Use S3 as SFTP Server

This article explains how to use an S3 bucket as an SFTP server.

Step 1 β€” Create SFTP Server

Open the AWS Transfer service at, select your region & click the orange “Create Server” button.

Select SFTP:

Select Service Managed:

Select Publicly Accessible:

Click Next on the next 2 steps.

Step 2 β€” Create IAM Role

Select Transfer as the trusted entity:

Attach S3 full access policy:

Finish creating the role.

Step 3 β€” Create Public Key

Run ssh-keygen at your terminal:

> ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/harishkm/.ssh/id_rsa): ./id_rsa
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in ./id_rsa.
Your public key has been saved in ./
The key fingerprint is:
SHA256:VropNdOkjH4Cvp5GzHMuP+jGfh/lUBmUJlIwssTFpAo harishkm@mac.local
The key's randomart image is:
+---[RSA 3072]----+
|   .o+=o..o.     |
|   ..+o.. oo     |
|E   o  . o=      |
| . .   o B       |
|  .o. . S o      |
|   .=o.o O       |
|   o.=+ = .      |
|    *o++ .       |
|   **+.o.        |

Copy the contents of

Step 4 β€” Create SFTP User

Open the SFTP server, scroll down to the Users section & click Add User:

Provide username, select IAM role & S3 bucket, & paste the contents of as the public key:

Step 5 β€” Test Connection

Copy the SFTP server endpoint & provide it to FileZilla along with the username & the private key:

You can now upload files to your SFTP server!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.