Answer: Set up AWS Transfer Family with SFTP for Amazon S3. Configure integrated Active Directory authentication.

## Explanation **Correct Answer: A** AWS Transfer Family with SFTP is specifically designed for secure file transfers to and from Amazon S3 using SFTP, FTPS, and FTP protocols. It provides: 1. **Native Active Directory integration** - Can directly authenticate users against on-premises Microsoft Active Directory 2. **Direct S3 integration** - Files are stored directly in S3 buckets 3. **No application changes required** - The customer's existing SFTP client can connect directly 4. **Least operational overhead** - Fully managed service, no EC2 instances to manage **Why other options are incorrect:** **B. AWS DMS** - Designed for database migration/replication, not for SFTP file transfers. It doesn't provide SFTP endpoints for clients to connect to. **C. AWS DataSync** - Designed for data synchronization between storage systems, not for providing SFTP access to end-users. It doesn't expose an SFTP endpoint for client applications. **D. Windows EC2 instance** - Requires managing EC2 instances (operational overhead), patching, scaling, and security. While it could work with additional configuration, it has significantly more operational overhead compared to the managed AWS Transfer Family service. **Key AWS Services Knowledge:** - **AWS Transfer Family**: Managed file transfer service supporting SFTP, FTPS, FTP protocols - **Active Directory integration**: Can connect to on-premises AD or AWS Managed Microsoft AD - **S3 integration**: Files are stored directly in S3 buckets - **Managed service**: No infrastructure to manage, scales automatically This solution meets all requirements: SFTP access, Active Directory authentication, S3 storage, no application changes, and minimal operational overhead.

Author: LeetQuiz Editorial Team