AWS Certified Solutions Architect - Associate
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
A company wants to give a customer the ability to use on-premises Microsoft Active Directory to download files that are stored in Amazon S3. The customer's application uses an SFTP client to download the files.
Which solution will meet these requirements with the LEAST operational overhead and no changes to the customer's application?
Other
Community
UAnonymous
A
Set up AWS Transfer Family with SFTP for Amazon S3. Configure integrated Active Directory authentication.
B
Set up AWS Database Migration Service (AWS DMS) to synchronize the on-premises client with Amazon S3. Configure integrated Active Directory authentication.
C
Set up AWS DataSync to synchronize between the on-premises location and the S3 location by using AWS IAM Identity Center (AWS Single Sign-On).
D
Set up a Windows Amazon EC2 instance with SFTP to connect the on-premises client with Amazon S3. Integrate AWS Identity and Access Management (IAM).
Explanation:
Explanation
Correct Answer: A
AWS Transfer Family with SFTP is specifically designed for secure file transfers to and from Amazon S3 using SFTP, FTPS, and FTP protocols. It provides:
- Native Active Directory integration - Can directly authenticate users against on-premises Microsoft Active Directory
- Direct S3 integration - Files are stored directly in S3 buckets
- No application changes required - The customer's existing SFTP client can connect directly
- Least operational overhead - Fully managed service, no EC2 instances to manage
Why other options are incorrect:
B. AWS DMS - Designed for database migration/replication, not for SFTP file transfers. It doesn't provide SFTP endpoints for clients to connect to.
C. AWS DataSync - Designed for data synchronization between storage systems, not for providing SFTP access to end-users. It doesn't expose an SFTP endpoint for client applications.
D. Windows EC2 instance - Requires managing EC2 instances (operational overhead), patching, scaling, and security. While it could work with additional configuration, it has significantly more operational overhead compared to the managed AWS Transfer Family service.
Key AWS Services Knowledge:
- AWS Transfer Family: Managed file transfer service supporting SFTP, FTPS, FTP protocols
- Active Directory integration: Can connect to on-premises AD or AWS Managed Microsoft AD
- S3 integration: Files are stored directly in S3 buckets
- Managed service: No infrastructure to manage, scales automatically
This solution meets all requirements: SFTP access, Active Directory authentication, S3 storage, no application changes, and minimal operational overhead.
Comments
Loading comments...