Passed Exam Today SAA-C03

The correct answer isAbecause the legacy mainframe requires asynchronous RESTful APIand the new service takes approximately3 minutesto complete each request. Among the choices,Amazon API Gateway REST APIis the appropriate option for exposing a synchronous REST endpoint to the mainframe. API Gateway REST APIs support longer integration timeouts than HTTP APIs, which makes them more suitable for workloads that take an extended time to process. The REST API can invoke an AWS Lambda function to execute the stock price calculation and return the result synchronously.

Option B is incorrect becauseAPI Gateway HTTP APIshave a shorter integration timeout and are not the best fit for a request that takes around 3 minutes. Option C is incorrect becauseWebSocket APIsare not RESTful and do not meet the requirement for synchronous REST-based integration with the mainframe. Option D is incorrect becauseLambda function URLsdo not provide the same API management features and are not the best choice for a long-running synchronous enterprise integration requirement of this kind.

AWS design guidance favors API Gateway when exposing managed APIs to external consumers. In this case, theREST APIoption best matches the requirement for synchronous RESTful access while supporting the longer processing duration. It also provides a managed front door for authentication, throttling, and operational control if the company needs those features later.

One note of honesty: some exam versions treat the REST API timeout detail as the deciding factor here. That is the key reasonREST APIis preferred overHTTP APIfor this question.

Detailed Explanation:

A. ECS + API Gateway:Overly complex and costly for an on-demand, intermittent workload.

B. EventBridge + SNS:EventBridge schedules are unnecessary for on-demand generation.

C. EKS + API Gateway:Overkill for this use case, with high operational overhead.

D. Lambda + SES:Most cost-effective and efficient solution for generating and emailing reports on demand.

The requirement is to restrict actions by Region to prevent accidental cross-Region operations that could violate data residency rules. The most direct and flexible way to enforce Region-based restrictions in AWS is to use IAM condition keys, specifically aws:RequestedRegion, in identity-based policies (and commonly in permission boundaries or SCPs when managing an organization).

Option B is correct because it applies Region constraints at authorization time. By adding conditions that allow actions only when aws:RequestedRegion matches an approved list (or denies when it matches disallowed Regions), the company can prevent users and roles from creating, modifying, or accessing resources in the wrong Region. This approach is broad and can be applied across many services, not just EC2, making it suitable for enforcing data residency boundaries across a multi-Region footprint.

Option A is too narrow because it restricts only ec2:RunInstances. Data residency concerns typically apply to many services (S3, RDS, DynamoDB, KMS, etc.), and limiting only EC2 does not prevent accidental data operations elsewhere. Option C controls where requests come from (source IP), not which Region is targeted. Option D (AWS Config) is detective, not preventative; it can alert after noncompliant actions occur, which does not meet the requirement to prevent accidental operations.

Therefore, B best meets the requirement by enforcing Region-level guardrails through IAM authorization conditions, helping ensure workloads remain within approved geographic boundaries.

This solution leverages:

Amazon Redshift Spectrum to query S3 data directly from Redshift.

Amazon Athena for ad-hoc analysis of S3 data.

Amazon QuickSight for unified visualization from multiple data sources.

“Redshift Spectrum enables you to run queries against exabytes of data in Amazon S3 without having to load or transform the data.”

“QuickSight supports both Amazon Redshift and Amazon Athena as data sources.”

— Redshift Spectrum

— Amazon QuickSight Supported Data Sources

This architecture allows scalable querying and visualization with minimum ETL overhead, ideal for BI dashboards.

Incorrect Options:

A: The query editor is not a BI tool.

B, D: Grafana is better for time-series data, not structured analytics or BI reports.