The idea is in the name. It is a "data diode". It lets data through in one direction and the data can't go in the other. Verifiably because it doesn't have the hardware for data to go the other direction.
I don't think this property can be guaranteed for the alternatives you proposed.
The idea is that the malware could have infiltrated the system (probably) but couldn't have exfiltrated data from it.
So a data diode wouldn't stop a "stuxnet" scenairo where the malware is trying to sabotage the air-gapped. But it would prevent secret information being leaked out.
(Btw. I'm just explaining what a data diode is, and what guarantees it provides. I don't actually think that it would be useful in practice, because it feels to be too cumbersome to use it and therefore the users/IT would poke holes into the security it would provide otherwise.)
I don't think this property can be guaranteed for the alternatives you proposed.