Transferring files using a client - AWS Transfer Family
Use OpenSSHUse WinSCPUse CyberduckUse FileZillaUse a Perl clientPost upload processing

Transferring files using a client

You transfer files over the AWS Transfer Family service by specifying the transfer operation in a client. AWS Transfer Family supports the following clients:

  • OpenSSH (Macintosh and Linux)

    Note

    This client works only with an SFTP-enabled server.

  • WinSCP (Microsoft Windows only)

  • Cyberduck (Windows, Macintosh, and Linux)

  • FileZilla (Windows, Macintosh, and Linux)

The following limitations apply to every client:

  • For FTPS, only Explicit mode is supported. Implicit mode is not supported.

  • For FTP and FTPS, only Passive mode is supported.

  • For FTP and FTPS, only STREAM mode is supported.

  • For FTP and FTPS, only Image/Binary mode is supported.

  • For FTP and FTPS, TLS - PROT C (unprotected) TLS for the data connection is the default.

The following is a list of available commands for FTP and FTPS:

Available commands

ABOR

FEAT

MLST

PASS

RETR

STOR

AUTH

LANG

MKD

PASV

RMD

STOU

CDUP

LIST

MODE

PBSZ

RNFR

STRU

CWD

MDTM

NLST

PROT

RNTO

SYST

DELE

MFMT

NOOP

PWD

SIZE

TYPE

EPSV

MLSD

OPTS

QUIT

STAT

USER
Note

APPE is not supported.

For SFTP, the following operations are currently not supported for users using logical home directory on servers that are using Amazon Elastic File System.

Unsupported SFTP commands

SSH_FXP_READLINK

SSH_FXP_SYMLINK

SSH_FXP_STAT when the requested file is a symlink

SSH_FXP_REALPATH when the requested path contains any symlink components

Following, you can find how to transfer files with each client.

Use OpenSSH

Use the instructions that follow to transfer files from the command line using OpenSSH.

Note

This client works only with an SFTP-enabled server.

To transfer files over AWS Transfer Family using the OpenSSH command line utility

  1. On Linux or Macintosh, open a command terminal.

  2. At the prompt, enter the following command: % sftp -i transfer-key sftp_user@service_endpoint

    In the preceding command, sftp_user is the user name and transfer-key is the SSH private key. Here, service_endpoint is the server's endpoint as shown in the AWS Transfer Family console for the selected server.

    An sftp prompt should appear.

  3. At the sftp prompt, enter the following command: sftp> pwd

  4. On the next line, enter the following text: sftp> cd /mybucket/home/sftp_user

    In this getting-started exercise, this Amazon S3 bucket is the target of the file transfer.

  5. On the next line, enter the following command: sftp> put filename.txt

    The put command transfers the file into the Amazon S3 bucket.

    A message like the following appears, indicating that the file transfer is in progress, or complete.

    Uploading filename.txt to /my-bucket/home/sftp_user/filename.txt

    some-file.txt 100% 127 0.1KB/s 00:00

Note

It can take a few minutes after your server is created for the server endpoint hostname to be resolvable by the DNS service in your environment.

Use WinSCP

Use the instructions that follow to transfer files from the command line using WinSCP.

To transfer files over AWS Transfer Family using WinSCP

  1. Open the WinSCP client.

  2. In the Login dialog box, for File protocol, choose a protocol: SFTP or FTP.

    If FTP is chosen, for Encryption, choose one of the following:

    • No encryption for FTP

    • TLS/SSL Explicit encryption for FTPS

  3. For Host name, enter your server endpoint. The server endpoint is located on the Server details page, see View server details.

  4. For Port number, enter the following:

    • 22 for SFTP

    • 21 for FTP/FTPS

  5. For User name, enter the name for the user that you created in Creating users.

  6. Choose Advanced to open the Advanced Site Settings dialog box. In the SSH section, choose Authentication.

  7. For Private key file, browse for and choose the SSH private key file from your file system.

    Note

    If WinSCP offers to convert your SSH private key to the PPK format, choose OK.

  8. Choose OK to return to the Login dialog box, and then choose Save.

  9. In the Save session as site dialog box, choose OK to complete your connection setup.

  10. In the Login dialog box, choose Tools and then choose Preferences.

  11. In the Preferences dialog box, for Transfer, choose Endurance.

    Choose Disable for the Enable transfer resume/transfer to temporary filename for option.

