- Newest
- Most votes
- Most comments
Right now it's not possible to use the predefined decrypt step with additional conditions like you described. If you upload through the Transfer Family endpoint a file which is not encrypted with PGP, the predefined decrypt step will generate an exception. You can configure exception-handling steps to take the desired actions when the decryption fails. Please take a look at this blog post for additional details.
Relating to this question - if I were to turn on the predefined decrypt step and I have both PGP-encrypted and non-encrypted files on my server, will I still be charged for the non-encrypted files that generate an exception, or will we only be billed for the files that are successfully decrypted?
Would there be any downside to using the step and just letting the non-encrypted files attempts to be decrypted fail silently when the decryption is attempted?
Hi! No, you will not be charged for files that are not decrypted and generate an exception. There isn't any downside of letting decryption fail silently for non-encrypted files, but suggest that you define your exception handling steps carefully to ensure that the cause of the error in nominal steps was infact that the file was non-encrypted, and not because the decryption step genuinely failed to process an encrypted file due to some other reason.
Hi @cmyers - Thanks for your question. I'm a Product Manger with Transfer Family, and as we evaluate improvements to this feature with ability to define workflows more granularly, would like to understand your use-case better. Can we pls speak over a quick 15 min call sometime? Let me know how can I reach out to you offline, or feel free to reach out to me on vinamraj@amazon.com. Many thanks!
Relevant content
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 years ago
Thank you! That's what I thought but wanted confirmation. Do you know if there's a plan to add conditional execution or filters of some kind in the future? (i.e. only PGP decrypt if the file matches the pattern
*.pgp?)You're welcome! I'm not aware of this filtering in the service roadmap but I will let the engineering team about your request. We are always open to suggestions to improve AWS Transfer Family!
If I were to turn on the predefined decrypt step and I have both PGP-encrypted and non-encrypted files on my server, will I still be charged for the non-encrypted files that generate an exception, or will we only be billed for the files that are successfully decrypted?
Would there be any downside to using the step and just letting the non-encrypted files attempts to be decrypted fail silently when the decryption is attempted?