Q56 — AWS SAP-C02 Ch.2

Question 56 of 75 | ← Chapter 2

Q206. A company operates an on-premises software-as-a-service (SaaS) solution that ingests several files daily. The company provides multiple public SFTP endpoints to its customers to facilitate the file transfers. The customers and the SFTP endpoint IP addresses to their firewall allow list for outbound traffic. Changes to the SFTP endpoint IP addresses are not permitted. The company wants to migrate the SaaS solution to AWS and decrease the operational overhead of the file transfer service. Which solution meets these requirements?

Correct Answer: A. Register the customer-owned block of IP addresses in the company's AWS account. Create Elastic IP addresses from the address pool and assign them to an AWS Transfer for SFTP endpoint. Use AWS Transfer to store the files in Amazon S3.

Explanation

Option B suggests using an Application Load Balancer (ALB) to host FTP services behind EC2 instances in an Auto Scaling group with attached Amazon EBS volumes, which increases operational overhead and complexity. Option C suggests using Amazon Route 53 to create alias records that point to a Network Load Balancer (NLB) with EC2 instances hosting FTP services behind it, which also adds unnecessary complexity to the solution. Option D suggests creating an Amazon S3 VPC endpoint with Elastic IP addresses assigned from the customer-owned block of IP addresses, but it does not provide a direct solution for facilitating file transfers through SFTP endpoints. Therefore, option A provides the most straightforward solution to meet the given requirements. Register the customer-owned block of IP addresses in the company's AWS account, create Elastic IP addresses from the address pool, and assign them to an AWS Transfer for SFTP endpoint. AWS Transfer can then be used to store the files in Amazon S3, reducing the operational overhead of the file transfer service while allowing customers to continue using their existing SFTP endpoints and firewall allow lists.