SFTP Server - VPC Endpoint with multiple AZ

0

Dear Team - I have deployed AWS SFTP server (Transfer) in a VPC for internal HR user access. It has VPC endpoint deployed in two diff AZ in US-West region. We are going through the DR plan for every application. Specific to the SFTP deployment, Is our understanding correct that, if AZ-1 goes down, our SFTP will still be applicable from AZ2 ? or connection request will still go to AZ1 (down state) as a part of round robin fashion ?

As per below URL, AWS recommended to change VPC_endpoint to VPC type of SFTP deployment. How this will prevent the internal request going to AZ which is in down state ?

Do i need any NLB internal facing in front of AZ endpoints ?

https://aws.amazon.com/blogs/storage/update-your-aws-transfer-family-server-endpoint-type-from-vpc_endpoint-to-vpc/

1개 답변
0

The VPC endpoint will have a DNS name of the form vpce-abcdef12345678910-4321dcba.server.transfer.[region].vpce.amazonaws.com which will have (in your case) two values, one for the IP of the endpoint in AZ1 and the other for AZ2.

If one of the AZs becomes unavailable, the AWS Transfer managed service will ensure traffic is directed to the healthy IP address, until the other one becomes healthy again.

You shouldn't need an NLB.

More on AWS Transfer Family resilience is here https://docs.aws.amazon.com/transfer/latest/userguide/disaster-recovery-resiliency.html

profile picture
전문가
Steve_M
답변함 7달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인