By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

SFTP Server - VPC Endpoint with multiple AZ

0

Dear Team - I have deployed AWS SFTP server (Transfer) in a VPC for internal HR user access. It has VPC endpoint deployed in two diff AZ in US-West region. We are going through the DR plan for every application. Specific to the SFTP deployment, Is our understanding correct that, if AZ-1 goes down, our SFTP will still be applicable from AZ2 ? or connection request will still go to AZ1 (down state) as a part of round robin fashion ?

As per below URL, AWS recommended to change VPC_endpoint to VPC type of SFTP deployment. How this will prevent the internal request going to AZ which is in down state ?

Do i need any NLB internal facing in front of AZ endpoints ?

https://aws.amazon.com/blogs/storage/update-your-aws-transfer-family-server-endpoint-type-from-vpc_endpoint-to-vpc/

Topics
Networking & Content DeliveryMigration & Modernization
Tags
Amazon VPCAWS Transfer for SFTPAWS PrivateLinkAWS Transfer Family
Language
English
JD
asked 7 months ago344 views
1 Answer
0

The VPC endpoint will have a DNS name of the form vpce-abcdef12345678910-4321dcba.server.transfer.[region].vpce.amazonaws.com which will have (in your case) two values, one for the IP of the endpoint in AZ1 and the other for AZ2.

If one of the AZs becomes unavailable, the AWS Transfer managed service will ensure traffic is directed to the healthy IP address, until the other one becomes healthy again.

You shouldn't need an NLB.

More on AWS Transfer Family resilience is here https://docs.aws.amazon.com/transfer/latest/userguide/disaster-recovery-resiliency.html

profile picture
EXPERT
Steve_M
answered 7 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content