1. Home
  2. Amazon
  3. SAA-C03

Amazon SAA-C03 Online Practice Questions and Exam Preparation

SAA-C03 Exam Details

  • Exam Code
    :SAA-C03
  • Exam Name
    :AWS Certified Solutions Architect - Associate (SAA-C03)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :1524 Q&As
  • Last Updated
    :Jun 01, 2026

Amazon SAA-C03 Online Questions & Answers

  • Question 911:

    A company has a production workload that runs on 1,000 Amazon EC2 Linux instances. The workload is powered by third-party software. The company needs to patch the third-party software on all EC2 instances as quickly as possible to remediate a critical security vulnerability.

    What should a solutions architect do to meet these requirements?

    A. Create an AWS Lambda function to apply the patch to all EC2 instances.
    B. Configure AWS Systems Manager Patch Manager to apply the patch to all EC2 instances.
    C. Schedule an AWS Systems Manager maintenance window to apply the patch to all EC2 instances.
    D. Use AWS Systems Manager Run Command to run a custom command that applies the patch to all EC2 instances.

  • Question 912:

    A company is using a SQL database to store movie data that is publicly accessible. The database runs on an Amazon RDS Single-AZ DB instance. A script runs queries at random intervals each day to record the number of new movies that have been added to the database. The script must report a final total during business hours. The company's development team notices that the database performance is inadequate for development tasks when the script is running. A solutions architect must recommend a solution to resolve this issue.

    Which solution will meet this requirement with the LEAST operational overhead?

    A. Modify the DB instance to be a Multi-AZ deployment.
    B. Create a read replica of the database. Configure the script to query only the read replica.
    C. Instruct the development team to manually export the entries in the database at the end of each day.
    D. Use Amazon ElastiCache to cache the common queries that the script runs against the database.

  • Question 913:

    A company runs an enterprise resource planning (ERP) system on Amazon EC2 instances in a single AWS Region. Users connect to the ERP system by using a public API that is hosted on the EC2 instances.

    International users report slow API response times from their data centers.

    A solutions architect needs to improve API response times for the international users.

    Which solution will meet these requirements MOST cost-effectively?

    A. Set up an AWS Direct Connect connection that has a public virtual interface (VIF) to connect each user's data center to the EC2 instances. Create a Direct Connect gateway for the ERP system API to route user API requests.
    B. Deploy Amazon API Gateway endpoints in multiple Regions. Use Amazon Route 53 latency-based routing to route requests to the nearest endpoint. Configure a VPC peering connection between the Regions to connect to the ERP system.
    C. Set up AWS Global Accelerator. Configure listeners for the necessary ports. Configure endpoint groups for the appropriate Regions to distribute traffic. Create an endpoint in each group for the API.
    D. Use AWS Site-to-Site VPN to establish dedicated VPN tunnels between multiple Regions and user networks. Route traffic to the API through the VPN connections.

  • Question 914:

    A company needs to store confidential files on AWS. The company accesses the files every week. The company must encrypt the files by using envelope encryption, and the encryption keys must be rotated automatically. The company must have an audit trail to monitor encryption key usage.

    Which combination of solutions will meet these requirements? (Choose Two.)

    A. Store the confidential files in Amazon S3.
    B. Store the confidential files in Amazon S3 Glacier Deep Archive.
    C. Use server-side encryption with customer-provided keys (SSE-C).
    D. Use server-side encryption with Amazon S3 managed keys (SSE-S3).
    E. Use server-side encryption with AWS KMS managed keys (SSE-KMS).

  • Question 915:

    A company runs Amazon EC2 instances in multiple AWS accounts that are individually bled. The company recently purchased a Savings Pian. Because of changes in the company's business requirements, the company has decommissioned a large number of EC2 instances. The company wants to use its Savings Plan discounts on its other AWS accounts.

    Which combination of steps will meet these requirements? (Choose two.)

    A. From the AWS Account Management Console of the management account, turn on discount sharing from the billing preferences section.
    B. From the AWS Account Management Console of the account that purchased the existing Savings Plan, turn on discount sharing from the billing preferences section. Include all accounts.
    C. From the AWS Organizations management account, use AWS Resource Access Manager (AWS RAM) to share the Savings Plan with other accounts.
    D. Create an organization in AWS Organizations in a new payer account. Invite the other AWS accounts to join the organization from the management account.
    E. Create an organization in AWS Organizations in the existing AWS account with the existing EC2 instances and Savings Plan. Invite the other AWS accounts to join the organization from the management account.

