Logo
AWS Certified Solutions Architect - Associate / Question #1736 of 1019

Question #1736

A company wants to migrate an on-premises legacy application to AWS. The application processes inventory data files from an on-premises supply chain management (SCM) system. The application transfers the files to an SFTP server. The application uses a scheduled task that checks for new files every 30 minutes.

The company has an existing AWS account with connectivity to the on-premises network. The new AWS application must integrate with the SCM system, ensure security and resilience, and use the SFTP protocol to process inventory files immediately upon arrival.

Which solution meets these requirements?

A

Create an AWS Transfer Family SFTP internet-facing server in two Availability Zones. Use Amazon S3 storage. Configure an AWS Lambda function to process files. Use S3 Event Notifications to trigger the Lambda function for s3:ObjectCreated:* events.
B

Deploy an AWS Transfer Family SFTP internet-facing server in one Availability Zone. Use Amazon EFS storage. Create an AWS Lambda function to process files. Use a Transfer Family managed workflow to invoke the Lambda function.
C

Set up an AWS Transfer Family SFTP internal server in two Availability Zones. Use Amazon EFS storage. Design an AWS Step Functions state machine to process files. Use Amazon EventBridge Scheduler to periodically trigger the state machine to check EFS for new files.
D

Deploy an AWS Transfer Family SFTP internal server in two Availability Zones. Use Amazon S3 storage. Create an AWS Lambda function to process files. Use a Transfer Family managed workflow to invoke the Lambda function immediately upon file upload.

Explanation

Answer D is correct because:
1. Internal SFTP Server: The company has existing AWS-to-on-premises connectivity, so an internal server (not internet-facing) aligns with secure network integration.
2. Resilience: Deploying in two Availability Zones ensures high availability.
3. Immediate Processing: Transfer Family managed workflows trigger Lambda immediately upon file upload, eliminating the need for scheduled checks.
4. S3 Storage: S3 is scalable and integrates natively with Lambda via workflows.

Other options fail because:
- A: Uses an internet-facing server unnecessarily and relies on S3 events, which may introduce slight delays.
- B: Deploys in one AZ (no resilience) and uses EFS, which is less optimal for SFTP storage.
- C: Relies on periodic checks via EventBridge, violating the 'immediate processing' requirement.

Key Points:
- Use internal Transfer Family servers for secure on-premises integration.
- Managed workflows enable real-time triggers for Lambda.
- Multi-AZ deployment ensures resilience.

Answer

The correct answer is: D