Question 604 of 1,040
Design Resilient ArchitecturesmediumMultiple SelectObjective-mapped

SQS Resilience: Idempotency and Dead-Letter Queue for Duplicates and Poison Messages

This SAA-C03 practice question tests your understanding of design resilient architectures. Read the scenario carefully and evaluate each option against the stated constraints before committing to an answer. After answering, compare your reasoning against the explanation and wrong-answer breakdown below. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.

An order-processing worker consumes messages from Amazon SQS. Occasionally, the worker times out after successfully creating a payment record but before deleting the message, which causes duplicate charges during retries. Some messages also fail validation repeatedly because required fields are missing. Which two changes should the team make? Select two.

Answer choices

Why each option matters

Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.

Correct answer & explanation

Make the payment step idempotent using a unique transaction identifier.

Option A is correct because making the payment step idempotent using a unique transaction identifier ensures that if the same message is processed multiple times due to a timeout, the payment is only charged once. This is a common pattern for handling at-least-once delivery semantics in Amazon SQS, where the worker must be designed to handle duplicate messages safely.

Key principle: Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.

Answer analysis

Option-by-option breakdown

For each option: why learners choose it and why it is or isn't the right answer here.

  • Make the payment step idempotent using a unique transaction identifier.

    Why this is correct

    Correct. SQS provides at-least-once delivery, so the same message can be processed more than once if the worker times out, retries, or crashes after partially completing the work. An idempotency key lets the application recognize that the payment was already created and prevents duplicate charges.

    Related concept

    Read the scenario before looking for a memorised answer.

  • Configure an SQS dead-letter queue with a redrive policy.

    Why this is correct

    Correct. Messages that fail validation repeatedly should not remain on the main queue forever, because they waste worker capacity and keep failing with the same error. A dead-letter queue isolates these poison messages after a configured number of receives so the team can inspect and remediate them separately.

    Related concept

    Read the scenario before looking for a memorised answer.

  • Reduce the visibility timeout so failed messages return to the queue faster.

    Why it's wrong here

    Incorrect. Reducing visibility timeout speeds up redelivery, but it does not prevent duplicate business actions and can actually increase replay pressure. The core problem is that the payment operation must tolerate retries, and poison messages need a separate failure path.

  • Run only one long-lived worker instance so the queue can never be processed twice.

    Why it's wrong here

    Incorrect. A single worker reduces availability and still does not guarantee exactly-once processing, because SQS can redeliver messages after a timeout or failure. This approach makes the system less resilient and creates a single point of failure.

  • Switch from a standard queue to a FIFO queue and remove all other changes.

    Why it's wrong here

    Incorrect. FIFO queues help preserve order within a message group, but they do not remove the need for idempotent processing if the consumer times out after a partial success. They also do not replace the need for a dead-letter queue for messages that will never validate successfully.

Common exam traps

Common exam trap: answer the scenario, not the keyword

The trap here is that candidates often think reducing the visibility timeout will speed up recovery, but it actually increases the chance of duplicate processing, and they may also overlook that a FIFO queue alone does not fix the worker's failure to delete the message after processing.

Detailed technical explanation

How to think about this question

Amazon SQS standard queues offer at-least-once delivery, meaning a message can be delivered more than once. The visibility timeout is the period during which a message is hidden from other consumers after being received; if the worker does not delete the message within that timeout, it becomes visible again and can be reprocessed. A dead-letter queue (DLQ) with a redrive policy allows messages that repeatedly fail processing (e.g., due to validation errors) to be moved to a separate queue for manual inspection or automated remediation, preventing them from blocking the main queue.

KKey Concepts to Remember

  • Read the scenario before looking for a memorised answer.
  • Find the constraint that changes the correct option.
  • Eliminate answers that are true in general but not in this case.

TExam Day Tips

  • Watch for words such as best, first, most likely and least administrative effort.
  • Review why wrong options are wrong, not only why the correct option is correct.

Key takeaway

Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.

