Logo
AWS Certified Solutions Architect - Professional / Question #821 of 529

Question #821

A company needs to migrate an on-premises SFTP server to AWS. The server runs on a Linux VM, and uploaded files are accessed by downstream applications via an NFS share. The solution must ensure high availability, provide external vendors with static public IP addresses for allowlisting, and leverage an existing AWS Direct Connect connection. Which solution meets these requirements with the LEAST operational overhead?

A

Deploy an AWS Transfer Family server with an internet-facing VPC endpoint, assigning Elastic IP addresses to each subnet. Configure the server to store files in a multi-AZ Amazon EFS file system. Update downstream applications to mount the EFS endpoint instead of the NFS share.
B

Deploy an AWS Transfer Family server with a public endpoint. Configure the server to store files in a multi-AZ Amazon EFS file system. Assign a single Elastic IP to the server. Update downstream applications to mount the EFS endpoint instead of the NFS share.
C

Migrate the Linux VM to an EC2 instance using AWS Application Migration Service. Configure an Auto Scaling group across multiple Availability Zones with Elastic IPs. Mount an Amazon EFS file system to the instance. Update downstream applications to mount the EFS endpoint instead of the NFS share.
D

Deploy an AWS Transfer Family server with a public endpoint. Configure the server to store files in a multi-AZ Amazon FSx for NetApp ONTAP file system. Assign Elastic IPs to the server. Update downstream applications to mount the FSx endpoint instead of the NFS share.

Explanation

Option A is correct because:
- AWS Transfer Family provides a managed SFTP solution, reducing operational overhead.
- Internet-facing VPC endpoint with Elastic IPs (EIPs) per subnet ensures high availability (HA) and static public IPs for vendor allowlisting.
- Multi-AZ Amazon EFS offers HA storage compatible with NFS, allowing downstream apps to mount EFS seamlessly.

Other options fail because:
- B uses a single EIP, compromising HA and static IP requirements.
- C involves EC2 instances with ASG and EIPs, increasing management complexity.
- D uses FSx for ONTAP, which introduces unnecessary complexity compared to EFS.

Key Points: Use managed services (Transfer Family, EFS) for HA and low overhead; assign EIPs per subnet for static IPs; leverage EFS for NFS compatibility.

Answer

The correct answer is: A