AWS Transfer Family

Learn how to transfer files to AWS Storage services using SFTP, FTPS, FTP, and AS2 protocols.

We'll cover the following

The AWS Transfer Family is a service offered by Amazon Web Services (AWS) that provides secure and managed file transfer capabilities. It simplifies moving files to and from AWS Storage services like Amazon S3 or Amazon EFS. It securely transfers data using protocols like SFTP, and FTPS while seamlessly integrating with the existing security measures. This means we can migrate and automate file transfers without disrupting the users or applications; everything works the same way behind the scenes.

Press + to interact

It supports the following protocols:

  • SFTP (Secure File Transfer Protocol): This is a secure version of FTP (File Transfer Protocol) that encrypts both data and commands during transfer, ensuring confidentiality and integrity.

  • FTPS (FTP Secure): Another secure option that uses TLS/SSL for encryption, providing a secure channel for file transfers.

  • FTP (File Transfer Protocol): While not inherently secure, it’s still an option for transferring non-sensitive data.

  • AS2 (Applicability Statement 2): Specifically designed for secure and reliable transfer of EDI (Electronic Data Interchange) transactions.

How AWS Transfer Family works

Here’s a general workflow for how AWS Transfer Family facilitates secure file transfer between on-premises servers and AWS storage services:

  1. Setup: We configure a server endpoint within the Transfer Family service. This involves specifying the transfer protocol (SFTP, FTPS, FTP, or AS2), security settings, and authentication methods. Then, we define user accounts and access permissions, determining which users can access the server endpoint and what actions they can perform (e.g., upload, download, delete files). We also choose our preferred storage destination within AWS, either an S3 bucket for object storage or an Amazon EFS file system for a managed file system.

  2. File transfer: Depending on the chosen protocol, users initiate file transfers using standard SFTP clients (WinSCP, FileZilla) or custom scripts. The Transfer Family service authenticates users based on the configured methods (Active Directory, LDAP, or internal credentials). Data transfer occurs securely using the chosen protocol (SFTP, FTPS encrypting data and commands; AS2 adding digital signatures and message receipts).

  3. Data storage and processing (optional): Transferred files are automatically saved to the designated S3 bucket or EFS file system within AWS storage. We can leverage other AWS services for further processing or analysis. For example, we could use AWS Lambda functions triggered by file uploads to perform data validation, encryption, or virus scanning tasks.

  4. Monitoring and management: The Transfer Family service provides logs and metrics for monitoring file transfer activity. Amazon CloudWatch can track upload/download volume, user access attempts, and potential errors.

Press + to interact
AWS Transfer Family use case
AWS Transfer Family use case

Let’s assume we want to securely transfer large product image files from our on-premises servers to AWS for faster website loading times. We can utilize the AWS Transfer Family by setting up an SFTP server endpoint with user access for authorized personnel within the Transfer Family workflow. Photographers can then use their familiar SFTP clients to upload product images to the designated S3 bucket. The transferred images are stored securely in S3, readily accessible for website content management, while the Transfer Family service manages user authentication, encryption, and monitoring of the entire file transfer process.

Benefits

The AWS Transfer Family offers several benefits that make it an attractive solution for managing file transfers to and from the AWS cloud:

  • Scalability: We don’t have to worry about managing infrastructure or provisioning additional resources as the data transfer needs fluctuate. Built-in autoscaling ensures the service adapts to the workload demands.

  • Flexible user authentication: It supports various user authentication methods, allowing us to integrate with existing systems like Active Directory or LDAP or manage credentials directly within the service. This simplifies access control and ensures that users have the right permissions.

  • Seamless data integration: The Transfer Family enables further processing and analysis by storing transferred files natively in AWS S3 or EFS. We can leverage other AWS services like S3 for data storage and access or use services like Amazon Translate or Comprehend to extract insights from the transferred data.

  • Easy to use: The intuitive interface and API make setting up file transfer endpoints and user access simple. Users can continue using their existing SFTP clients without changing their workflow.

  • Familiar AWS management: The Transfer Family integrates seamlessly with other AWS services we might already use. We can leverage IAM for access control, CloudWatch for monitoring, KMS for encryption, and CloudTrail for auditing—all within the familiar AWS management experience.

  • Fully managed service: The Transfer Family eliminates the need to manage the file transfer infrastructure. It scales automatically, handles security, and integrates with other AWS services, saving time and resources.

  • Cost-effective: With a pay-as-you-go pricing model, we only pay for the resources we use, making it a cost-effective solution for businesses of all sizes.

Get hands-on with 1300+ tech skills courses.