For secure migration of data from an on-premises data center to AWS without using the public internet, AWS Direct Connect is the most secure and reliable method. Using Secrets Manager to store service account credentials ensures that the credentials are managed securely with automatic rotation.
AWS Direct Connect:
Direct Connect establishes a dedicated, private connection between the on-premises data center and AWS, avoiding the public internet. This is ideal for secure, high-speed data transfers.
[Reference: AWS Direct Connect, AWS Secrets Manager:, Secrets Manager securely stores and rotates service account credentials, reducing operational overhead while ensuring security., Reference: AWS Secrets Manager, Alternatives Considered:, A (ECS with security groups): This does not address the need for a secure, private connection from the on-premises data center., C (Public subnet with presigned URLs): This involves using the public internet, which does not meet the requirement., D (Direct Connect with presigned URLs): While Direct Connect is correct, presigned URLs with short expiration dates are unnecessary for this use case., References:, AWS Direct Connect Documentation, AWS Secrets Manager Documentation, , , ]
Submit