    Note

    If you leave this option enabled, it increases upload costs, substantially decreasing upload performance. It also can lead to failures of large file uploads.

  12. For Transfer, choose Background, clear the Use multiple connections for single transfer check box.

    Note

    If you leave it selected, this approach can cause large file uploads to fail in unpredictable ways. An example includes creating orphaned multipart uploads that incur Amazon S3 charges. Silent data corruption can also occur.

  13. Perform your file transfer.

    You can use drag-and-drop methods to copy files between the target and source windows. You can use toolbar icons to upload, download, delete, edit, or modify the properties of files in WinSCP.

Note

Because Amazon S3 manages object timestamps, be sure to disable WinSCP timestamp settings before you perform file transfers. To do so, in the WinSCP Transfer settings dialog box, disable the Set permissions upload option and the Preserve timestamp common option.

Use Cyberduck

Use the instructions that follow to transfer files from the command line using Cyberduck.

To transfer files over AWS Transfer Family using Cyberduck

  1. Open the Cyberduck client.

  2. Choose Open Connection.

  3. In the Open Connection dialog box, choose a protocol: SFTP (SSH File Transfer Protocol), FTP-SSL (Explicit AUTH TLS), or FTP (File Transfer Protocol).

  4. For Server, enter your server endpoint. The server endpoint is located on the Server details page, see View server details.

  5. For Port number, enter the following:

    • 22 for SFTP

    • 21 for FTP/FTPS

  6. For Username, enter the name for the user that you created in Creating users.

  7. If SFTP is selected, for SSH Private Key, choose or enter the SSH private key.

  8. Choose Connect.

  9. Perform your file transfer.

    Depending on where your files are, do one of the following:

    • In your local directory (the source), choose the files that you want to transfer, and drag and drop them into the Amazon S3 directory (the target).

    • In the Amazon S3 directory (the source), choose the files that you want to transfer, and drag and drop them into your local directory (the target).

Use FileZilla

Use the instructions that follow to transfer files from the command line using FileZilla.

To set up FileZilla for a file transfer

  1. Open the FileZilla client.

  2. Choose File, and then choose Site Manager.

  3. In the Site Manager dialog box, choose New site.

  4. On the General tab, for Protocol, choose a protocol: SFTP or FTP.

    If FTP is chosen, for Encryption choose one of the following:

    • Only use plain FTP (insecure) – for FTP

    • Use explicit FTP over TLS if available– for FTPS

  5. For Host name, enter your server endpoint. The server endpoint is located on the Server details page, see View server details.

  6. For Port number, enter the following:

    • 22 for SFTP

    • 21 for FTP/FTPS

  7. If SFTP is selected, for Logon Type, choose Key file.

    For Key file, choose or enter the SSH private key.

  8. For User, enter the name for the user that you created in Creating users.

  9. Choose Connect.

  10. Perform your file transfer.

    Note

    If you interrupt a file transfer in progress, AWS Transfer Family might write a partial object in your Amazon S3 bucket. If you interrupt an upload, check that the file size in the Amazon S3 bucket matches the file size of the source object before continuing.

Use a Perl client

If you use the NET::SFTP::Foreign perl client, you must set the queue_size to 1. For example:

my $sftp = Net::SFTP::Foreign->new('user@s-12345.server.transfer.us-east-2.amazonaws.com', queue_size => 1);

Post upload processing

You can view post upload processing information including Amazon S3 object metadata and event notifications.

Amazon S3 object metadata

As a part of your object's metadata you will see a key called x-amz-meta-user-agent whose value is AWSTransfer and x-amz-meta-user-agent-id whose value is username@server-id. The username is the Transfer Family user who uploaded the file and server-id is the server used for the upload. This information can be accessed using the HeadObject operation on the S3 object inside your Lambda function.

Amazon S3 event notifications

When an object is uploaded to your S3 bucket using Transfer Family, RoleSessionName is contained in principalId in the S3 event notification structure as [AWS:Role Unique Identifier]:username.sessionid@server-id.

For more information about configuring S3 event notifications, see Configuring Amazon S3 event notifications in the Amazon Simple Storage Service Developer Guide. For more information about AWS Identity and Access Management (IAM) role unique identifiers, see Unique identifiers in the AWS Identity and Access Management User Guide.