AWS Certified Solutions Architect - Associate (SAA-C03) #1 Exam Introduction — Exam Structure and Study Roadmap
If the 27-post AWS Basics track had you running infrastructure directly in the console and CLI, and Cloud Practitioner (CLF-C02) organized the big picture and vocabulary of AWS, the next step is raising that knowledge to the level of “can you design it?”. AWS certifications come in four tiers — Foundational, Associate, Professional, and Specialty — and the exam most people set as their first target is the AWS Certified Solutions Architect - Associate (SAA-C03).
This post is the starting point of the series. Before you sit down to take the exam, you need a picture in your head — what the exam asks, how it asks it, how it differs from CLF-C02, and how to prepare so you clear 720 points within 130 minutes.
What kind of certification is SAA-C03 #
SAA-C03 tests whether you can take a set of requirements and design an appropriate architecture on AWS. Where Cloud Practitioner asked “what does this service do,” Solutions Architect Associate goes one step deeper and asks “within the given constraints, which services do you combine and how?”
Essentially, every question on the exam is a variation of a single question.
“Given these requirements (availability, performance, security, cost), what is the most appropriate AWS design?”
That’s why rote memorization won’t move your score. Even for the same service, you need to distinguish — on a tradeoff basis — when RDS Multi-AZ is the right answer versus when a Read Replica is, and when S3 is right versus when EFS is. Someone who passes this exam is someone who can use the five pillars of the AWS Well-Architected Framework (Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization) as an actual yardstick for design decisions.
Who gets value from it #
| Role | Why |
|---|---|
| Backend / full-stack developers | Design “where and how to deploy” your own applications yourself — no longer dependent on an infrastructure team |
| Infrastructure / DevOps engineers | Gain a formal basis for design decisions. The most in-demand practical certification |
| Data / ML engineers | Understand storage, network, and cost structures and apply them to pipeline design |
| Job seekers / new grads | The most recognized Associate certification on cloud-role résumés |
SAA-C03 is the most widely taken and recognized exam among AWS certifications. When a job posting says “AWS certification preferred,” it generally means this one.
How it differs from CLF-C02 #
If you’ve already been through the CLF-C02 series, noting how the two exams differ in character helps set your study direction.
| Item | CLF-C02 (Cloud Practitioner) | SAA-C03 (Solutions Architect Associate) |
|---|---|---|
| Level | Foundational | Associate |
| What it asks | What a service is, the value of the cloud | Choosing a design that fits requirements |
| Question character | Definitions and classification | Scenario-based tradeoffs |
| Questions / time | 65 questions / 90 minutes | 65 questions / 130 minutes |
| Passing score | 700 / 1000 | 720 / 1000 |
| Exam fee | 100 USD | 150 USD |
| Recommended experience | 6 months of exposure | 1 year of design experience |
The biggest difference is the length and depth of the questions. Where a CLF-C02 question is a one- or two-line definition, an SAA-C03 question gives you a full paragraph of situation and asks you to pick the “most appropriate” option from four or five plausible designs. In most cases all the options would work, but only one is optimal given the cost, availability, and operational constraints.
Exam structure #
The format of SAA-C03 is as follows.
- Number of questions: 65 (50 scored + 15 unscored)
- Exam time: 130 minutes
- Passing score: 720 / 1000 (scaled score)
- Exam fee: 150 USD
- Question formats: multiple choice (1 correct answer out of 4) + multiple response (2 or more correct answers out of 5+)
- Validity: 3 years
- Delivery: test center or online proctored (OnVUE)
- Languages: offered in multiple languages, including Korean
The 15 unscored questions are ones AWS includes to validate future exam content; they don’t count toward your score. You can’t tell which questions are unscored, so answer all of them the same way. With 50 scored questions, a score of 720 means the passing line sits at roughly 70% correct.
The four domains #
SAA-C03 is split into four domains, weighted as follows. These weights double as your guide for allocating study time.
| Domain | Weight | Core question |
|---|---|---|
| Domain 1. Design Secure Architectures | 30% | Who gets access to what? How do you protect the data? |
| Domain 2. Design Resilient Architectures | 26% | How do you keep the service running through a failure? |
| Domain 3. Design High-Performing Architectures | 24% | How do you stay fast as load grows? |
| Domain 4. Design Cost-Optimized Architectures | 20% | How do you get the same result for less? |
Security is the largest domain at 30%. IAM, KMS, VPC security, and Cognito show up repeatedly throughout the exam, so building Domain 1 most solidly is the efficient move. This series assigns four posts — #2 through #5 — to Domain 1 accordingly.
