AWS Transfer Family provides six security tips: use the latest security policy, properly scope session policies and logical directory mappings, avoid placing Network Load Balancers in front, use AWS WAF to protect custom identity providers, enforce TLS session resumption for FTPS transfers, and consider applying scope down policies to limit access.

<div>
<p>This article provides six tips to improve the security of your AWS Transfer Family server:</p>
<p>Specifically, the article covers:</p>
<ul>
<li>Using the latest security policy to protect against vulnerabilities</li>
<li>Using slashes in session policies to limit S3 bucket access</li>
<li>Using scope down policies to restrict logical directory mappings</li>
<li>Not placing Network Load Balancers in front of Transfer Family servers</li>
<li>Protecting API Gateway instances with Web Application Firewall</li>
<li>Using TLS session resumption for FTPS clients</li>
</ul>
</div>


Six tips to improve the security of your AWS Transfer Family server

Related articles

Related articles

Dec 11
2024
Demystifying AWS Data Transfer services to build secure and reliable applications

Jan 4
2024
Implement multi-factor authentication based managed file transfer using AWS Transfer Family and AWS Secrets Manager

Mar 4
2025
AWS Transfer Family announces reduced login latency for SFTP servers

Mar 22
2024
Implementing least privilege access in an AWS Transfer Family workflow