Which solution will meet these requirements with the LEAST operational overhead and no changes to the customer’s application?
Set up AWS Transfer Family with SFTP for Amazon S3. Configure integrated Active Directory authentication.
Set up AWS Database Migration Service (AWS DMS) to synchronize the on-premises client with Amazon S3. Configure integrated Active Directory authentication.
Set up AWS DataSync to synchronize between the on-premises location and the S3 location by using AWS IAM Identity Center (AWS Single Sign-On).
Set up a Windows Amazon EC2 instance with SFTP to connect the on-premises client with Amazon S3. Integrate AWS Identity and Access Management (IAM).
Explanations:
AWS Transfer Family supports SFTP directly to Amazon S3 and can be configured to use Active Directory for authentication. This meets the requirement of allowing the customer to use their existing Active Directory without changing their application. It provides a managed service with low operational overhead.
AWS Database Migration Service (DMS) is primarily used for migrating databases, not for file transfer or synchronization with S3. It does not support SFTP or Active Directory integration for file access, making it unsuitable for the requirements.
AWS DataSync is used for transferring large amounts of data between on-premises storage and AWS storage services but does not provide SFTP support or allow direct SFTP access to S3. Additionally, it requires changes to the application to handle the data synchronization, which does not align with the requirement for no changes.
Setting up a Windows EC2 instance with SFTP involves more operational overhead, as it requires managing the instance and the SFTP service. While it can integrate with IAM, it does not directly provide Active Directory authentication and requires more manual configuration and maintenance compared to AWS Transfer Family.
I strategize that the answer is:
Set up AWS Transfer Family with SFTP for Amazon S3. Configure integrated Active Directory authentication.