Discover how to migrate your on-premises SFTP site to AWS with high availability, using AWS Transfer Family and Amazon EFS, while providing static public IP addresses for external vendors.
Table of Contents
Question
A company needs to migrate an on-premises SFTP site to AWS. The SFTP site currently runs on a Linux VM. Uploaded files are made available to downstream applications through an NFS share.
As part of the migration to AWS, a solutions architect must implement high availability. The solution must provide external vendors with a set of static public IP addresses that the vendors can allow. The company has set up an AWS Direct Connect connection between its on-premises data center and its VPC.
Which solution will meet these requirements with the LEAST operational overhead?
A. Create an AWS Transfer Family server. Configure an internet-facing VPC endpoint for the Transfer Family server. Specify an Elastic IP address for each subnet. Configure the Transfer Family server to place files into an Amazon Elastic File System (Amazon EFS) file system that is deployed across multiple Availability Zones. Modify the configuration on the downstream applications that access the existing NFS share to mount the EFS endpoint instead.
B. Create an AWS Transfer Family server. Configure a publicly accessible endpoint for the Transfer Family server. Configure the Transfer Family server to place files into an Amazon Elastic File System (Amazon EFS) file system that is deployed across multiple Availability Zones. Modify the configuration on the downstream applications that access the existing NFS share to mount the EFS endpoint instead.
C. Use AWS Application Migration Service to migrate the existing Linux VM to an Amazon EC2 instance. Assign an Elastic IP address to the EC2 instance. Mount an Amazon Elastic File System (Amazon EFS) file system to the EC2 instance. Configure the SFTP server to place files in the EFS file system. Modify the configuration on the downstream applications that access the existing NFS share to mount the EFS endpoint instead.
D. Use AWS Application Migration Service to migrate the existing Linux VM to an AWS Transfer Family server. Configure a publicly accessible endpoint for the Transfer Family server. Configure the Transfer Family server to place files into an Amazon FSx for Lustre file system that is deployed across multiple Availability Zones. Modify the configuration on the downstream applications that access the existing NFS share to mount the FSx for Lustre endpoint instead.
Answer
A. Create an AWS Transfer Family server. Configure an internet-facing VPC endpoint for the Transfer Family server. Specify an Elastic IP address for each subnet. Configure the Transfer Family server to place files into an Amazon Elastic File System (Amazon EFS) file system that is deployed across multiple Availability Zones. Modify the configuration on the downstream applications that access the existing NFS share to mount the EFS endpoint instead.
Explanation
This solution meets the requirements with the least operational overhead by leveraging AWS managed services and minimizing the need for EC2 instance management.
AWS Transfer Family is a fully managed SFTP service that eliminates the need to provision and manage SFTP servers. Configuring an internet-facing VPC endpoint with Elastic IP addresses provides external vendors with a set of static public IP addresses they can allow for secure SFTP access.
Amazon EFS is a highly available and durable file storage service that can be deployed across multiple Availability Zones, ensuring high availability. Configuring the Transfer Family server to place files into an EFS file system allows downstream applications to mount the EFS endpoint directly, without the need for additional NFS servers or EC2 instances.
This solution reduces operational overhead by utilizing managed services for SFTP and file storage, while also providing high availability through the multi-AZ deployment of EFS. The Direct Connect connection can be used for secure and low-latency communication between the VPC and on-premises data center, if needed.
Amazon AWS Certified Solutions Architect – Professional SAP-C02 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Amazon AWS Certified Solutions Architect – Professional SAP-C02 exam and earn Amazon AWS Certified Solutions Architect – Professional SAP-C02 certification.