We’ve just launched SFTP Gateway, a secure, pre-configured, reliable way to push files via SFTP to S3.
We are excited to announce the launch of our new product, SFTP Gateway, now available on the Amazon Web Services Marketplace!
SFTP Gateway is a secure, pre-configured SFTP server that automatically saves uploaded files to an Amazon S3 bucket.
SFTP Gateway uses a different approach than other S3-based file system products, making it more reliable for production systems. Rather than using a permanent mount or virtual file system, it monitors file descriptors as new files are written to SFTP directories. Once the file transfer is finished and the file descriptor is closed, it pushes the entire file to an S3 bucket.
SFTP Gateway is simple, lightweight, and reliable.
When coupled with S3 events and AWS Lambda, SFTP Gateway is the ideal entry point for automated integration between your AWS application and external or third-party systems. It also complies with corporate security policies that require key-based SFTP file transfers.
Who would find SFTP Gateway useful?
SFTP Gateway is ideal for a solution architect or development lead who is designing an Amazon Web Services application or migrating an existing application to AWS and requires file-based interfaces to external or third-party systems.
We’ve performed a large number of cloud migrations, and many of our enterprise clients have very strict corporate security policies around data privacy and protection. Many require that all files transferred into or out of their networks must be encrypted during transit and at rest. Often, the only approved method of file transfer is SSH File Transfer Protocol (SFTP) using public key-based authentication.
Additionally, many of the applications we’ve deployed to AWS are automated using Lambda and S3 events, which helps minimize server administration and costs. Because many corporate IT standard operating procedures require the use of SFTP, this automated process in the cloud would not be feasible.
Also, in many cases, several different groups or departments within a large organization need to transfer files to the same location. Coordinating this activity across an enterprise could be a significant roadblock in migrating an application to AWS.
We developed SFTP Gateway to address these very concerns. This product has allowed us to migrate several enterprise software applications to Amazon Web Services, while maintaining existing application interfaces that rely on SFTP file transfer.
SFTP Gateway provides a pre-configured OpenSSH-based SFTP interface for your AWS application. SFTP Gateway can sit outside your application subnet or on a different virtual private cloud (VPC) altogether. The moment file uploads to the server are complete, they are instantly transferred to a pre-configured, encrypted S3 bucket. Your application can then be notified of the file’s availability via S3 events, or automated processing can begin with AWS Lambdas.
The product is completely self configuring and requires minimal administration or maintenance. Existing knowledge of configuring or securing an SFTP server is not required.
SFTP Gateway is designed to simplify file-based interfaces for your AWS application.
Product features and highlights include:
- Simplified SFTP server deployment. Deploy an SFTP Gateway instance with a few clicks from the AWS Marketplace as a single AMI or using the CloudFormation template (coming soon).
- Self-configuring. SFTP Gateway is self-configuring with appropriate security settings. Required AWS resources including S3 buckets, IAM Roles, and Security Groups are created automatically.
- Reliable. SFTP Gateway is simple and lightweight. It does not require a virtual file system mount or permanent connection to S3 like other popular S3 file system products, making it more reliable for production environments. Files are transferred to S3 in their entirety the moment they are finished uploading to the SFTP server. MD5 checksum validation support is built in to verify the file’s integrity before uploading to S3 (coming soon).
- Minimal administration. SFTP Gateway comes with command line scripts to easily create or delete new SFTP users. Simply connect to SFTP Gateway instance via SSH as the ec2-user (just like any other EC2 instance), and run the command “sudo addsftpuser username” or “sudo deletesftpuser username” to add or delete a user. Secured SFTP user directories and SSH key pairs are automatically generated and sent to the email address provided for each user.
- Minimal maintenance. Files are only stored on SFTP Gateway momentarily before they are transferred to S3. Users are encouraged to install periodic OS-level security updates (“sudo yum update”), but SFTP Gateway is otherwise virtually maintenance-free.
To learn more about SFTP Gateway, check out the product’s page on the Amazon Web Services Marketplace.
Be sure to check back here often for links to video tutorials on setting up and using SFTP Gateway.
Feel free to email us at firstname.lastname@example.org if you have questions or need assistance migrating your application to Amazon Web Services.
Please let us know what you think about the product! We’d love to hear from you.