AWS Solutions Architect Associate exam topics, tips & practice exams
The AWS Certified Solutions Architect Associate certification exam, exam code SAA-C03, validates your ability to design secure, resilient, high-performing, and cost-optimized architectures on AWS using the AWS Well-Architected Framework.
It confirms that you can select appropriate services for current requirements while planning for growth and that you can review existing solutions and recommend improvements. The target audience for this AWS Certification exam typically has at least one year of hands-on experience designing solutions that use AWS services.
Exam basics
This exam includes multiple choice and multiple response questions. Your result appears as a scaled score between 100 and 1000 and the minimum passing score is 720.
The scoring model is compensatory which means you pass based on your overall performance rather than on each section individually.
The exam contains 50 scored questions and 15 unscored items that AWS uses to evaluate future content.
If you plan to continue to the advanced track you can compare this exam to the AWS Professional exams and related specialties such as the AWS ML Specialty and the AWS AI Practitioner.
Content domains and weights
If you completed fundamentals in the AWS Cloud Practitioner exam topics you will recognize the foundation but this exam goes deeper into architecture. The SAA-C03 exam is organized into four domains. Design secure architectures accounts for 30 percent. Design resilient architectures accounts for 26 percent. Design high-performing architectures accounts for 24 percent. Design cost-optimized architectures accounts for 20 percent. Security patterns align with concepts covered in AWS Security and many design choices appear across AWS Developer, AWS DevOps, and AWS Data Engineer learning paths.
Domain 1: design secure architectures
Secure access to AWS resources
You should design account and identity structures that use IAM users, groups, roles, and policies with least privilege and that support federation with AWS IAM Identity Center and AWS STS. In multi account environments you should plan for service control policies and onboarding through AWS Control Tower.
Secure workloads and applications
You should segment networks with VPC subnets, route tables, security groups, and network ACLs and protect applications with AWS WAF and AWS Shield. You should integrate Amazon Cognito for auth flows and AWS Secrets Manager for credential storage and secure connectivity with AWS VPN and AWS Direct Connect using private access where possible.
Data protection and governance
You should encrypt data at rest with AWS KMS and in transit with ACM using TLS and you should manage key policies and rotation. You should define lifecycle and retention policies and implement backups and replication to meet governance requirements and compliance expectations.
Domain 2: design resilient architectures
Scalable and loosely coupled patterns
You should design microservices and event driven systems using Amazon SQS, Amazon SNS, Amazon API Gateway, and AWS Step Functions. You should apply serverless and container patterns with AWS Lambda, AWS Fargate, Amazon ECS, and Amazon EKS and use caching where it improves performance and reliability.
High availability and fault tolerance
You should use multi AZ and multi Region strategies with Elastic Load Balancing and Amazon Route 53. You should select disaster recovery approaches such as backup and restore, pilot light, warm standby, or active active and define RPO and RTO. You should remove single points of failure and improve reliability with services like Amazon RDS Proxy and observability with AWS X-Ray and Amazon CloudWatch.
Domain 3: design high-performing architectures
Storage performance and scale
You should choose storage types and configurations that meet performance needs using Amazon S3, Amazon EFS, and Amazon EBS and you should plan for growth and access patterns across object, file, and block.
Compute elasticity and containers
You should decouple components so they scale independently and apply Auto Scaling policies for EC2 and containers. You should select EC2 instance families and sizes that match workloads and tune Lambda memory and concurrency. You should use containers on ECS or EKS when portability and orchestration are required.
Database performance
You should select engines and types that match workloads across Amazon RDS and Amazon Aurora for relational needs and Amazon DynamoDB for non relational at scale. You should plan capacity units and Provisioned IOPS, add read replicas, use proxies, and integrate caching with Amazon ElastiCache.
Network performance
You should design VPC topologies, select the right load balancer, and use edge services such as Amazon CloudFront and AWS Global Accelerator. You should choose connectivity options such as AWS VPN, AWS Direct Connect, and AWS PrivateLink based on latency, security, and cost.
Data ingestion and transformation
You should design pipelines with Amazon Kinesis, AWS Glue, and Amazon EMR. You should secure ingestion points, size for throughput, transform formats such as CSV to Parquet, and visualize with Amazon Athena and Amazon QuickSight.
Domain 4: design cost-optimized architectures
Storage cost optimization
You should select the most cost effective storage service and tier, apply S3 lifecycle policies, plan backups, and use hybrid options such as AWS DataSync, AWS Transfer Family, and AWS Storage Gateway when needed.
Compute cost optimization
You should right size instances, pick purchase options such as Savings Plans, Reserved Instances, and Spot, and improve utilization with containers, serverless, and Auto Scaling. You should align availability targets to workload criticality and consider options like hibernation where useful.
Database cost optimization
You should choose engines and types that reduce spend while meeting requirements, plan capacity and retention, apply caching effectively, and understand migration paths.
Network cost optimization
You should design NAT patterns that minimize egress costs, use VPC endpoints where appropriate, choose the right mix of Direct Connect and VPN, and apply edge caching to limit data transfer fees.
Related paths and comparisons
If you are mapping a broader certification journey you can start with the Cloud Practitioner and then progress to Solutions Architect Associate followed by the Solutions Architect Professional. You can also specialize in Security, DevOps, Developer, Data Engineer, Machine Learning, or the AI Practitioner.
If you also work in multi cloud environments you can explore GCP certifications such as Associate Cloud Engineer, Professional Cloud Architect, Professional Cloud Developer, Professional DevOps Engineer, Professional Cloud Security Engineer, Professional Cloud Network Engineer, Professional Data Engineer, Professional Database Engineer, Workspace Administrator, Data Practitioner, ML Engineer, and Generative AI Leader.
How to prepare
Begin with the official guide and map each task statement to hands on practice. You can use reputable courses and practice tests and many candidates like to combine a structured track with practical question banks such as this Udemy practice exam collection to build test stamina.
Build small labs that exercise VPC design, identity and federation, load balancing, Auto Scaling, and database selection. Use communities and curated study hubs like Scrumtuous and technical blogs for tips on study habits and exam mindset. If you prefer a Scrum angle for study cadence and backlog planning you can borrow patterns from the Scrum Master and Product Owner journeys to structure sprints for your certification goals.
Out of scope tasks
You are not expected to master specialized or unrelated services and you do not need knowledge of other clouds such as the Google Cloud Platform to pass this exam. The assessment focuses on AWS architectural concepts, best practices, and service selection that aligns with the role.
Study hard, get lots of practice, and good luck on your AWS solutions architect certification exam!
Cameron McKenzie is an AWS Certified AI Practitioner, Machine Learning Engineer, Solutions Architect and author of many popular books in the software development and Cloud Computing space. His growing YouTube channel training devs in Java, Spring, AI and ML has well over 30,000 subscribers.
Next Steps
The AWS Solutions Architect Book of Exam Questions by Cameron McKenzie
So what’s next?
A great way to secure your employment or even open the door to new opportunities is to get certified.
If you’re interested in AWS products, here are a few great resources to help you get Cloud Practitioner, Solution Architect, Machine Learning and DevOps certified from AWS:
- AWS Certified Cloud Practitioner Book of Exam Questions
- AWS Certified Developer Associate Book of Exam Questions
- AWS Certified AI Practitioner Book of Exam Questions & Answers
- AWS Certified Machine Learning Associate Book of Exam Questions
- AWS Certified DevOps Professional Book of Exam Questions
- AWS Certified Data Engineer Associate Book of Exam Questions
- AWS Certified Solutions Architect Associate Book of Exam Questions
Put your career on overdrive and get AWS certified today!