Use S3 as SFTP Server

This article explains how to use an S3 bucket as an SFTP server.

Step 1 — Create SFTP Server

Open the AWS Transfer service at console.aws.amazon.com/transfer, select your region & click the orange “Create Server” button.

Select SFTP:

Select Service Managed:

Select Publicly Accessible:

Click Next on the next 2 steps.

Step 2 — Create IAM Role

Select Transfer as the trusted entity:

Attach S3 full access policy:

Finish creating the role.

Step 3 — Create Public Key

Run ssh-keygen at your terminal:

> ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/harishkm/.ssh/id_rsa): ./id_rsa
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in ./id_rsa.
Your public key has been saved in ./id_rsa.pub.
The key fingerprint is:
SHA256:VropNdOkjH4Cvp5GzHMuP+jGfh/lUBmUJlIwssTFpAo harishkm@mac.local
The key's randomart image is:
+---[RSA 3072]----+
|   .o+=o..o.     |
|   ..+o.. oo     |
|E   o  . o=      |
| . .   o B       |
|  .o. . S o      |
|   .=o.o O       |
|   o.=+ = .      |
|    *o++ .       |
|   **+.o.        |
+----[SHA256]-----+

Copy the contents of id_rsa.pub.

Step 4 — Create SFTP User

Open the SFTP server, scroll down to the Users section & click Add User:

Provide username, select IAM role & S3 bucket, & paste the contents of id_rsa.pub as the public key:

Step 5 — Test Connection

Copy the SFTP server endpoint & provide it to FileZilla along with the username & the private key:

You can now upload files to your SFTP server!