Which solution will meet these requirements with the LEAST operational overhead?
Configure an S3 File Gateway. Create SMB file shares on the file gateway that use the existing Active Directory to authenticate.
Configure an Auto Scaling group with Amazon EC2 instances to run an SFTP solution. Configure the group to scale up at 60% CPU utilization.
Create an AWS Transfer Family server with SFTP endpoints. Choose the AWS Directory Service option as the identity provider. Use AD Connector to connect the on-premises Active Directory.
Create an AWS Transfer Family SFTP endpoint. Configure the endpoint to use the AWS Directory Service option as the identity provider to connect to the existing Active Directory.
Explanations:
S3 File Gateway with SMB shares would allow file access via SMB protocol, but it does not support SFTP directly. Additionally, it is not designed to handle user authentication for SFTP through AD.
Setting up an Auto Scaling group with EC2 instances for an SFTP solution would require significant operational overhead to manage the servers, security, and scaling configuration. It does not natively integrate with AD for SFTP.
AWS Transfer Family with SFTP endpoints and AWS Directory Service as the identity provider enables direct integration with AD via AD Connector. This meets the requirements with minimal operational overhead and native SFTP support.
While AWS Transfer Family with the AWS Directory Service option is used, simply configuring the endpoint alone would not establish a connection with the on-premises AD; AD Connector is required for this integration.