AWS Certified Solutions Architect – Associate (SAA-C03) — Question 823

A company runs an application on Amazon EC2 instances in a private subnet. The application needs to store and retrieve data in Amazon S3 buckets. According to regulatory requirements, the data must not travel across the public internet.

What should a solutions architect do to meet these requirements MOST cost-effectively?

Answer options

• A. Deploy a NAT gateway to access the S3 buckets.
• B. Deploy AWS Storage Gateway to access the S3 buckets.
• C. Deploy an S3 interface endpoint to access the S3 buckets.
• D. Deploy an S3 gateway endpoint to access the S3 buckets.

Correct answer: D

Explanation

An Amazon S3 gateway endpoint is the most cost-effective solution because AWS does not charge for gateway endpoints, unlike interface endpoints or NAT gateways which incur hourly and data processing fees. Both gateway and interface endpoints keep traffic within the AWS network, but the gateway endpoint satisfies the cost-effectiveness requirement perfectly. AWS Storage Gateway is unnecessary and would introduce additional infrastructure costs.