Setting Up S3 Bucket for SFTP Access Using AWS Console

By Łukasz Kallas
Picture of the author
Published on
aws image

Managing file transfers in the cloud can be simplified with AWS Transfer Family, which provides secure SFTP access to S3 buckets. In this tutorial, we'll go through the process of creating an S3 bucket and configuring SFTP using a public key for secure access.

Prerequisites

  • AWS account
  • S3 permissions to create a bucket
  • IAM permissions to manage SFTP

Step-by-Step Guide

Step 1: Create the S3 Bucket

  1. Log in to the AWS Management Console.
  2. Go to the S3 Dashboard by searching for "S3" in the Services menu.
  3. Click Create bucket.
    • Enter a Bucket name (e.g., my-sftp-bucket).
    • Choose the AWS Region where the bucket should reside.
    • For the sake of this tutorial, keep the default settings and click Create bucket.
  4. Your S3 bucket is now created.

Step 2: Set Up AWS Transfer Family for SFTP

  1. Go to the AWS Console and search for Transfer Family.
  2. Click Create server to set up an SFTP server.
    • Choose SFTP as the protocol.
    • For Identity provider, select Service managed.
    • Click Next and continue with default settings.
  3. Click Create server. The server creation process may take a few minutes.

Step 3: Configure User with SFTP Access

  1. Once the server is created, go to the Users tab and click Create user.

  2. Enter the Username for SFTP access.

  3. For S3 bucket, select the previously created S3 bucket.

    • Specify the Home directory (optional) within the bucket.

  4. Add Public Key:

    • In the SSH public keys section, paste the public key of the user who needs access. The public key should look like this:

      ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEArw/JLrLVx7k1bq.... user@domain.com

  5. Click Create user to complete the setup.

Step 4: Start the SFTP Server

  1. Go back to the Servers tab.
  2. Copy the Endpoint URL provided by AWS. This will be used to connect via SFTP.

Step 5: Connect via SFTP

To connect to the S3 bucket using SFTP:

  1. Use an SFTP client.
  2. Set the Host to the Endpoint URL from AWS Transfer Family.
  3. Use the configured Username.
  4. The SFTP client will use the Public Key added in Step 3 to authenticate.

Stay Tuned

Want to learn?
The best articles, links and news related to software development delivered once a week to your inbox.
HomeBlogAboutContact