How should the company accomplish this?

By:
In: SAA-C02
Tagged:
With: 1 Comment
A company has an application running on Amazon EC2 instances in a private subnet.The application needs to store and retrieve data in Amazon S3.To reduce costs, the company wants to configure its AWS resources in a cost-effective manner.

How should the company accomplish this?

Deploy a NAT gateway to access the S3 buckets.

Deploy AWS Storage Gateway to access the S3 buckets.

Deploy an S3 gateway endpoint to access the S3 buckets.

Deploy an S3 interface endpoint to access the S3 buckets.

Explanations:

A NAT gateway allows instances in a private subnet to initiate outbound traffic to the internet but does not provide direct access to S3. Using a NAT gateway incurs additional costs for both the gateway and data transfer charges, which the company wants to avoid.

AWS Storage Gateway is primarily used for hybrid cloud storage solutions and caching data between on-premises environments and AWS. It is not necessary for direct S3 access from EC2 instances in a private subnet and can lead to additional complexity and costs.

An S3 gateway endpoint allows EC2 instances in a private subnet to access S3 buckets directly without needing an internet gateway or NAT device. This method is cost-effective as it incurs no data transfer charges to access S3 from the VPC and provides enhanced security.

An S3 interface endpoint is used for VPC endpoints to access S3 over the AWS network using private IP addresses. However, for S3 access, a gateway endpoint is more appropriate, and an interface endpoint incurs additional costs for data processing.

2025-10-12

1 Comment

  1. Heather
    Author

    To the best of my knowledge, the answer is:
    Deploy an S3 gateway endpoint to access the S3 buckets.

Leave a Reply

Your email address will not be published. Required fields are marked *

3 × three =