1. Home
  2. Amazon
  3. SAA-C03

Amazon SAA-C03 Online Practice Questions and Exam Preparation

SAA-C03 Exam Details

  • Exam Code
    :SAA-C03
  • Exam Name
    :AWS Certified Solutions Architect - Associate (SAA-C03)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :1524 Q&As
  • Last Updated
    :Jun 01, 2026

Amazon SAA-C03 Online Questions & Answers

  • Question 531:

    A company wants to run its experimental workloads in the AWS Cloud. The company has a budget for cloud spending. The company's CFO is concerned about cloud spending accountability for each department. The CFO wants to receive notification when the spending threshold reaches 60% of the budget.

    Which solution will meet these requirements?

    A. Use cost allocation tags on AWS resources to label owners. Create usage budgets in AWS Budgets. Add an alert threshold to receive notification when spending exceeds 60% of the budget.
    B. Use AWS Cost Explorer forecasts to determine resource owners. Use AWS Cost Anomaly Detection to create alert threshold notifications when spending exceeds 60% of the budget.
    C. Use cost allocation tags on AWS resources to label owners. Use AWS Support API on AWS Trusted Advisor to create alert threshold notifications when spending exceeds 60% of the budget.
    D. Use AWS Cost Explorer forecasts to determine resource owners. Create usage budgets in AWS Budgets. Add an alert threshold to receive notification when spending exceeds 60% of the budget.

  • Question 532:

    A company runs an application in the AWS Cloud that generates sensitive archival data files. The company wants to rearchitect the application's data storage. The company wants to encrypt the data files and to ensure that third parties do not have access to the data before the data is encrypted and sent to AWS. The company has already created an Amazon S3 bucket.

    Which solution will meet these requirements?

    A. Configure the S3 bucket to use client-side encryption with an Amazon S3 managed encryption key. Configure the application to use the S3 bucket to store the archival files.
    B. Configure the S3 bucket to use server-side encryption with AWS KMS keys (SSE-KMS). Configure the application to use the S3 bucket to store the archival files.
    C. Configure the S3 bucket to use dual-layer server-side encryption with AWS KMS keys (SSE-KMS). Configure the application to use the S3 bucket to store the archival files.
    D. Configure the application to use client-side encryption with a key stored in AWS Key Management Service (AWS KMS). Configure the application to store the archival files in the S3 bucket.

  • Question 533:

    A solutions architect is designing a highly available Amazon ElastiCache for Redis based solution. The solutions architect needs to ensure that failures do not result in performance degradation or loss of data locally and within an AWS Region. The solution needs to provide high availability at the node level and at the Region level.

    Which solution will meet these requirements?

    A. Use Multi-AZ Redis replication groups with shards that contain multiple nodes.
    B. Use Redis shards that contain multiple nodes with Redis append only files (AOF) turned on.
    C. Use a Multi-AZ Redis cluster with more than one read replica in the replication group.
    D. Use Redis shards that contain multiple nodes with Auto Scaling turned on.

  • Question 534:

    A company uses AWS Organizations for its multi-account AWS setup. The security organizational unit (OU) of the company needs to share approved Amazon Machine Images (AMIs) with the development OU.

    The AMIs are created by using AWS Key Management Service (AWS KMS) encrypted snapshots.

    Which solution will meet these requirements? (Choose two.)

    A. Add the development team's OU Amazon Resource Name (ARN) to the launch permission list for the AMIs.
    B. Add the Organizations root Amazon Resource Name (ARN) to the launch permission list for the AMIs.
    C. Update the key policy to allow the development team's OU to use the AWS KMS keys that are used to decrypt the snapshots.
    D. Add the development team's account Amazon Resource Name (ARN) to the launch permission list for the AMIs.
    E. Recreate the AWS KMS key. Add a key policy to allow the Organizations root Amazon Resource Name (ARN) to use the AWS KMS key.

  • Question 535:

    A company recently announced the deployment of its retail website to a global audience. The website runs on multiple Amazon EC2 instances behind an Elastic Load Balancer. The instances run in an Auto Scaling group across multiple Availability Zones.

    The company wants to provide its customers with different versions of content based on the devices that the customers use to access the website.

    Which combination of actions should a solutions architect take to meet these requirements? (Choose two.)

    A. Configure Amazon CloudFront to cache multiple versions of the content.
    B. Configure a host header in a Network Load Balancer to forward traffic to different instances.
    C. Configure a Lambda@Edge function to send specific objects to users based on the User-Agent header.
    D. Configure AWS Global Accelerator. Forward requests to a Network Load Balancer (NLB). Configure the NLB to set up host-based routing to different EC2 instances.
    E. Configure AWS Global Accelerator. Forward requests to a Network Load Balancer (NLB). Configure the NLB to set up path-based routing to different EC2 instances.

