AWS Certification Exam Mapping
This page maps the 20 bootcamp modules to the four domains of the AWS Certified Solutions Architect – Associate (SAA-C03) exam.
Exam Overview
| Aspect | Details |
|---|---|
| Exam code | SAA-C03 |
| Format | Multiple choice and multiple response |
| Questions | 65 (50 scored + 15 unscored) |
| Duration | 130 minutes |
| Passing score | 720 out of 1,000 |
| Cost | $150 USD |
| Validity | 3 years |
Domain Weights
| Domain | Weight | Focus |
|---|---|---|
| Domain 1: Design Secure Architectures | 30% | IAM, encryption, VPC security, data protection, compliance |
| Domain 2: Design Resilient Architectures | 26% | Multi-AZ, disaster recovery, decoupling, Auto Scaling, replication |
| Domain 3: Design High-Performing Architectures | 24% | Compute selection, storage optimization, database choice, caching, networking |
| Domain 4: Design Cost-Optimized Architectures | 20% | Pricing models, storage classes, right-sizing, cost management tools |
Module-to-Domain Mapping
Domain 1: Design Secure Architectures (30%)
This is the highest-weighted domain. It tests your ability to design secure access, secure application tiers, and appropriate data security controls.
| Module | Topics Covered for This Domain |
|---|---|
| 02, IAM and Security | IAM users, groups, roles, policies, policy evaluation logic, MFA, least privilege |
| 03, Networking Basics | VPC, security groups, NACLs, public vs. private subnets, route tables |
| 05, Storage: S3 | S3 bucket policies, ACLs, encryption (SSE-S3, SSE-KMS, SSE-C), access points |
| 06, Databases | RDS encryption at rest, DynamoDB encryption, IAM database authentication |
| 13, Security in Depth | KMS, Secrets Manager, WAF, Shield, CloudTrail, GuardDuty, Config, Security Hub |
| 17, Well-Architected Framework | Security pillar design principles |
Domain 2: Design Resilient Architectures (26%)
This domain tests your ability to design multi-tier architectures, highly available systems, and decoupled architectures.
| Module | Topics Covered for This Domain |
|---|---|
| 03, Networking Basics | Multi-AZ VPC design, NAT gateways, redundant networking |
| 04, Compute: EC2 | Auto Scaling groups, launch templates, health checks, placement groups |
| 06, Databases | RDS Multi-AZ, read replicas, Aurora, DynamoDB global tables |
| 07, Load Balancing and DNS | ALB/NLB, target groups, health checks, Route 53 routing policies, failover |
| 08, Messaging and Integration | SQS, SNS, EventBridge, decoupling patterns, dead-letter queues |
| 16, Reliability and DR | RTO/RPO, backup and restore, pilot light, warm standby, active-active |
| 17, Well-Architected Framework | Reliability pillar design principles |
Domain 3: Design High-Performing Architectures (24%)
This domain tests your ability to select the right compute, storage, database, and networking solutions for a workload.
| Module | Topics Covered for This Domain |
|---|---|
| 04, Compute: EC2 | Instance types, EBS volume types, instance store, placement groups |
| 05, Storage: S3 | Storage classes, S3 Transfer Acceleration, multipart upload |
| 06, Databases | RDS vs. DynamoDB selection, read replicas for read scaling, DAX, ElastiCache |
| 07, Load Balancing and DNS | ALB vs. NLB selection, CloudFront, Route 53 latency-based routing |
| 09, Serverless: Lambda | Lambda concurrency, cold starts, provisioned concurrency, API Gateway caching |
| 10, Containers: ECS | Fargate vs. EC2 launch type, ECS service auto scaling |
| 18, Architecture Patterns | Microservices, event-driven, CQRS, caching patterns |
| 19, Advanced Topics | CloudFront, ElastiCache, Step Functions, Athena |
Domain 4: Design Cost-Optimized Architectures (20%)
This domain tests your ability to select cost-effective compute, storage, and database services.
| Module | Topics Covered for This Domain |
|---|---|
| 04, Compute: EC2 | On-Demand, Reserved Instances, Savings Plans, Spot Instances |
| 05, Storage: S3 | Storage class tiers, lifecycle policies, Intelligent-Tiering |
| 09, Serverless: Lambda | Pay-per-invocation pricing, right-sizing memory |
| 10, Containers: ECS | Fargate pricing vs. EC2, Spot for ECS |
| 15, Cost Optimization | Cost Explorer, Budgets, Compute Optimizer, right-sizing, tagging strategies |
| 17, Well-Architected Framework | Cost Optimization pillar design principles |
Preparation Tips
-
Focus on Domain 1 first. At 30%, security is the highest-weighted domain. Make sure you deeply understand IAM policies, encryption with KMS, VPC security groups vs. NACLs, and the Shared Responsibility Model.
-
Practice scenario-based questions. The exam presents real-world scenarios and asks you to choose the best architecture. The phase exams in this bootcamp use a similar format.
-
Know the "why," not just the "what." The exam tests whether you can select the right service for a given set of requirements, not whether you can recite service features.
-
Use official practice questions. AWS offers a free official practice question set for SAA-C03 on AWS Skill Builder.
-
Review the Well-Architected Framework. Module 17 covers this in depth. The exam frequently asks you to evaluate architectures against the six pillars.
Additional Certification Resources
- AWS Certified Solutions Architect – Associate, Official certification page
- SAA-C03 Exam Guide, Official exam guide PDF with detailed domain descriptions
- AWS Skill Builder, Free digital courses, learning plans, and exam prep
- AWS Well-Architected Framework, Essential reading for all four domains
AWS Bootcamp: From Novice to Architect Author: Samuel Ogunti License: CC BY-NC 4.0