I’ve a use case as below.
I’ve multiple clients situated at different locations and using differrent technologies. I want to create one SFTP on AWS where each client can upload their files. Each client should be given different credentials and PGP keys. Encrypted files uploaded by the clients will be decrypted at our end and uploaded to DB. After uploading data will be processed and output files will be generated which again needs to be uploaded to SFTP so that client can download and decrypt them.
-
Two set of PGP Keys. One shared by client and it will be used by him for encrypting files that he is sharing and we will be using it’s public key to decrypt. Another set of PGP key will be shared by us where we encrypt output file with our private key and client decrypt this file with our provided public key.
-
We will have below structure to data upload and download.
**ClientID **
**--Inboud **
**--Raw **(Folder for client to upload encrypted input files. He will have Read and Write access).
**--Processed **(Only we will have Read and Write access as files after processing will be moved to this location.)
**--Outbound **(Folder accessible by our application to upload encrypted output file here)
**--Output **(We will have Read and Write access and client will have only Read access)
-
Lifecycle policies should be implemented so that data purging and archieval can help in cost saving.
-
Each client should have different credentials.
I’ve gone through lot of blogs and videos on this but there are many confusions and doubts. Requesting your help.
Regards,
Manoj
I’m not able to find difference between SFTP created using S3 and EFS.
I’m not able to find how each client can have different access credentials.
I’m not able to find how security can be maintained so that each client has only limited access to his own folder and not for others.
Manoj Kumar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.