Working with security policies

• Note We support TLS 1.2.

• Note TransferSecurityPolicy-2020-06 is the default security policy attached to your server when creating a server using the console. TransferSecurityPolicy-2018-11 is the default security policy attached to your server when creating a server using the API or CLI.

• Note The FIPS service endpoint and TransferSecurityPolicy-FIPS-2020-06 security policy is only available in some AWS Regions. For more information, see AWS Transfer Family endpoints and quotas in the AWS General Reference.

Cross-service confused deputy prevention

• Note In the following examples, replace each user input placeholder with your own information.

• Note In our examples, we use both ArnLike and ArnEquals. They are functionally identical, and therefore you may use either when you construct your policies. Transfer Family documentation uses ArnLike when the condition contains a wildcard character, and ArnEquals to indicate an exact match condition.

• Note The following examples can be used in both logging and invocation roles.