1. Thorn Technologies Avatar Thorn Technologies
  2. Products
  3. sftpgateway-public

Wiki

Clone wiki

sftpgateway-public / SFTP Gateway 2.0 Usage Instructions CloudFormation Single

View History

This guide walks you through launching SFTP Gateway with CloudFormation from the AWS Marketplace.

Launch this software | Usage Instructions

On this page, you only have one form field:

Choose Action

Select Launch CloudFormation, and click Launch.

This takes you to the CloudFormation Create Stack wizard, with the template pre-loaded. Click Next.

Configure CloudFormation parameters

On the Specify stack details page, you will need to configure some CloudFormation parameters.

Stack name

This is the name of your CloudFormation stack.

Default Bucket

Enter the name of your S3 bucket. You can use either a new or existing bucket.

Here are some restrictions on naming your S3 bucket:

  • Cannot contain uppercase letters
  • Can contain lowercase letters, numbers, periods (not recommended), and hyphens
  • Must be fewer than 63 characters

Bucket Access

This parameter determines whether S3 permissions are broad or restrictive.

  • open: SFTP Gateway is granted S3 Full Access. This is helpful if you plan on using a different S3 bucket for each SFTP user. We recommend locking down S3 access after your users are configured.
  • restricted: S3 access is limited to the default bucket. This improves your security posture by protecting your other S3 buckets from administrators with shell access to the SFTP Gateway instance.

EC2Type

For testing, use a t2.medium. The t2 class is cheaper, but cannot handle sustained traffic.

For production, use an m5.large or better.

Disk Volume Size

This is set to 32 GB by default. Set this to a higher value if you plan on transferring large batches of data.

For a single instance stack, you can increase the size of your instance volume later on.

Key Pair

Select a key pair of which you own the private key

VPC

Select the option with the IP address range of 172.31.0.0/16. This is your default VPC, which is public by default.

Subnet ID

Select any option with the IP address range of 172.31.x.0/20. These subnets belong to the default VPC.

Input CIDR

Get your current IP address from http://checkip.dyndns.org/.

Then enter this IP address, followed by /32. For example, 1.2.3.4/32. The /32 suffix represents a network range of a single address.

Web Admin Password

Enter an admin password. You'll later use this to log into the web interface for user management.

Updated