IntermediateExam Strategy 9 min read

How to Pass the AWS Solutions Architect Associate (SAA-C03)

Master the SAA-C03 with real CLI labs, domain breakdowns, and proven study tactics.

The AWS Solutions Architect Associate (SAA-C03) exam is one of the most sought-after cloud certifications. It validates your ability to design distributed systems on AWS using best practices around compute, storage, networking, and security. This guide walks you through a structured approach: from understanding the exam domains (Design Resilient Architectures, Perform Resilient Storage, etc.) to hands-on practice with real AWS CLI commands, CloudFormation templates, and cost optimization scenarios. You'll learn how to map services like EC2, S3, RDS, and VPC to exam questions, and how to avoid common pitfalls. Whether you're a sysadmin or a developer, these steps will help you pass with confidence.

1

Understand the Exam Blueprint and Domains

The SAA-C03 exam has four domains: Design Resilient Architectures (30%), Design High-Performing Architectures (28%), Design Secure Applications (24%), and Design Cost-Optimized Architectures (18%). You need a score of 720 out of 1000 to pass. There are 65 multiple-choice questions, and you have 130 minutes. Focus on the highest-weighted domain first. Download the official exam guide from AWS and create a checklist of services mentioned in each domain.

AWS CLI
aws s3 cp s3://aws-exam-guides/saa-c03-guide.pdf ./saa-c03-guide.pdf

Print the exam blueprint and check off each service as you study. This keeps you accountable.

Don't skip the 'Design Cost-Optimized Architectures' domain — it's the smallest but often has tricky questions about Savings Plans vs Reserved Instances.

2

Build a Hands-On Lab Environment with AWS CLI

Theory alone won't cut it. Create a free AWS account and use the AWS CLI to provision resources. Practice launching EC2 instances in different AZs, creating VPCs with public/private subnets, and attaching IAM roles. Use the CLI to simulate real-world scenarios like setting up an Application Load Balancer with auto scaling. This muscle memory will help you answer scenario-based questions faster.

AWS CLI
aws ec2 run-instances --image-id ami-0abcdef1234567890 --instance-type t3.micro --key-name MyKeyPair --security-group-ids sg-12345678 --subnet-id subnet-12345678 --associate-public-ip-address

Use the `--dry-run` flag to validate commands without actually creating resources — saves time and avoids costs.

Always terminate resources after labs to avoid unexpected charges. Set a budget alert in AWS Billing.

3

Master Networking: VPC, Subnets, and Security Groups

VPC design is a core exam topic. Understand how to create a VPC with CIDR blocks, public/private subnets, route tables, NAT gateways, and Internet Gateways. Know the difference between Security Groups (stateful) and Network ACLs (stateless). Practice launching an EC2 instance in a private subnet and connecting it to the internet via a NAT Gateway. Use the AWS CLI to inspect routes and test connectivity.

AWS CLI
aws ec2 describe-route-tables --filters Name=vpc-id,Values=vpc-12345678
aws ec2 describe-security-groups --group-ids sg-12345678

Memorize the default VPC CIDR (172.31.0.0/16) and know that Security Groups allow all outbound traffic by default.

A common exam trap: Network ACLs are stateless, so you must explicitly allow both inbound and outbound traffic for ephemeral ports.

4

Practice with S3 Storage Classes and Lifecycle Policies

S3 is heavily tested. Know the six storage classes: S3 Standard, Intelligent-Tiering, Standard-IA, One Zone-IA, Glacier, and Glacier Deep Archive. Understand lifecycle policies to transition objects between classes. Use the AWS CLI to set up a bucket with versioning, encryption (SSE-S3, SSE-KMS), and a lifecycle rule that moves objects to Glacier after 30 days.

AWS CLI
aws s3api put-bucket-lifecycle-configuration --bucket my-bucket --lifecycle-configuration '{"Rules":[{"ID":"MoveToGlacier","Status":"Enabled","Filter":{"Prefix":""},"Transitions":[{"Days":30,"StorageClass":"GLACIER"}]}]}'

Remember that S3 Standard-IA has a minimum storage duration charge of 30 days — useful for cost optimization questions.

If you enable versioning, lifecycle policies apply to both current and noncurrent versions. Test with a small bucket first.

