Amazon Transfer Family now supports VPC endpoint policies
Amazon Transfer Family now supports Virtual Private Cloud (VPC) endpoint policies for your VPC endpoints. With this feature, administrators can attach an endpoint policy to an interface VPC endpoint, allowing granular access control over Transfer Family APIs for improved data protection and security posture.
Previously, customers had full access to Transfer Family APIs through an interface VPC endpoint, powered by Amazon PrivateLink. With this launch, you can now manage which Transfer Family API actions (CreateServer, StartServer, DeleteServer, etc) can be performed, which principals can perform them, and which resources they can act upon. These policies work with existing IAM user and role policies and organizational service control policies.
VPC endpoint policy support is available in Amazon Web Services China (Beijing) Region, operated by Sinnet and Amazon Web Services China (Ningxia) Region, operated by NWCD. To learn more, visit our user guide.