AWS Certified Solutions Architect - Associate (SAA-C03) Exam Guide

Hi there 😊

Below follows a compilation of resources I used to study and pass the exam. Hope you find it useful. To support my work, I appreciate if you can take a minute to share the post on social and tag me to acknowledge this was useful for you.

🫶 Please share it to support my work 🫶

Feel free to reach out if you have any questions or need any help during your study journey.

Happy studying!!!

Exam Overview

Level	Foundational
Length	130 minutes
Cost	150 USD (Visit Exam Pricing Page for more information)
Format	65 multiple choice or multiple response questions
Delivery Method	Pearson VUE testing center or online proctored exam.
Passing Score	700/1000
Passing Percentage	70%

For more details about the exam, how to schedule the exam and what to expect before, during and after the exam, follows the link below to the exam details page.

Exam	Link
AWS Certified Cloud Practitioner Exam	Exam Details
AWS Certified Cloud Practitioner Exam Guide	Exam Guide

Exam Content Outline

Domain 1: Design Secure Architectures

Task Statement 1: Design secure access to AWS resources.

Knowledge of:

Access controls and management across multiple accounts
- AWS Organizations: https://docs.aws.amazon.com/organizations/index.html
- Consolidated Billing and Cost Allocation: https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/consolidated-billing.html
AWS federated access and identity services
- AWS Identity and Access Management (IAM): https://docs.aws.amazon.com/iam/index.html
- AWS Single Sign-On (AWS SSO): https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html
AWS global infrastructure
- AWS Global Infrastructure: https://aws.amazon.com/about-aws/global-infrastructure/
- AWS Regional Services List: https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/
AWS security best practices
- AWS Security Best Practices: https://aws.amazon.com/whitepapers/aws-security-best-practices/
- AWS Identity and Access Management (IAM) Best Practices: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html
The AWS shared responsibility model:
- [AWS Shared Responsibility Model: https://aws.amazon.com/compliance/shared-responsibility-model/

Task Statement 2: Design secure workloads and applications.

Knowledge of

Application configuration and credentials security:
- AWS Secrets Manager: https://docs.aws.amazon.com/secretsmanager/index.html
- AWS Systems Manager Parameter Store: https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-parameter-store.html
AWS service endpoints:
- AWS Service Endpoints: https://docs.aws.amazon.com/general/latest/gr/rande.html
Control ports, protocols, and network traffic on AWS:
- Security Group Rules: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html
- Network Access Control Lists (ACLs): https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html
Secure application access:
- AWS Identity and Access Management (IAM): https://docs.aws.amazon.com/iam/index.html
- AWS Web Application Firewall (WAF): https://docs.aws.amazon.com/waf/index.html
Security services with appropriate use cases:
- Amazon Cognito: https://docs.aws.amazon.com/cognito/index.html
- Amazon GuardDuty: https://docs.aws.amazon.com/guardduty/index.html
- Amazon Macie: https://docs.aws.amazon.com/macie/index.html
Threat vectors external to AWS:
- AWS Shield: https://docs.aws.amazon.com/waf/latest/developerguide/ddos-overview.html
- AWS WAF: https://docs.aws.amazon.com/waf/latest/developerguide/ddos.html

Task Statement 3: Determine appropriate data security controls

Data access and governance:
- AWS Identity and Access Management (IAM): https://docs.aws.amazon.com/iam/index.html
- AWS Organizations: https://docs.aws.amazon.com/organizations/index.html
Data recovery:
- AWS Backup: https://docs.aws.amazon.com/backup/index.html
- Amazon S3 Object Lifecycle Management: https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html
Data retention and classification:
- Amazon S3 Object Lock: https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock.html
- Amazon S3 Glacier: https://docs.aws.amazon.com/amazonglacier/latest/dev/introduction.html
Encryption and appropriate key management:
- AWS Key Management Service (KMS): https://docs.aws.amazon.com/kms/index.html
- Amazon S3 Server-Side Encryption: https://docs.aws.amazon.com/AmazonS3/latest/userguide/serv-side-encryption.html

Domain 2: Design Resilient Architectures

Task Statement 1: Design scalable and loosely coupled architectures.

