AWS Transfer for SFTP
User Guide

Configuring Your Server

When you create a new SFTP server, you can optionally assign a custom hostname, and also enable Amazon S3 event logging using Amazon CloudWatch. You can also change an SFTP server's DNS or logging configuration later from the console.


You can't change a server's identity provider type after you create the server. To change the identity provider, delete the server and create a new one with the identity provider that you want.

To edit an SFTP server's configuration

  1. Open the AWS SFTP console (, and choose Servers in the navigation pane.

  2. On the Servers page, choose the SFTP server whose configuration you want to edit by choosing the check box next to its name.

  3. Choose Edit to open the Edit Configuration page shown following.

  4. (Optional) For Custom hostname, choose from None, Amazon Route 53 alias, or Other DNS provider.

    If you want to use a custom host name that you have registered, choose either Amazon Route 53 alias, or Other DNS provider. Doing so specifies the name resolution method to associate with your SFTP server's endpoint. An example of a custom domain is

    A custom host name uses a DNS name that you provide and a DNS service can resolve. You can use Route 53 as your DNS resolver, or use your own DNS service provider. To learn how AWS SFTP uses Route 53 so that traffic from your custom domain is routed to the SFTP endpoint, see Working with Custom Host Names. Amazon Route 53 is the DNS service that AWS SFTP natively supports. For more information, see What Is Amazon Route 53? in the Amazon Route 53 Developer Guide.

  5. (Optional) For Logging role, choose an AWS Identity and Access Management (IAM) role that enables CloudWatch logging of your SFTP user activity.

    For more information about setting up a logging role, see Monitoring Usage.

  6. Choose Save to save your configuration.