AWS Certified Solutions Architect - Professional
Get started today
Ultimate access to all questions.
A company is currently using an SFTP server on a single Amazon EC2 instance with an Elastic IP for file transfers accessible over the internet. Customers access this server via its Elastic IP using SSH for authentication, and the EC2 instance's security group permits access from all known customer IP addresses. A solutions architect needs to enhance the system's availability and simplify infrastructure management without altering the customer's connection method. What solution should the architect implement to meet these criteria?
A company is currently using an SFTP server on a single Amazon EC2 instance with an Elastic IP for file transfers accessible over the internet. Customers access this server via its Elastic IP using SSH for authentication, and the EC2 instance's security group permits access from all known customer IP addresses. A solutions architect needs to enhance the system's availability and simplify infrastructure management without altering the customer's connection method. What solution should the architect implement to meet these criteria?
Explanation:
Option B is the correct answer. It involves detaching the Elastic IP from the current EC2 instance and establishing an Amazon S3 bucket for SFTP file storage. An AWS Transfer Family server is set up with a VPC-based, internet-facing endpoint. The existing Elastic IP is reassigned to this new endpoint, and the security group used by customers is applied to it. This ensures the same connection method for customers while improving availability and simplifying infrastructure management with minimal disruption. Additionally, the files are synced from the current SFTP server to the S3 bucket, ensuring seamless integration.