API creation and management:
- Amazon API Gateway: https://docs.aws.amazon.com/apigateway/index.html
- AWS REST API: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-getting-started-with-rest-apis.html
AWS managed services with appropriate use cases:
- AWS Transfer Family: https://docs.aws.amazon.com/transfer/index.html
- Amazon Simple Queue Service (SQS): https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/welcome.html
- AWS Secrets Manager: https://docs.aws.amazon.com/secretsmanager/index.html
Caching strategies:
- Amazon ElastiCache: https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/WhatIs.html
Design principles for microservices:
- Building Microservices on AWS: https://aws.amazon.com/getting-started/hands-on/build-modern-app-fargate-lambda-dynamodb-python/
Event-driven architectures:
- AWS Event-Driven Architecture: https://aws.amazon.com/event-driven-architecture/
Horizontal scaling and vertical scaling:
- Autoscaling in AWS: https://docs.aws.amazon.com/autoscaling/index.html
Edge accelerators (CDN):
- Amazon CloudFront: https://docs.aws.amazon.com/cloudfront/index.html
Migration of applications into containers:
- AWS Containers: https://aws.amazon.com/containers/
Load balancing concepts:
- Application Load Balancer: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html
Multi-tier architectures:
- Building Multi-Tier Applications in AWS: https://aws.amazon.com/getting-started/hands-on/build-multitier-application/
Queuing and messaging concepts:
- Amazon Simple Notification Service (SNS): https://docs.aws.amazon.com/sns/index.html
- Amazon Simple Queue Service (SQS): https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/welcome.html
Serverless technologies and patterns:
- AWS Fargate: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS_Fargate.html
- AWS Lambda: https://docs.aws.amazon.com/lambda/index.html
Storage types with associated characteristics:
- Amazon S3: https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html
- Amazon EBS: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html
Orchestration of containers:
- Amazon Elastic Container Service (ECS): https://docs.aws.amazon.com/AmazonECS/latest/developerguide/Welcome.html
- Amazon Elastic Kubernetes Service (EKS): https://docs.aws.amazon.com/eks/index.html
Read replicas:
- Amazon RDS Read Replicas: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html
Workflow orchestration:
- AWS Step Functions: https://docs.aws.amazon.com/step-functions/latest/dg/welcome.html

Task Statement 2: Design highly available and/or fault-tolerant architectures

AWS global infrastructure:
- AWS Global Infrastructure: https://aws.amazon.com/about-aws/global-infrastructure/
- AWS Regions and Availability Zones: https://aws.amazon.com/about-aws/global-infrastructure/regions_az/
AWS managed services with appropriate use cases:
- Amazon Comprehend: https://docs.aws.amazon.com/comprehend/index.html
- Amazon Polly: https://docs.aws.amazon.com/polly/index.html
Basic networking concepts:
- Amazon VPC (Virtual Private Cloud): https://docs.aws.amazon.com/vpc/index.html
- Amazon Route 53: https://docs.aws.amazon.com/route53/index.html
Disaster recovery (DR) strategies:
- AWS Disaster Recovery: https://aws.amazon.com/disaster-recovery/
- AWS Backup: https://docs.aws.amazon.com/backup/index.html
Distributed design patterns:
- Architecting for the Cloud: AWS Best Practices: https://d1.awsstatic.com/whitepapers/AWS_Cloud_Best_Practices.pdf
Failover strategies:
- Architecting for the Cloud: AWS Best Practices: https://d1.awsstatic.com/whitepapers/AWS_Cloud_Best_Practices.pdf
Immutable infrastructure:
- Infrastructure as Code: https://aws.amazon.com/devops/infrastructure-as-code/
Load balancing concepts:
- Application Load Balancer: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html
Proxy concepts:
- Amazon RDS Proxy: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-proxy.html
Service quotas and throttling:
- AWS Service Quotas: https://docs.aws.amazon.com/servicequotas/index.html
Storage options and characteristics:
- Amazon S3: https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html
- Amazon EBS: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html
Workload visibility:
- AWS X-Ray: https://docs.aws.amazon.com/xray/index.html

Domain 3: Design High-Performing Architectures

Task Statement 1: Determine high-performing and/or scalable storage solutions

Hybrid storage solutions to meet business requirements:
- AWS Storage Gateway: https://docs.aws.amazon.com/storagegateway/index.html
Storage services with appropriate use cases:
- Amazon S3: https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html
- Amazon Elastic File System (EFS): https://docs.aws.amazon.com/efs/index.html
- Amazon Elastic Block Store (EBS): https://docs.aws.amazon.com/ebs/index.html
Storage types with associated characteristics:
- Amazon S3: https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html
- Amazon EFS: https://docs.aws.amazon.com/efs/index.html
- Amazon EBS: https://docs.aws.amazon.com/ebs/index.html

