What AWS architecture would you recommend?

A web design company currently runs several FTP servers that their 250 customers use to upload
and download large graphic files. They wish to move this system to AWS to make it more
scalable, but they wish to maintain customer privacy and keep costs to a minimum.
What AWS architecture would you recommend?

A web design company currently runs several FTP servers that their 250 customers use to upload
and download large graphic files. They wish to move this system to AWS to make it more
scalable, but they wish to maintain customer privacy and keep costs to a minimum.
What AWS architecture would you recommend?

A.
Ask their customers to use an S3 client instead of an FTP client. Create a single S3 bucket.
Create an IAM User for each customer.
Put the IAM Users in a Group that has an IAM policy that permits access to sub-directories within
the bucket via use of the ‘username’ Policy Variable.

B.
Create a single S3 bucket with Requester Pays turned on and ask their customers to use an S3
client instead of an FTP client.
Create a bucket for each customer with a Bucket Policy that permits access only to that one
customer.

C.
Create a single S3 bucket with Reduced Redundancy Storage turned on and ask their customers
to use an S3 client instead of an FTP client.
Create a bucket for each customer with a Bucket Policy that permits access only to that one
customer.

D.
Create an auto-scaling group of FTP servers with a scaling policy to automatically scale-in when
minimum network traffic on the auto-scaling group is below a given threshold.
Load a central list of FTP users from S3 as part of the User Data startup script on each instance.

Explanation:
https://aws.amazon.com/blogs/security/writing-iam-policies-grant-access-to-user-specific-foldersin-an-amazon-s3-bucket/



Leave a Reply 2

Your email address will not be published. Required fields are marked *


Alttab

Alttab

So, 250 customers have to change their client to S3….
Not really realistic to change FTP to a proprietary protocol?

D is the only realistic answer in my opinion 😉