  • Question 536:

    A company currently runs an on-premises application that usesASP.NET on Linux machines. The application is resource-intensive and serves customers directly.

    The company wants to modernize the application to .NET. The company wants to run the application on containers and to scale based on Amazon CloudWatch metrics. The company also wants to reduce the time spent on operational maintenance activities.

    Which solution will meet these requirements with the LEAST operational overhead?

    A. Use AWS App2Container to containerize the application. Use an AWS CloudFormation template to deploy the application to Amazon Elastic Container Service (Amazon ECS) on AWS Fargate.
    B. Use AWS App2Container to containerize the application. Use an AWS CloudFormation template to deploy the application to Amazon Elastic Container Service (Amazon ECS) on Amazon EC2 instances.
    C. Use AWS App Runner to containerize the application. Use App Runner to deploy the application to Amazon Elastic Container Service (Amazon ECS) on AWS Fargate.
    D. Use AWS App Runner to containerize the application. Use App Runner to deploy the application to Amazon Elastic Kubernetes Service (Amazon EKS) on Amazon EC2 instances.

  • Question 537:

    A company stores its application logs in an Amazon CloudWatch Logs log group. A new policy requires the company to store all application logs in Amazon OpenSearch Service (Amazon Elasticsearch Service) in near-real time.

    Which solution will meet this requirement with the LEAST operational overhead?

    A. Configure a CloudWatch Logs subscription to stream the logs to Amazon OpenSearch Service (Amazon Elasticsearch Service).
    B. Create an AWS Lambda function. Use the log group to invoke the function to write the logs to Amazon OpenSearch Service (Amazon Elasticsearch Service).
    C. Create an Amazon Kinesis Data Firehose delivery stream. Configure the log group as the delivery streams sources. Configure Amazon OpenSearch Service (Amazon Elasticsearch Service) as the delivery stream's destination.
    D. Install and configure Amazon Kinesis Agent on each application server to deliver the logs to Amazon Kinesis Data Streams. Configure Kinesis Data Streams to deliver the logs to Amazon OpenSearch Service (Amazon Elasticsearch Service).

  • Question 538:

    A company runs several Amazon RDS for Oracle On-Demand DB instances that have high utilization. The RDS DB instances run in member accounts that are in an organization in AWS Organizations. The company's finance team has access to the organization's management account and member accounts.

    The finance team wants to find ways to optimize costs by using AWS Trusted Advisor.

    Which combination of steps will meet these requirements? (Choose two.)

    A. Use the Trusted Advisor recommendations in the management account.
    B. Use the Trusted Advisor recommendations in the member accounts where the RDS DB instances are running.
    C. Review the Trusted Advisor checks for Amazon RDS Reserved Instance Optimization.
    D. Review the Trusted Advisor checks for Amazon RDS Idle DB Instances.
    E. Review the Trusted Advisor checks for compute optimization. Crosscheck the results by using AWS Compute Optimizer.

  • Question 539:

    A company runs thousands of AWS Lambda functions. The company needs a solution to securely store sensitive information that all the Lambda functions use. The solution must also manage the automatic rotation of the sensitive information.

    Which combination of steps will meet these requirements with the LEAST operational overhead? (Choose two.)

    A. Create HTTP security headers by using Lambda@Edge to retrieve and create sensitive information
    B. Create a Lambda layer that retrieves sensitive information
    C. Store sensitive information in AWS Secrets Manager
    D. Store sensitive information in AWS Systems Manager Parameter Store
    E. Create a Lambda consumer with dedicated throughput to retrieve sensitive information and create environmental variables

  • Question 540:

    A company wants to migrate applications from its on-premises servers to AWS. As a first step, the company is modifying and migrating a non-critical application to a single Amazon EC2 instance. The application will store information in an Amazon S3 bucket. The company needs to follow security best practices when deploying the application on AWS.

    Which approach should the company take to allow the application to interact with Amazon S3?

    A. Create an IAM role that has administrative access to AWS. Attach the role to the EC2 instance.
    B. Create an IAM user. Attach the AdministratorAccess policy. Copy the generated access key and secret key. Within the application code, use the access key and secret key along with the AWS SDK to communicate with Amazon S3.
    C. Create an IAM role that has the necessary access to Amazon S3. Attach the role to the EC2 instance.
    D. Create an IAM user. Attach a policy that provides the necessary access to Amazon S3. Copy the generated access key and secret key. Within the application code, use the access key and secret key along with the AWS SDK to communicate with Amazon S3.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C03 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.