Task Statement 2: Design high-performing and elastic compute solutions

AWS compute services with appropriate use cases:
- AWS Batch: https://docs.aws.amazon.com/batch/index.html
- Amazon EMR (Elastic MapReduce): https://docs.aws.amazon.com/emr/index.html
- AWS Fargate: https://aws.amazon.com/fargate/
Distributed computing concepts supported by AWS global infrastructure and edge services:
- AWS Global Infrastructure: https://aws.amazon.com/about-aws/global-infrastructure/
- Amazon CloudFront (Content Delivery Network): https://docs.aws.amazon.com/cloudfront/index.html
Queuing and messaging concepts:
- Amazon Simple Notification Service (SNS): https://docs.aws.amazon.com/sns/index.html
- Amazon Simple Queue Service (SQS): https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/welcome.html
Scalability capabilities with appropriate use cases:
- Amazon EC2 Auto Scaling: https://docs.aws.amazon.com/autoscaling/ec2/index.html
- AWS Auto Scaling: https://docs.aws.amazon.com/autoscaling/index.html
Serverless technologies and patterns:
- AWS Lambda: https://docs.aws.amazon.com/lambda/index.html
- AWS Fargate: https://aws.amazon.com/fargate/
The orchestration of containers:
- Amazon Elastic Container Service (ECS): https://docs.aws.amazon.com/AmazonECS/latest/developerguide/Welcome.html
- Amazon Elastic Kubernetes Service (EKS): https://docs.aws.amazon.com/eks/index.html

Task Statement 3: Determine high-performing database solutions.

AWS global infrastructure (Availability Zones, AWS Regions):
- AWS Global Infrastructure: https://aws.amazon.com/about-aws/global-infrastructure/
- AWS Regional Services List: https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/
Caching strategies and services (Amazon ElastiCache):
- Amazon ElastiCache: https://docs.aws.amazon.com/AmazonElastiCache/index.html
Data access patterns (read-intensive compared with write-intensive):
- Amazon DynamoDB: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Introduction.html
Database capacity planning (capacity units, instance types, Provisioned IOPS):
- Amazon RDS (Relational Database Service): https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html
Database connections and proxies:
- Managing Connections with Amazon RDS Proxy: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-proxy.html
Database engines with appropriate use cases (heterogeneous migrations, homogeneous migrations):
- AWS Database Migration Service: https://docs.aws.amazon.com/dms/index.html
Database replication (read replicas):
- Amazon RDS Read Replicas: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html
Database types and services (serverless, relational compared with non-relational, in-memory):
- Amazon Aurora: https://aws.amazon.com/rds/aurora/
- Amazon DynamoDB: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Introduction.html

Task Statement 4: Determine high-performing and/or scalable network architectures

Edge networking services with appropriate use cases:
- Amazon CloudFront: https://docs.aws.amazon.com/cloudfront/index.html
- AWS Global Accelerator: https://docs.aws.amazon.com/global-accelerator/index.html
How to design network architecture (subnet tiers, routing, IP addressing):
- Amazon Virtual Private Cloud (VPC): https://docs.aws.amazon.com/vpc/index.html
- VPC Networking: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Networking.html
Load balancing concepts:
- Application Load Balancer: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html
Network connection options:
- AWS VPN (Virtual Private Network): https://docs.aws.amazon.com/vpn/index.html
- AWS Direct Connect: https://docs.aws.amazon.com/directconnect/index.html
- AWS PrivateLink: https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-services-overview.html

Task Statement 5: Determine high-performing data ingestion and transformation solutions

Data analytics and visualization services with appropriate use cases:
- Amazon Athena: https://docs.aws.amazon.com/athena/index.html
- AWS Lake Formation: https://docs.aws.amazon.com/lake-formation/index.html
- Amazon QuickSight: https://docs.aws.amazon.com/quicksight/index.html
Data ingestion patterns (frequency):
- AWS DataSync: https://docs.aws.amazon.com/datasync/index.html
- AWS Storage Gateway: https://docs.aws.amazon.com/storagegateway/index.html
Data transfer services with appropriate use cases:
- AWS DataSync: https://docs.aws.amazon.com/datasync/index.html
- AWS Storage Gateway: https://docs.aws.amazon.com/storagegateway/index.html
Data transformation services with appropriate use cases:
- AWS Glue: https://docs.aws.amazon.com/glue/index.html
Secure access to ingestion access points:
- AWS Security: https://aws.amazon.com/security/
Sizes and speeds needed to meet business requirements:
- AWS Data Transfer: https://aws.amazon.com/data-transfer/
Streaming data services with appropriate use cases:
- Amazon Kinesis: https://docs.aws.amazon.com/kinesis/index.html

Domain 4: Design Cost-Optimized Architectures

Additional resources

Below follows the list of additional resources that you can use in your study.

Resource
Udemy - Ultimate AWS Certified Solutions Architect Associate SAA-C03
Udemy - AWS Certified Solutions Architect Associate Practice Exams
Pluralsight - AWS Certified Solutions Architect - Associate (SAA-C03)

Best of Luck and share your results with the community once you get certified! 😊💪

🫶 ##Please share it to support my work## 🫶

Contents