AWS Certified Solutions Architect – Associate (SAA-C02) — Question 568

A company is creating an application that runs on containers in a VPC. The application stores and accesses data in an Amazon S3 bucket. During the development phase, the application will store and access 1 TB of data in Amazon S3 each day. The company wants to minimize costs and wants to prevent traffic from traversing the internet whenever possible.
Which solution will meet these requirements?

Answer options

• A. Enable S3 Intelligent-Tiering for the S3 bucket.
• B. Enable S3 Transfer Acceleration for the S3 bucket.
• C. Create a gateway VPC endpoint for Amazon S3. Associate this endpoint with all route tables in the VPC.
• D. Create an interface endpoint for Amazon S3 in the VPC. Associate this endpoint with all route tables in the VPC.

Correct answer: C

Explanation

A gateway VPC endpoint provides a direct, private connection to Amazon S3 from the VPC without traversing the public internet, and it incurs no hourly or data processing fees, making it the most cost-effective choice for 1 TB of daily data. In contrast, an interface VPC endpoint charges per-GB data processing fees which would be highly expensive for this volume of traffic. S3 Intelligent-Tiering and S3 Transfer Acceleration do not resolve the requirement to keep traffic off the public internet.