Stay organized with collections
Save and categorize content based on your preferences.
This document describes data that we retain while performing transfers for
Storage Transfer Service. This data is necessary to complete transfers on
your behalf, but isn't directly related to the data that you're transferring.
User credentials
To complete a transfer job, you supply us with user credentials that we use
to complete transfer jobs on your behalf. We encrypt and retain the user
credentials for as long as a
TransferJob
exists. We delete the user credentials provided when the associated
TransferJob is deleted.
The following account types are examples of user credentials that we retain
for the duration of a TransferJob to complete work on your behalf:
Amazon S3
Microsoft Azure Storage
When using
federated identity
to authenticate to Amazon S3, AWS provides temporary credentials to
Storage Transfer Service. Temporary credentials expire after a set period,
after which they cannot be used to access your S3 resources. See
Temporary security credentials in IAM for more details.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-28 UTC."],[],[],null,["# Data retention\n\nThis document describes data that we retain while performing transfers for\nStorage Transfer Service. This data is necessary to complete transfers on\nyour behalf, but isn't directly related to the data that you're transferring.\n\nUser credentials\n----------------\n\nTo complete a transfer job, you supply us with user credentials that we use\nto complete transfer jobs on your behalf. We encrypt and retain the user\ncredentials for as long as a\n[`TransferJob`](/storage-transfer/docs/reference/rest/v1/transferJobs#resource:-transferjob)\nexists. We delete the user credentials provided when the associated\n`TransferJob` is deleted.\n\nThe following account types are examples of user credentials that we retain\nfor the duration of a `TransferJob` to complete work on your behalf:\n\n- Amazon S3\n- Microsoft Azure Storage\n\nWhen using\n[federated identity](/storage-transfer/docs/source-amazon-s3#federated_identity)\nto authenticate to Amazon S3, AWS provides temporary credentials to\nStorage Transfer Service. Temporary credentials expire after a set period,\nafter which they cannot be used to access your S3 resources. See\n[Temporary security credentials in IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html) for more details."]]
