AWS Transfer Family adds support for additional IAM condition keys

AWS Transfer Family IAM Condition Keys Update

AWS Transfer Family now supports four new service-specific condition keys for Identity and Access Management (IAM). Administrators can create more granular IAM policies and service control policies (SCPs) to restrict configurations for Transfer Family resources, enhancing security controls and compliance management.

IAM condition keys allow you to author policies that enforce access control based on API request context. With these new condition keys, you can control which protocols, endpoint types, and storage domains can be configured through policy conditions.

What to do

• Review the new IAM condition keys to understand how they can be used to enhance security controls.
• Update existing IAM policies and SCPs to incorporate the new condition keys.
• Test the new policies to ensure they meet your organization's security requirements.

The new IAM condition keys are available in all AWS Regions where AWS Transfer Family is available.

Source: AWS release notes