The four domains map essentially 1:1 onto the pillars of the Well-Architected Framework: Security pillar → Domain 1, Reliability pillar → Domain 2, Performance Efficiency pillar → Domain 3, Cost Optimization pillar → Domain 4. The Operational Excellence pillar isn’t broken out as a separate domain, but it’s woven into the questions across all of them.
Exam format — how to read a scenario question #
SAA-C03 questions generally follow this structure.
- Situation — “A company runs an application that…”
- Constraints — “while maximizing availability and minimizing operational burden”
- Question — “Which of the following is the most appropriate solution that meets the requirements?”
What separates a right answer from a wrong one here is the keywords in the constraints. For the same situation, the correct answer changes depending on whether the condition is “minimize cost,” “minimize operational burden,” or “minimize latency.” For example, if the condition is “least operational overhead,” an answer based on a managed service (Lambda, Fargate, Aurora Serverless, etc.) is more likely correct than one based on self-managed EC2.
When reading a question, the habit of reading the constraints and the question stem before the situation, then using those criteria to filter the options, saves a great deal of time.
Study strategy #
This series is designed on the following premises.
- Layer design vocabulary on top of hands-on intuition. If you’ve worked with the services directly through the 27-post AWS Basics track, the exam is the process of organizing that experience into “selection criteria.” Without hands-on experience, it’s hard to grasp the context of the questions from the exam alone, so I recommend doing the hands-on track in parallel.
- It assumes the vocabulary of CLF-C02. The shared responsibility model, Well-Architected, and basic service classifications covered in the CLF-C02 series carry straight over into SAA. This series adds depth on top of that.
- Allocate time according to domain weights. Spending the most time on Security (30%) and the least on Cost (20%) gives the best score efficiency.
- Concentrate mock exams in the back half. After finishing the domain study (#2–#14), wrap up with exam tips (#15) and a mock exam (#16). The mock exam isn’t for checking knowledge — it’s a tool for practicing time allocation and spotting traps.
65 questions in 130 minutes works out to about 2 minutes per question on average. Because the scenarios are long, you have less time per question than in CLF, so the discipline of flagging uncertain questions (Mark for Review), moving on, and returning at the end matters.
Testing environment — test center vs. OnVUE #
You can choose between a test center and online proctoring (OnVUE). The test center is a controlled environment that favors focus; OnVUE lets you take the exam from home but has strict requirements around desk clearing, ID verification, and proctoring. For a first attempt, the test center is recommended to eliminate variables. If you choose OnVUE, complete the system check well ahead of time.
Common mistakes #
1) Judging every option only by “does it work?” #
Most options in an SAA question do work. The point isn’t “does it work?” but “does it best fit the constraints?” If you filter only by feasibility, you’ll be left with two or three valid options and no clear way to choose.
2) Skimming past the keywords in the constraints #
Phrases like “most cost-effective,” “least operational overhead,” and “highest availability” decide the answer. If you focus on the situation and miss the constraint in the last line, you’ll pick the wrong option.
3) Memorizing service names without the tradeoffs #
Memorizing at the level of “DynamoDB is NoSQL” won’t get you past SAA. You need to be able to explain what requirements DynamoDB is better suited to versus RDS, and where the line between them falls.
4) Missing the answer count on multiple-response questions #
Missing the “Choose TWO” or “Choose THREE” instruction and selecting only one is an automatic wrong answer. Make a habit of always checking the answer-count requirement on the last line of every question.
Wrap-up #
What this post locked in:
- SAA-C03 verifies the ability to design AWS architectures that fit requirements — an Associate certification. The most-taken and most widely recognized
- 65 questions / 130 minutes / 720 points / 150 USD / valid 3 years. With 15 unscored questions included, the passing line is roughly 70% correct on the 50 scored questions
- Four domains — Security (30%) , Resilience (26%) , High Performance (24%) , Cost (20%). Mapped to the Well-Architected pillars
- Difference from CLF — moving from definitions and classification to scenario-based tradeoff selection. Questions are longer and deeper
- Study strategy — layer a design perspective on top of the hands-on track and CLF vocabulary. Allocate time by domain weight. Concentrate mock exams in the back half
- Traps — judging only by “does it work?”, skimming past constraint keywords, memorizing without tradeoffs, missing the answer count on multiple-response questions
Next — Domain 1-1 IAM in Depth #
The exam structure is in place. Now into the first topic of the highest-weighted security domain.
#2 Domain 1-1 Secure Architectures — IAM in Depth covers the relationship between IAM User, Group, Role, and Policy; the difference between trust policies and permission policies; temporary credentials and role delegation (AssumeRole) via STS; and the cross-account access and least-privilege design that show up often on the exam.