Q: What is AWS Transfer Family?

A: The AWS Transfer Family is the aggregated name of AWS Transfer for SFTP, AWS Transfer for FTPS, and AWS Transfer for FTP. The AWS Transfer Family offers fully managed support for the transfer of files over SFTP, FTPS, and FTP directly into and out of Amazon S3. You can seamlessly migrate your file transfer workflows by maintaining existing client-side configurations for authentication, access, and firewalls — so nothing changes for your customers, partners, and internal teams, or their applications.

Q: What is SFTP?

A: SFTP stands for Secure Shell (SSH) File Transfer Protocol, a network protocol used for secure transfer of data over the internet. The protocol supports the full security and authentication functionality of SSH, and is widely used to exchange data between business partners in a variety of industries including financial services, healthcare, media and entertainment, retail, advertising, and more.

Q: What is FTP?

A: FTP stands for File Transfer Protocol, a network protocol used for the transfer of data. FTP uses a separate channel for control and data transfers. The control channel is open until terminated or inactivity timeout, the data channel is active for the duration of the transfer. FTP uses cleartext and does not support encryption of traffic.

Q: What is FTPS?

A: FTPS stands for File Transfer Protocol over SSL, and is an extension to FTP. It uses Transport Layer Security (TLS) and Secure Sockets Layer (SSL) cryptographic protocols to encrypt traffic. FTPS allows encryption of both the control and data channel connections either concurrently or independently.

Q: Why should I use the AWS Transfer Family?

A: Today, if you are using file transfer protocols such as SFTP, FTPS or FTP to exchange data with third parties such as vendors, business partners, or customers, and want to manage that data in AWS for processing, analytics, and archival, you have to host and manage your own file transfer service. This requires you to invest in operating and managing infrastructure, patching servers, monitoring for uptime and availability, and building one-off mechanisms to provision users and audit their activity. The AWS Transfer Family solves these challenges by providing fully managed support for SFTP, FTPS, and FTP that can reduce your operational burden, while preserving your existing transfer workflows for your end users. The service stores transferred files as objects in your Amazon S3 bucket, so you can extract value from them in your data lake, or for your Customer Relationship Management (CRM) or Enterprise Resource Planning (ERP) workflows, or for archiving in AWS.

Q: What are the benefits of using the AWS Transfer Family?

A: The AWS Transfer Family provides you with a fully managed, highly available file transfer service with auto-scaling capabilities, eliminating the need for you to manage file transfer related infrastructure. Your end users’ workflows remain unchanged, while data uploaded and downloaded over the chosen protocols is stored in your Amazon S3 bucket. With the data in Amazon S3, you can now easily use it with the broad array of AWS services for data processing, analytics, machine learning, and archival, in an environment that can meet your compliance requirements.

Q: How do I use the AWS Transfer Family?

A: In 3 simple steps, you get an always-on server endpoint enabled for SFTP, FTPS, and/or FTP. First, you select the protocol(s) you want to enable your end users to connect to your endpoint. Next, you set up your users by integrating an existing identity provider like Microsoft Active Directory or LDAP for authentication (“BYO” authentication). Finally, you assign IAM Roles to provide access to your S3 buckets. Once the protocol(s), identity provider, and S3 bucket access policies are enabled, your users can continue to use their existing clients and configurations, while the data accessed is stored in your S3 bucket.

Q: What is the difference between SFTP and FTPS? Which should I use when?

A: FTPS and SFTP can both be used for secure transfers. Since they are different protocols, they use different clients and technologies to offer a secure tunnel for transmission of commands and data. SFTP is a newer protocol and uses a single channel for commands and data, requiring fewer port openings than FTPS.

Q: Can my users use SCP, HTTPS or AS2, to transfer files using this service?

A: No, your users will need to use SFTP, FTPS, or FTP to transfer files. Most file transfer clients offer either of these protocols as an option that will need to be selected during authentication.

Q: Can my users continue to use their existing file transfer clients and applications?

A: Yes, any existing file transfer client application will continue to work as long as you have enabled your endpoint for the chosen protocols. Examples of commonly used clients include WinSCP, FileZilla, CyberDuck, lftp, and OpenSSH clients.

Q: Can I use CloudFormation to automate deployment of my servers and users?

A: Yes, you can deploy CloudFormation templates to automate creation of your servers and users or for integrating an identity provider. Refer to the usage guide for using AWS Transfer resources in CloudFormation templates.

