AWS Certified Associate SAA-C03 Amazon Web Services Study Notes

A. Amazon EFS:Provides a scalable, shared file storage solution with minimal operational overhead. It's ideal for Linux-based workloads.

B. Amazon FSx for NetApp ONTAP:More suited for workloads requiring NetApp-specific features.

C. Amazon EBS:Requires manual management of file shares, which increases operational overhead.

D. Amazon FSx for Windows File Server:Best suited for Windows SMB workloads with low operational overhead.

E. Amazon FSx for OpenZFS:Better for Linux and Unix-based workloads.

CloudFront geographic restrictions (also known as geo-blocking) allow you to allow or deny content delivery to specific countries with minimal configuration.

“You can use geo restriction, also known as geoblocking, to prevent users in specific geographic locations from accessing content that you're distributing through a CloudFront web distribution.”

— CloudFront Geo Restriction

This is the most operationally efficient approach — no code, no signed URL logic.

Incorrect Options:

A/C: Signed URLs/cookies are for individual access control, not geo-blocking.

D: OAC controls access between CloudFront and S3, not to block specific countries.

Amazon Aurora PostgreSQL with Babelfish allows Aurora to understand SQL Server T-SQL and the SQL Server wire protocol. This enables applications to continue using SQL Server drivers, minimizing code changes (Option B).

Migration of schema and data is performed using AWS Schema Conversion Tool (SCT) and AWS Database Migration Service (DMS) (Option C), which is the AWS-recommended migration pattern for heterogeneous database migrations.

AWS DMS (Option E) does not rewrite application SQL.

RDS Proxy (Option D) does not translate SQL Server protocols.

Option A requires rewriting application queries, which contradicts the “minimal changes” requirement.

Amazon S3 File Gateway (AWS Storage Gateway) exposes an on-premises NFS/SMB file share that durably stores files as S3 objects with local caching, enabling low-latency writes on-premises and asynchronous, near-real-time ingestion into Amazon S3 for analytics. It is purpose-built to “present a file interface backed by Amazon S3” and to “store files as objects in your S3 buckets,” so existing applications writing to a network share can transparently land data in S3 without custom scripts or job orchestration. Compared with scheduled transfers (e.g., end-of-day DataSync), S3 File Gateway continuously uploads new/changed files, better meeting the near-real-time requirement. Transfer Family (SFTP) would require custom polling and client changes, increasing operational burden. DataSync is excellent for bulk or periodic migrations/synchronizations but is not as seamless for continuous ingestion from a live file share. Therefore, updating the application to point to an S3 File Gateway share provides the simplest, performant path to near-real-time delivery into S3 for downstream analytics.