5

Simulate Exam Scenarios with CloudFormation

CloudFormation is Infrastructure as Code (IaC) and appears in many exam questions. Write a simple template that creates an EC2 instance with an IAM role and a Security Group. Use the AWS CLI to deploy and update stacks. Understand the difference between `CREATE_FAILED` and `UPDATE_ROLLBACK` states. Practice reading template outputs and troubleshooting stack events.

AWS CLI
aws cloudformation create-stack --stack-name MyWebApp --template-body file://ec2-with-iam.yaml --parameters ParameterKey=InstanceType,ParameterValue=t3.micro

Use the AWS CloudFormation Designer to visualize templates — it helps spot misconfigurations.

Always delete stacks after labs: `aws cloudformation delete-stack --stack-name MyWebApp`. Leftover resources can incur costs.

6

Take Practice Exams and Review Wrong Answers

Practice exams are critical. Use reputable providers like Tutorials Dojo, Whizlabs, or AWS's official practice exam. Aim for a score of 85% or higher before scheduling the real exam. For every wrong answer, write down why the correct answer is right and why the others are wrong. Focus on services like RDS Multi-AZ, ElastiCache, Route 53 routing policies, and CloudFront origins.

AWS CLI
aws route53 list-hosted-zones
aws rds describe-db-instances --query 'DBInstances[*].[DBInstanceIdentifier,MultiAZ]' --output table

Use the 'Review Mode' in practice exams to see explanations immediately — it reinforces learning.

Don't memorize answers. The exam rephrases scenarios. Understand the underlying concepts.

7

Final Review: Time Management and Exam Day Tips

On exam day, you have 130 minutes for 65 questions — about 2 minutes per question. Flag difficult questions and return to them. Use the 'eliminate obviously wrong answers' technique. Know your AWS Free Tier limits to avoid surprises. Get a good night's sleep and have your ID ready. The exam is available online via Pearson VUE or at test centers. Read each question twice — look for keywords like 'most cost-effective', 'highly available', or 'fault tolerant'.

AWS CLI
aws sts get-caller-identity
aws iam get-user

During the exam, use the whiteboard feature to sketch VPC designs or calculate CIDR ranges.

Don't change answers unless you're sure — first instinct is often correct. Review only flagged questions.

Key tips

  • Use the AWS Well-Architected Framework whitepaper as a study guide — it aligns directly with exam domains.

  • Set up a daily study routine: 30 minutes of theory + 30 minutes of hands-on CLI labs. Consistency beats cramming.

  • Join the AWS Discord or Reddit communities (r/AWSCertifications) for real exam feedback and study group support.

  • Create flashcards for key service limits: S3 bucket size (unlimited), VPC CIDR (/16 to /28), and EC2 instance types.

  • Take a full-length practice exam every weekend for the last month before your exam date. Track your progress.

  • Use the AWS Pricing Calculator to estimate costs for scenarios — this helps with cost optimization questions.

Frequently asked questions

What is the passing score for the AWS SAA-C03 exam?

The passing score is 720 out of 1000. The exam consists of 65 multiple-choice and multiple-response questions, and you have 130 minutes to complete it. Scores are scaled, so focus on understanding concepts rather than memorizing exact numbers.

How long should I study for the AWS Solutions Architect Associate exam?

Most IT professionals need 2-3 months of consistent study (10-15 hours per week). If you have prior AWS experience, you might need 4-6 weeks. Hands-on labs and practice exams are essential — don't rely solely on video courses.

What are the most important services to know for the exam?

Focus on EC2, S3, VPC, RDS, Route 53, CloudFront, IAM, Lambda, and Auto Scaling. Understand how they interact in a multi-tier architecture. Also know the differences between storage classes, database types, and load balancer types.

Is the AWS CLI required for the exam?

The exam does not test CLI commands directly, but knowing the CLI helps you understand how services work under the hood. Many scenario-based questions are easier to answer if you've actually used the CLI to create resources.

Can I retake the exam if I fail?

Yes, you can retake the exam after 14 days. There is no limit on the number of attempts, but you must pay the full exam fee each time. Use your score report to identify weak domains and focus your studies there before retaking.

Practice with real exam questions

Apply what you just learned with exam-style practice questions.

Related guides