SAP-C02 第 290 题
题目
A company is serving files to its customers through an SFTP server that is accessible over the internet. The SFTP server is running on a single Amazon EC2 instance with an Elastic IP address attached. Customers connect to the SFTP server through its Elastic IP address and use SSH for authentication. The EC2 instance also has an attached security group that allows access from all customer IP addresses. A solutions architect must implement a solution to improve availability, minimize the complexity of infrastructure management, and minimize the disruption to customers who access files. The solution must not change the way customers connect. Which solution will meet these requirements?
中文翻译:
一家公司通过可通过互联网访问的 SFTP 服务器向其客户提供文件。 SFTP 服务器在附加了弹性 IP 地址的单个 Amazon EC2 实例上运行。客户通过其弹性IP地址连接到SFTP服务器并使用SSH进行身份验证。 EC2 实例还具有一个附加的安全组,允许从所有客户 IP 地址进行访问。解决方案架构师必须实施一个解决方案来提高可用性、最大限度地降低基础设施管理的复杂性,并最大限度地减少对访问文件的客户的干扰。该解决方案不得改变客户的连接方式。哪种解决方案可以满足这些要求?
选项
A. Disassociate the Elastic IP address from the EC2 instance. Create an Amazon S3 bucket to be used for SFTP file hosting. Create an AWS Transfer Family server. Configure the Transfer Family server with a publicly accessible endpoint. Associate the SFTP Elastic IP address with the new endpoint. Point the Transfer Family server to the S3 bucket. Sync all files from the SFTP server to the S3 bucket.
中文翻译:
取消弹性 IP 地址与 EC2 实例的关联。创建用于 SFTP 文件托管的 Amazon S3 存储桶。创建 AWS Transfer Family 服务器。使用可公开访问的端点配置 Transfer Family 服务器。将 SFTP 弹性 IP 地址与新端点关联。将 Transfer Family 服务器指向 S3 存储桶。将所有文件从 SFTP 服务器同步到 S3 存储桶。
B. Disassociate the Elastic IP address from the EC2 instance. Create an Amazon S3 bucket to be used for SFTP file hosting. Create an AWS Transfer Family server. Configure the Transfer Family server with a VPC-hosted, internet-facing endpoint. Associate the SFTP Elastic IP address with the new endpoint. Attach the security group with customer IP addresses to the new endpoint. Point the Transfer Family server to the S3 bucket. Sync all files from the SFTP server to the S3 bucket.
中文翻译:
取消弹性 IP 地址与 EC2 实例的关联。创建用于 SFTP 文件托管的 Amazon S3 存储桶。创建 AWS Transfer Family 服务器。使用 VPC 托管、面向 Internet 的终端节点配置 Transfer Family 服务器。将 SFTP 弹性 IP 地址与新端点关联。将具有客户 IP 地址的安全组附加到新端点。将 Transfer Family 服务器指向 S3 存储桶。将所有文件从 SFTP 服务器同步到 S3 存储桶。
C. Disassociate the Elastic IP address from the EC2 instance. Create a new Amazon Elastic File System (Amazon EFS) file system to be used for SFTP file hosting. Create an AWS Fargate task definition to run an SFTP server. Specify the EFS file system as a mount in the task definition. Create a Fargate service by using the task definition, and place a Network Load Balancer (NLB) in front of the service. When configuring the service, attach the security group with customer IP addresses to the tasks that run the SFTP server. Associate the Elastic IP address with the NLB. Sync all files from the SFTP server to the S3 bucket.
中文翻译:
取消弹性 IP 地址与 EC2 实例的关联。创建一个新的 Amazon Elastic File System (Amazon EFS) 文件系统以用于 SFTP 文件托管。创建 AWS Fargate 任务定义以运行 SFTP 服务器。在任务定义中指定 EFS 文件系统作为挂载。使用任务定义创建 Fargate 服务,并将网络负载均衡器 (NLB) 放置在该服务前面。配置服务时,将具有客户 IP 地址的安全组附加到运行 SFTP 服务器的任务。将弹性 IP 地址与 NLB 关联。将所有文件从 SFTP 服务器同步到 S3 存储桶。
D. Disassociate the Elastic IP address from the EC2 instance. Create a multi-attach Amazon Elastic Block Store (Amazon EBS) volume to be used for SFTP file hosting. Create a Network Load Balancer (NLB) with the Elastic IP address attached. Create an Auto Scaling group with EC2 instances that run an SFTP server. Define in the Auto Scaling group that instances that are launched should attach the new multi-attach EBS volume. Configure the Auto Scaling group to automatically add instances behind the NLB. Configure the Auto Scaling group to use the security group that allows customer IP addresses for the EC2 instances that the Auto Scaling group launches. Sync all files from the SFTP server to the new multi-attach EBS volume.
中文翻译:
取消弹性 IP 地址与 EC2 实例的关联。创建用于 SFTP 文件托管的多附加 Amazon Elastic Block Store (Amazon EBS) 卷。创建附加弹性 IP 地址的网络负载均衡器 (NLB)。使用运行 SFTP 服务器的 EC2 实例创建 Auto Scaling 组。在 Auto Scaling 组中定义启动的实例应附加新的多附加 EBS 卷。配置 Auto Scaling 组以自动在 NLB 后面添加实例。配置 Auto Scaling 组以使用允许 Auto Scaling 组启动的 EC2 实例的客户 IP 地址的安全组。将 SFTP 服务器中的所有文件同步到新的多附加 EBS 卷。
答案
B
解析
正确答案:B 解析: 本题应选择 B。 正确选项: B. 取消弹性 IP 地址与 EC2 实例的关联。创建用于 SFTP 文件托管的 Amazon S3 存储桶。创建 AWS Transfer Family 服务器。使用 VPC 托管、面向 Internet 的终端节点配置 Transfer Family 服务器。将 SFTP 弹性 IP 地址与新端点关联。将具有客户 IP 地址的安全组附加到新端点。将 Transfer Family ...