How to Pass the AWS Solutions Architect (SAA-C03) Exam: Complete Study Guide
Everything you need to know to pass the AWS Solutions Architect Associate exam. Domain breakdown, study resources, practice strategies, and tips from people who passed.
How to Pass the AWS Solutions Architect (SAA-C03) Exam: Complete Study Guide
The AWS Solutions Architect Associate (SAA-C03) exam is one of the most sought-after cloud certifications in the industry. It validates your ability to design secure, resilient, high-performing, and cost-optimized architectures on Amazon Web Services. Whether you're pivoting into cloud engineering, preparing for a solutions architect role, or validating hands-on AWS experience, this AWS certification study guide will walk you through everything you need to pass.
What Is the SAA-C03 Exam?
The SAA-C03 is the current version of the AWS Solutions Architect Associate exam. It tests your ability to make architectural decisions based on AWS customer requirements and best practices. The exam consists of 65 multiple-choice and multiple-response questions with a 130-minute time limit. The passing score is 720 out of 1000.
This exam is designed for individuals who have at least one year of hands-on experience designing scalable, fault-tolerant, and cost-effective systems on AWS. You don't need to be a developer or sysadmin — but you should be comfortable reading architecture diagrams, evaluating tradeoffs between AWS services, and applying the AWS Well-Architected Framework.
The 4 Exam Domains (With Weightings)
The exam is organized into four domains. Understanding these weightings helps you prioritize your study time effectively.
1. Design Secure Architectures — 30%
This is the heaviest-weighted domain, so invest serious time here. You need to know:
- IAM — users, groups, roles, policies, trust relationships, and the difference between resource-based and identity-based policies
- Shared Responsibility Model — what AWS secures vs. what you secure
- Security groups vs. NACLs — stateful vs. stateless, when to use each
- Encryption at rest and in transit — KMS, CloudHSM, ACM, TLS termination
- AWS WAF, Shield, and GuardDuty — protecting against common attack patterns
Key trap: Exam questions often test whether you understand that security groups are stateful (return traffic is automatically allowed) while NACLs are stateless (both inbound and outbound rules must be explicitly configured). Mixing these up is one of the most common mistakes.
2. Design Resilient Architectures — 26%
This domain focuses on availability, disaster recovery, and fault tolerance:
- Multi-AZ vs. Multi-Region architectures
- RDS Multi-AZ and Read Replicas — when to use each
- S3 Cross-Region Replication (CRR) and Same-Region Replication (SRR)
- Route 53 routing policies — failover, weighted, latency, geolocation, geoproximity
- ELB types — Application Load Balancer vs. Network Load Balancer vs. Gateway Load Balancer
- Disaster Recovery strategies — Backup & Restore, Pilot Light, Warm Standby, Multi-Site Active/Active
Key trap: AWS expects you to know the RPO and RTO implications of each DR strategy. A common question gives you business requirements (e.g., "RTO of 15 minutes, RPO of 1 minute") and asks which DR approach and services meet those constraints. Backup & Restore has the highest RTO/RPO while Multi-Site Active/Active has the lowest.
3. Design High-Performing Architectures — 24%
This domain tests your ability to select appropriate compute, storage, database, and networking services to meet performance requirements:
- EC2 instance families — general purpose, compute optimized, memory optimized, accelerated computing, storage optimized
- S3 performance — multipart upload, CloudFront caching, S3 Transfer Acceleration
- RDS and Aurora — read replicas, Aurora auto-scaling, provisioned IOPS vs. burstable
- ElastiCache — Memcached vs. Redis, cache strategies (lazy loading, write-through, TTL)
- CloudFront and Global Accelerator — edge caching vs. anycast IP routing
- Lambda — concurrency limits, reserved concurrency, provisioned concurrency, cold starts
Key trap: Questions often ask you to choose between CloudFront and Global Accelerator. CloudFront is for content caching at the edge (static/dynamic content acceleration). Global Accelerator uses AWS's global network to route TCP/UDP traffic to the optimal endpoint — it doesn't cache content but reduces latency for non-cacheable workloads.
