NoteTransferSecurityPolicy-2020-06 is the default security policy attached to your server when creating a server using the console. TransferSecurityPolicy-2018-11 is the default security policy attached to your server when creating a server using the API or CLI.
The FIPS service endpoint and TransferSecurityPolicy-FIPS-2020-06 security policy is only available in some AWS Regions. For more information, see AWS Transfer Family endpoints and quotas in the AWS General Reference.
Cross-service confused deputy prevention
In the following examples, replace each user input placeholder with your own information.
In our examples, we use both ArnLike and ArnEquals. They are functionally identical, and therefore you may use either when you construct your policies. Transfer Family documentation uses ArnLike when the condition contains a wildcard character, and ArnEquals to indicate an exact match condition.
The following examples can be used in both logging and invocation roles.