Real-world example

How this comes up in practice

A cloud solutions architect for a retail company is evaluating services for a new workload. The correct answer here reflects best practice for the specific scenario described — not a general cloud recommendation. Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option. Cloud exam questions reward reading the constraint carefully: the same technology can be right or wrong depending on the use case.

What to study next

Got this wrong? Here's your next step.

Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.

Related practice questions

Related SAA-C03 practice-question pages

Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.

Practice this exam

Start a free SAA-C03 practice session

Short sessions build daily habit. Longer sessions build exam-day stamina. Try a timed session to simulate real conditions.

FAQ

Questions learners often ask

What does this SAA-C03 question test?

Design Resilient Architectures — This question tests Design Resilient Architectures — Read the scenario before looking for a memorised answer..

What is the correct answer to this question?

The correct answer is: Make the payment step idempotent using a unique transaction identifier. — Option A is correct because making the payment step idempotent using a unique transaction identifier ensures that if the same message is processed multiple times due to a timeout, the payment is only charged once. This is a common pattern for handling at-least-once delivery semantics in Amazon SQS, where the worker must be designed to handle duplicate messages safely.

What should I do if I get this SAA-C03 question wrong?

Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.

What is the key concept behind this question?

Read the scenario before looking for a memorised answer.

About these practice questions

Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →

How Courseiva writes practice questions · Editorial policy

Same concept, more angles

2 more ways this is tested on SAA-C03

These questions test the same concept from different angles. Work through them to make sure you can recognise it however the exam phrases it.

Variation 1. An order-processing service consumes messages from an Amazon SQS Standard queue using a custom worker. During traffic spikes, the worker occasionally times out after performing some work but before acknowledging the message, so SQS redelivers it and it may be processed again. You also observe that a small set of “poison” messages always fail validation. What change most directly improves resilience by (1) preventing poison messages from retrying indefinitely and (2) avoiding duplicate side effects caused by legitimate retries?

medium
  • A.Increase the SQS visibility timeout and, when validation fails, call DeleteMessage in the consumer to remove the message immediately.
  • B.Move to SNS topics with subscriptions and rely on SNS to provide exactly-once delivery to eliminate duplicates automatically.
  • C.Configure a dead-letter queue (DLQ) with a redrive policy that moves messages after maxReceiveCount, and implement idempotent processing in the consumer using an idempotency key.
  • D.Change the queue to FIFO and enable content-based deduplication, leaving the consumer logic unchanged.

Why C: Option C is correct because a dead-letter queue (DLQ) with a maxReceiveCount redrive policy directly addresses the poison message problem by moving messages that repeatedly fail validation out of the main queue after a set number of retries, preventing indefinite retries. Implementing idempotent processing using an idempotency key ensures that even if a legitimate message is redelivered due to a visibility timeout, the consumer can detect and skip duplicate side effects, thus solving both requirements most directly.

Variation 2. A payment worker consumes messages from an Amazon SQS queue. Sometimes the worker finishes the payment creation, but a timeout prevents message deletion and the same payment request is delivered again. Which two design changes best reduce the risk of duplicate charges and keep bad messages from looping forever? Select two.

medium
  • A.Make the payment operation idempotent by storing a unique request identifier before charging.
  • B.Reduce the visibility timeout so retries happen sooner after each timeout.
  • C.Move the queue to Amazon SNS so each message is delivered only once.
  • D.Increase the message retention period so failed payments stay available longer.
  • E.Configure a dead-letter queue with a redrive policy for messages that exceed the max receive count.

Why A: Option A is correct because making the payment operation idempotent ensures that even if the same message is processed multiple times due to a timeout, the payment is only charged once. This is typically achieved by storing a unique request identifier (e.g., a UUID or idempotency key) in a database or cache before processing; subsequent duplicate requests with the same identifier are detected and ignored, preventing duplicate charges.

Keep practising

More SAA-C03 practice questions

Last reviewed: Jun 11, 2026

Question Discussion

Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.

Loading comments…

Sign in to join the discussion.

This SAA-C03 practice question is part of Courseiva's free Amazon Web Services certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the SAA-C03 exam.