Home icon

Using Amazon Cognito as an identity provider with AWS Transfer Family and Amazon S3

Storage Blog

This article provides a detailed walkthrough on how to set up and configure an SFTP server using AWS Transfer Family, with Amazon Cognito as a custom identity provider and Amazon DynamoDB to store user entitlements. It enables fine-grained access control by dynamically generating session policies and logical directory mappings based on user entitlements.

Specifically, the article covers:

  • Solution overview
  • Prerequisites
  • Walkthrough steps:
    • Deploying resources using AWS CloudFormation
    • Creating an AWS Transfer Family SFTP server
    • Setting up the custom identity provider (Amazon Cognito and Lambda)
    • Testing the SFTP server with different user entitlements
  • Cleaning up resources

The article concludes by highlighting the benefits of using AWS Transfer Family for secure and scalable file transfer solutions, and provides links to relevant documentation and resources.

Go to article

The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Related articles

Aug 5
2024
SaaS authentication: Identity management with Amazon Cognito user pools
Aug 12
2024
Simplify Active Directory authentication with a custom identity provider for AWS Transfer Family
Oct 24
2025
AWS Transfer Family now supports changing identity provider type on a server
Dec 11
2025
Amazon Cognito identity pools now support private connectivity with AWS PrivateLink

The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.