4. Design Cost-Optimized Architectures — 20%
The smallest but trickiest domain. AWS wants to know you can save money without sacrificing performance:
- Compute pricing models — On-Demand, Reserved Instances, Savings Plans, Spot Instances
- S3 storage classes — S3 Standard, Intelligent-Tiering, Glacier Instant Retrieval, Glacier Flexible Retrieval, Glacier Deep Archive
- RDS pricing — reserved DB instances, Aurora serverless, appropriate instance sizing
- Auto Scaling — dynamic scaling, scheduled scaling, predictive scaling
- AWS Cost Explorer, Trusted Advisor, Budgets
Key trap: The exam loves questions where the cheapest option is also the wrong option because it doesn't meet a non-functional requirement. Always read the full question — if they need sub-millisecond latency, S3 is cheaper than ElastiCache but won't work. If they need millisecond retrieval of archived data, Glacier Instant Retrieval fits even though Glacier Deep Archive is cheaper.
Key Services You Must Know In Depth
While AWS offers over 200 services, the SAA-C03 focuses on a core set. Know these services inside and out — not just what they do, but how they interact and the tradeoffs between them.
| Service | What to Know |
|---|---|
| S3 | Storage classes, lifecycle policies, versioning, replication, presigned URLs, bucket policies vs. ACLs, encryption options,Static Website Hosting, S3 Select, object lock |
| EC2 | Instance families, user data, security groups, EBS volume types (gp3, io2, st1, sc1), placement groups, ENI, instance metadata, AMIs |
| VPC | Subnets (public/private), route tables, Internet Gateway, NAT Gateway/Instance, VPC Peering, Transit Gateway, VPC Endpoints (Gateway vs. Interface), Security Groups vs. NACLs, Flow Logs |
| RDS | Multi-AZ, Read Replicas, Aurora, RDS Proxy, backup/restore, encryption, parameter groups, option groups |
| Lambda | Triggers (S3, DynamoDB Streams, SQS, API Gateway), concurrency, timeout, environment variables, layers, VPC integration |
| CloudFront | Origins, behaviors, TTL, invalidations, Lambda@Edge, CloudFront Functions, signed URLs/cookies, WAF integration, Origin Shield |
| Route 53 | Hosted zones, record types, routing policies (7 types), health checks, failover, alias records |
| IAM | Policies (managed vs. inline), roles vs. users, trust policies, service-linked roles, permission boundaries, SCPs |
Recommended Study Approach: 8–12 Weeks
Most successful candidates study for 8 to 12 weeks at 2–3 hours per day. Here's a week-by-week roadmap:
Weeks 1–2: Foundation
- Complete AWS Cloud Practitioner Essentials (free on AWS Skill Builder)
- Read through the AWS Well-Architected Framework whitepaper
- Set up a free AWS account and get hands-on with the console
Weeks 3–5: Core Services Deep Dive
- Study EC2, S3, VPC, and IAM in detail — these are the foundation of almost every question
- Build small projects: a three-tier web app, a serverless API, a static site on S3 + CloudFront
- Watch Adrian Cantrill's SAA-C03 course or read through the official AWS documentation
Weeks 6–8: Advanced Topics and Practice Tests
- Cover databases (RDS, Aurora, DynamoDB, ElastiCache)
- Study migration (AWS DMS, Snowball, DataSync), monitoring (CloudWatch, CloudTrail, Config), and automation (CloudFormation, Elastic Beanstalk)
- Start taking AWS Solutions Architect practice test questions. Use Certeli's SAA-C03 exam questions for real exam-style practice
Weeks 9–12: Review and Exam Readiness
- Review weak areas identified by your practice tests
- Take full-length timed mock exams under exam conditions
- Use spaced repetition — re-test on questions you got wrong 24 hours, 3 days, and 7 days later
- Review the AWS re:Invent YouTube sessions for any new services or updates
Common Question Trap Types
The SAA-C03 is known for tricky questions designed to test whether you truly understand AWS concepts or just memorized service features. Watch out for these:
Multi-VPC Scenarios
Questions will describe an organization with VPCs in multiple accounts and ask how to connect them. Transit Gateway is almost always the right answer for hub-and-spoke. VPC Peering doesn't support transitive routing, so connecting 5 VPCs with peering requires a mesh (n(n-1)/2 connections).
