Manage SFTP connectors - Amazon Transfer Family
Update SFTP connectorsView SFTP connector detailsQuotas for SFTP connectors
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Manage SFTP connectors

This topic describes how to view and update SFTP connectors, and lists quotas that are relevant for SFTP connectors.

Note

Each connector is automatically assigned static IP addresses that remain unchanged over the lifetime of the connector. This allows you to connect with remote SFTP servers that only accept inbound connections from known IP addresses. Your connectors are assigned a set of static IP addresses that are shared by all connectors using the same protocol (SFTP or AS2) in your Amazon Web Services account.

Update SFTP connectors

To change the existing parameter values for your connectors, you can run the update-connector command. The following command updates the secret for the connector connector-id, in the Region region-id to secret-ARN. To use this example command, replace the user input placeholders with your own information.

aws transfer update-connector --sftp-config '{"UserSecretId":"secret-ARN"}' \
   --connector-id connector-id --region region-id

View SFTP connector details

You can find a list of details and properties for an SFTP connector in the Amazon Transfer Family console.

To view connector details

  1. Open the Amazon Transfer Family console at https://console.amazonaws.cn/transfer/.

  2. In the left navigation pane, choose Connectors.

  3. Choose the identifier in the Connector ID column to see the details page for the selected connector.

You can change the properties for the SFTP connector by choosing Edit on the connector details page.

The connector details page in the Transfer Family console, showing the URL, access role, and logging role for the selected connector.
Note

You can get much of this information, albeit in a different format, by running the following Amazon Command Line Interface (Amazon CLI) command. To use this example command, replace the user input placeholders with your own information. 

aws transfer describe-connector --connector-id your-connector-id

For more information, see DescribeConnector in the API reference.

Quotas for SFTP connectors

The following quotas are in place for SFTP connectors. The quotas for AS2 connectors are described in AS2 quotas and limitations. To request an increase for a quota that's adjustable, see Amazon Web Service quotas in the Amazon Web Services General Reference.

SFTP connector quotas
Name Default Adjustable
Maximum test connection transactions per second (TPS) 1 request per second, per account No
Maximum StartFileTransfer TPS 3 requests per second, per account Yes
Maximum queue size for pending file transfers 1000 No
Maximum file size 50 gibibytes (GiB) No
Maximum transfer time per file 6 hours No
Maximum request wait time per file 6 hours No
Minimum AccessRole or LoggingRole session duration 60 minutes No
Maximum concurrent file transfers 1 concurrent file transfer per connector No
Maximum number of file transfer requests per second per account 3 Yes
Maximum number of connectors per account (both SFTP and AS2 connectors contribute to this count) 100 Yes
Maximum bandwidth for connectors per account (both SFTP and AS2 connectors contribute to this value) 50 MBps No

For storing the credentials for SFTP connectors, there are quotas associated with each Secrets Manager secret. If you use the same secret to store multiple types of keys, for multiple purposes, you may encounter these quotas.

  • Total length for a single secret: 12,000 characters

  • Maximum length of the Password string: 1024 characters

  • Maximum length of the PrivateKey string: 8192 characters

  • Maximum length of the Username string: 100 characters