I am currently looking at the best architecture for my company's SFTP process using AWS Transfer Family. Currently using third party SFTP software, we allow our external clients to sign in to our SFTP servers by way of:
- password authentication
or
- SSH keys
As my company migrates off our 3rd party software to AWS, we are hoping to keep the same authentication options for our clients (i have already looked into articles related to this).
However, for our internal business users, we are wanting to integrate AzureAD for authenticating our business users to our Transfer server.
My question is: Is it possible to set up 1 Transfer server that handles password & SSH authentication for external clients AND also AzureAD authentication for internal users? OR do I need to set up 2 separate Transfer servers: 1 for authenticating using password/SSH, 1 for authenticating using AzureAD?
Thank you!
thanks for confirming and providing documentation!