Cost Optimization Tradeoffs
The cheapest answer is rarely the best answer. A question might offer Reserved Instances as the cheapest compute option, but if the workload is fault-tolerant, Spot Instances + Savings Plans might be cheaper and more appropriate. Always read the full scenario.
Disaster Recovery Strategy Selection
A common pattern: "Company X needs to recover a critical application in another region with RTO < 1 hour and RPO < 15 minutes. Current cost is the primary constraint." Pilot Light is the most common correct answer for moderate cost with reasonable RTO/RPO. Warm Standby if they need faster recovery. Multi-Site Active/Active if they need near-zero RTO/RPO but can afford the cost.
Storage Class Selection
Questions about infrequently accessed data will offer multiple S3 storage classes. The trick is matching retrieval time requirements with the right class. If they need instant access, Glacier Instant Retrieval. If they can wait minutes, S3 Standard-IA or S3 One Zone-IA. If hours is fine, Glacier Flexible Retrieval.
Multi-AZ vs. Read Replicas
Multi-AZ is for high availability and disaster recovery (automatic failover). Read Replicas are for read scaling and performance (offloading read traffic). The exam loves asking which to use when. If they need the database to survive an AZ failure, pick Multi-AZ. If they need to reduce load on the primary, pick Read Replicas.
Why Mock Exams Matter
There's a reason every successful candidate emphasizes practice tests. The SAA-C03 doesn't just test your AWS knowledge — it tests your ability to eliminate wrong answers under time pressure. Here's what makes mock exams essential:
- Question pattern recognition: After 300–500 practice questions, you'll start seeing the same architectural patterns and anti-patterns
- Time management: The 130-minute timer is real. Full-length mocks train you to average about 2 minutes per question
- Identifying weak domains: If you're scoring 85% on Design Resilient Architectures but only 60% on Design Cost-Optimized Architectures, you know exactly where to focus
- Building confidence: Walking into the exam knowing you've already passed multiple full-length mocks at 80%+ completely changes your mindset
Try our SAA-C03 exam questions at certeli.com/exam/aws-saa-c03 for realistic practice that mirrors the actual exam format, difficulty, and domain distribution.
Spaced Repetition Strategy
Spaced repetition is scientifically proven to improve long-term retention. Here's how to apply it to your AWS certification study guide:
- Day 1: Study a domain and take notes
- Day 2: Take a 10-question quiz on that domain
- Day 3: Quick review of wrong answers from Day 2
- Day 7: Full topic quiz on the domain
- Day 14: Mixed quiz combining this domain with others
- Day 30: Cumulative review from all your wrong-answer log
Tools like Anki work well, but nothing beats taking full-length SAA-C03 exam questions with explanations — the explanations themselves reinforce the concepts in context.
Additional Resources
- AWS Skill Builder — Official AWS digital training, including the Exam Readiness course
- AWS Well-Architected Framework Whitepaper — Must-read for understanding the design principles
- AWS re:Invent Sessions on YouTube — Deep dives into specific services
- AWS Documentation FAQs — The S3, VPC, and RDS FAQ pages are gold mines for exam-relevant details
- AWS Free Tier — Hands-on experience is irreplaceable
Final Tips
- Read each question twice — the exam embeds critical constraints in the middle of paragraphs. A single word like "cached" or "archive" or "globally" can change the answer
- Eliminate first, then choose — cross out obviously wrong answers before evaluating remaining options
- Don't overthink — the simplest solution that meets all stated requirements is usually correct
- Flag and move on — if you're stuck after 90 seconds, flag the question and come back
- Use the review feature — AWS lets you review answers at the end. Use all 130 minutes
- Schedule the exam — having a fixed date creates accountability. The SAA-C03 is available at PSI and Pearson Vue test centers (or online proctored)
Ready to test your knowledge? Start practicing with real SAA-C03 exam questions and AWS Solutions Architect practice test questions at certeli.com/exam/aws-saa-c03. Our platform simulates the actual exam environment with detailed explanations for every answer — so you learn as you practice.
Good luck with your AWS Solutions Architect journey!
Ready to test your knowledge?
Practice with 32,000+ realistic exam questions. Start free, no credit card required.
Try Free Practice Questions