AWS Transfer Family adds support for additional IAM condition keys

AWS Transfer Family now supports four new service-specific condition keys for Identity and Access Management (IAM). With this feature, administrators can create more granular IAM policies and service control policies (SCPs) to restrict configurations for Transfer Family resources, enhancing security controls and compliance management. 

IAM condition keys allow you to author policies that enforce access control based on API request context. With these new condition keys, you can now author policies based on Transfer Family context to control which protocols, endpoint types, and storage domains can be configured through policy conditions. For example, you can use transfer:RequestServerEndpointType to prevent the creation of public servers, or transfer:RequestServerProtocols to ensure only SFTP servers can be created, enabling you to define additional permission guardrails for Transfer Family actions. 

The new IAM condition keys are available in all AWS Regions where AWS Transfer Family is available. To learn more, visit the IAM Service Authorization Reference and Transfer Family User Guide. To learn more about how to manage permissions within your organization through SCPs, visit the AWS Organizations User Guide.

Categories: general:products/aws-transfer-for-sftp,marketing:marchitecture/migration,general:products/aws-transfer-family,general:products/aws-govcloud-us

Source: Amazon Web Services

Latest Posts