  • Question 916:

    A company hosts an application on AWS that gives users the ability to download photos. The company stores all photos in an Amazon S3 bucket that is located in the us-east-1 Region. The company wants to provide the photo download application to global customers with low latency.

    Which solution will meet these requirements?

    A. Find the public IP addresses that Amazon S3 uses in us-east-1. Configure an Amazon Route 53 latency-based routing policy that routes to all the public IP addresses.
    B. Configure an Amazon CloudFront distribution in front of the S3 bucket. Use the distribution endpoint to access the photos that are in the S3 bucket.
    C. Configure an Amazon Route 53 geoproximity routing policy to route the traffic to the S3 bucket that is closest to each customer's location.
    D. Create a new S3 bucket in the us-west-1 Region. Configure an S3 Cross-Region Replication rule to copy the photos to the new S3 bucket.

  • Question 917:

    A company is developing a new application that uses a relational database to store user data and application configurations. The company expects the application to have steady user growth. The company expects the database usage to be variable and read-heavy, with occasional writes.

    The company wants to cost-optimize the database solution. The company wants to use an AWS managed database solution that will provide the necessary performance.

    Which solution will meet these requirements MOST cost-effectively?

    A. Deploy the database on Amazon RDS. Use Provisioned IOPS SSD storage to ensure consistent performance for read and write operations.
    B. Deploy the database on Amazon Aurora Serverless to automatically scale the database capacity based on actual usage to accommodate the workload.
    C. Deploy the database on Amazon DynamoDB. Use on-demand capacity mode to automatically scale throughput to accommodate the workload.
    D. Deploy the database on Amazon RDS. Use magnetic storage and use read replicas to accommodate the workload.

  • Question 918:

    A company needs to ensure that an IAM group that contains database administrators can perform operations only within Amazon RDS. The company must ensure that the members of the IAM group cannot access any other AWS services.

    Which solution will meet these requirements?

    A. Create an IAM policy that includes a statement that has the Effect " Allow " and the Action " rds: ". Attach the IAM policy to the IAM group.
    B. Create an IAM policy that includes two statements. Configure the first statement to have the Effect " Allow " and the Action " rds: ". Configure the second statement to have the Effect " Deny " and the Action " ". Attach the IAM policy to the IAM group.
    C. Create an IAM policy that includes a statement that has the Effect " Deny " and the NotAction " rds: ". Attach the IAM policy to the IAM group.
    D. Create an IAM policy with a statement that includes the Effect " Allow " and the Action " rds: ". Include a permissions boundary that has the Effect " Allow " and the Action " rds: ". Attach the IAM policy to the IAM group.

  • Question 919:

    How can trade data from DynamoDB be ingested into an S3 data lake for near real-time analysis?

    A. Use DynamoDB Streams to invoke a Lambda function that writes to S3.
    B. Use DynamoDB Streams to invoke a Lambda function that writes to Data Firehose, which writes to S3.
    C. Enable Kinesis Data Streams on DynamoDB. Configure it to invoke a Lambda function that writes to S3.
    D. Enable Kinesis Data Streams on DynamoDB. Use Data Firehose to write to S3.

  • Question 920:

    A company uses a three-tier web application to provide training to new employees. The application is accessed for only 12 hours every day. The company is using an Amazon RDS for MySQL DB instance to store information and wants to minimize costs.

    What should a solutions architect do to meet these requirements?

    A. Configure an IAM policy for AWS Systems Manager Session Manager. Create an IAM role for the policy. Update the trust relationship of the role. Set up automatic start and stop for the DB instance.
    B. Create an Amazon ElastiCache for Redis cache cluster that gives users the ability to access the data from the cache when the DB instance is stopped. Invalidate the cache after the DB instance is started.
    C. Launch an Amazon EC2 instance. Create an IAM role that grants access to Amazon RDS. Attach the role to the EC2 instance. Configure a cron job to start and stop the EC2 instance on the desired schedule.
    D. Create AWS Lambda functions to start and stop the DB instance. Create Amazon EventBridge (Amazon CloudWatch Events) scheduled rules to invoke the Lambda functions. Configure the Lambda functions as event targets for the rules.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C03 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.