AWS has recently introduced support for Amazon EFS as a data store in the AWS Transfer Family, the managed service that handles SFTP, FTP and FTPS requests. The new option is intended to simplify the migration to the cloud of file transfer workloads.
Since the service launched in 2018, AWS Transfer Family has supported S3 as a data store for SFTP file transfers and covered use cases such as data distribution, supply chain workflows, content management, and web serving applications. Earlier in 2020, AWS added support for FTP and FTPS, as well the ability to handle Elastic IP addresses and IP whitelisting. Nevertheless, a migration of an FTP server to the cloud still required significant changes as there was no support for a file system interface and file system access semantics, impacting end users and application integrations.
Source: https://aws.amazon.com/about-aws/whats-new/2021/01/introducing-aws-transfer-family-support-for-amazon-efs
Fabio Chiodini, principal solutions architect at AWS, tweeted how the new capability targets more enterprises and older projects than startups:
If you have an old school app this is for you ;) AWS Transfer Family now supports Amazon EFS file systems, enabling you to easily and securely provide your business apps and end users access over SFTP, FTPS, and FTP to files stored in Amazon EFS.
Amazon EFS is a managed service to create file systems that are accessible via a file system interface using the Network File System version 4 protocol. Using Amazon EFS as the data store for the AWS Transfer Family server, files transferred over SFTP, FTP and FTPS will be stored in the elastic file system instead of a S3 bucket. This will allow an integration with EC2 instances as well as with more recent AWS managed services supporting EFS such as Amazon Elastic Container Service, Amazon Elastic Kubernetes Service, AWS Fargate and AWS Lambda.
Justin Cormack, security lead at Docker, thinks that AWS is going "legacy native":
FTP to EFS so that legacy apps running in VMs can deal with legacy FTP based protocols. The cloud is no longer cloud native, Amazon listens to customers and is going legacy native.
In an article that covers the new announcement and describes the steps to create users, policies and configuring the new option, Channy Yun, principal developer advocate at AWS, explains how to set up access to EFS:
Amazon EFS uses POSIX IDs which consist of an operating system user id, group id, and secondary group id to control access to a file system. When setting up your user, you can specify the username, user’s POSIX configuration, and an IAM role to access the EFS file system.
The support for EFS is available in all AWS Regions where AWS Transfer Family is available. There are no additional AWS Transfer Family charges for using Amazon EFS as the storage backend, but storing data on Amazon EFS is significantly more expensive than on Amazon S3.