Which solution meets these requirements?

By:
On:
In: SAP-C02
Tagged:
With: 0 Comments
A company operates an on-premises software-as-a-service (SaaS) solution that ingests several files daily.The company provides multiple public SFTP endpoints to its customers to facilitate the file transfers.The customers add the SFTP endpoint IP addresses to their firewall allow list for outbound traffic.Changes to the SFTP endpoint IP addresses are not permitted.The company wants to migrate the SaaS solution to AWS and decrease the operational overhead of the file transfer service.

Which solution meets these requirements?

Register the customer-owned block of IP addresses in the company’s AWS account. Create Elastic IP addresses from the address pool and assign them to an AWS Transfer for SFTP endpoint. Use AWS Transfer to store the files in Amazon S3.

Add a subnet containing the customer-owned block of IP addresses to a VPC. Create Elastic IP addresses from the address pool and assign them to an Application Load Balancer (ALB). Launch EC2 instances hosting FTP services in an Auto Scaling group behind the ALStore the files in attached Amazon Elastic Block Store (Amazon EBS) volumes.

Register the customer-owned block of IP addresses with Amazon Route 53. Create alias records in Route 53 that point to a Network Load Balancer (NLB). Launch EC2 instances hosting FTP services in an Auto Scaling group behind the NLB. Store the files in Amazon S3.

Register the customer-owned block of IP addresses in the company’s AWS account. Create Elastic IP addresses from the address pool and assign them to an Amazon S3 VPC endpoint. Enable SFTP support on the S3 bucket.

Explanations:

AWS Transfer for SFTP supports integration with Amazon S3 for file storage. Assigning Elastic IPs from the customer-owned IP block to the AWS Transfer for SFTP endpoint allows the company to maintain the same IPs. This solution reduces operational overhead and ensures compliance with the customer’s firewall allow-list requirements.

While it uses customer-owned IP addresses and EC2 instances, it introduces unnecessary complexity (e.g., managing FTP services and Auto Scaling groups), which increases operational overhead compared to a simpler solution like AWS Transfer for SFTP. Additionally, using Elastic Block Store (EBS) for storage isn’t optimal compared to Amazon S3.

While it uses customer-owned IPs and Amazon EC2 instances, it introduces additional complexity (e.g., managing FTP services) and the solution doesn’t fully address the need for managing file transfers in a simple and scalable way. Also, FTP is not natively supported by Amazon S3.

An Amazon S3 VPC endpoint does not support SFTP natively. Additionally, S3 endpoints are not designed for direct management of file transfers like FTP or SFTP. The correct service for SFTP is AWS Transfer for SFTP, not an S3 VPC endpoint.

Leave a Reply

Your email address will not be published. Required fields are marked *

10 − seven =