of a Solution created with Well-Architected best practices in mind. To be fully Well-Architected, you should follow as many Well-Architected best practices as possible.

  • Amazon CloudWatch provides detailed, real-time logging for monitoring and visualization, storing data that can be useful in auditing and troubleshooting. CodeBuild provides DevOps automation, and Lambda automates serverless event processing. Together, these services enhance operational excellence by automating workflows, enabling secure data transfers, offering real-time insights, and providing efficient, agile, and robust resource management.

    Read the Operational Excellence whitepaper 
  • Transfer Family provides a secure method for file transfers, reducing the risk of data breaches during transit through in-transit encryption. IAM provides fine-grained access control so that only authorized entities can access resources. Amazon S3 encrypts data at rest, and bucket policies let you control access at bucket and object level.

    Read the Security whitepaper 
  • Amazon S3 provides durable storage with 99.999999999% (11 nines) durability so that data remains intact and accessible. The Lambda functions that process events are serverless, so they automatically scale based on workflow volume and processing needs to deliver consistent performance. CloudWatch monitors the environment and can invoke alarms for any anomalies.

    Read the Reliability whitepaper 
  • Transfer Family, CloudWatch, CodeBuild, Amazon S3, EventBridge, and Lambda work together to improve performance efficiency. These services—which automate workflows, provide real-time monitoring, and enable scalable computing and storage—collectively optimize resource usage, enhance system responsiveness, and streamline overall operations.

    Read the Performance Efficiency whitepaper 
  • With Transfer Family, you only pay for the amount of data you transfer, so you can avoid the overhead of traditional file-transfer infrastructures. Additionally, you can use cost-effective Amazon S3 storage tiers, which enable you to optimize storage costs based on your access patterns and needs. Finally, Lambda provides a pay-as-you-go model, so you only pay for the compute time you consume, and EventBridge only uses event-based compute.

    Read the Cost Optimization whitepaper 
  • As serverless services, Transfer Family and Lambda both provide automatic scaling so that resources match actual demand, leading to efficient utilization and reduced energy consumption. For example, Lambda automatically scales with the number of file transfers. Additionally, EventBridge runs compute only in response to events, helping you further avoid continuous consumption of resources. Finally, Amazon S3 Intelligent-Tiering supports sustainable data storage by dynamically adjusting storage tiers based on access patterns to avoid overprovisioning and reduce your environmental impact.

    Read the Sustainability whitepaper 
[Content Type]

[Title]

This [blog post/e-book/Guidance/sample code] demonstrates how [insert short description].

Disclaimer

The sample code; software libraries; command line tools; proofs of concept; templates; or other related technology (including any of the foregoing that are provided by our personnel) is provided to you as AWS Content under the AWS Customer Agreement, or the relevant written agreement between you and AWS (whichever applies). You should not use this AWS Content in your production accounts, or on production or other critical data. You are responsible for testing, securing, and optimizing the AWS Content, such as sample code, as appropriate for production grade use based on your specific quality control practices and standards. Deploying AWS Content may incur AWS charges for creating or using AWS chargeable resources, such as running Amazon EC2 instances or using Amazon S3 storage.

References to third-party services or organizations in this Guidance do not imply an endorsement, sponsorship, or affiliation between Amazon or AWS and the third party. Guidance from AWS is a technical starting point, and you can customize your integration with third-party services when you deploy the architecture.

Was this page helpful?