Question #668
A company operates a document repository application on a single Windows Amazon EC2 instance in a staging environment. The application stores and retrieves files on a 3 TB Amazon Elastic Block Store (Amazon EBS) volume attached as the root device. The company aims to transition this application to production as a fault-tolerant and highly available system, deploying it across three EC2 instances spanning multiple Availability Zones. A solutions architect must design a solution that integrates the instances with an Active Directory domain and enforces Windows ACLs for file access control. The application requires all instances to have identical, synchronized content at all times. Which solution meets these requirements with the LEAST operational complexity?
Create an Amazon Elastic File System (Amazon EFS) file share. Configure an Auto Scaling group spanning three Availability Zones with a minimum of three instances. Use a user data script to install the application, join the domain, and mount the EFS share.
Generate a new AMI from the existing EC2 instance. Deploy an Amazon FSx for Lustre file system. Configure an Auto Scaling group across three Availability Zones with three instances. Use a user data script to join the domain and mount the FSx for Lustre file system.
Deploy an Amazon FSx for Windows File Server file system. Configure an Auto Scaling group across three Availability Zones with three instances. Use a user data script to install the application and mount the FSx file system. Seamlessly join the instances to the Active Directory domain.
Create a new AMI from the current EC2 instance. Set up an Amazon EFS file system. Configure an Auto Scaling group across three Availability Zones with three instances. Perform a seamless domain join for Active Directory integration.
Explanation
Answer C is correct because:
1. Amazon FSx for Windows File Server is designed for Windows environments, natively supporting Active Directory integration and Windows ACLs, which are critical requirements.
2. FSx provides a shared file system accessible by multiple EC2 instances across Availability Zones, ensuring all instances have identical, synchronized content.
3. Using an Auto Scaling group with a user data script to mount the FSx file system and join the domain minimizes operational complexity.
Other options are incorrect because:
- A & D: Amazon EFS is optimized for Linux, not Windows, and lacks native Windows ACL/Active Directory support.
- B: FSx for Lustre is designed for high-performance computing (HPC) and does not support Windows ACLs or Active Directory integration.
Key Points: Use FSx for Windows for Windows-based shared storage with Active Directory/ACL requirements; EFS is Linux-focused; FSx for Lustre is HPC-oriented.
Answer
The correct answer is: C