Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. Amazon
  3. AWS Certified Solutions Architect - Associate SAA-C03

Amazon AWS Certified Solutions Architect - Associate SAA-C03 AWS Certified Solutions Architect - Associate SAA-C03 Exam Questions in PDF

Free Amazon AWS Certified Solutions Architect - Associate SAA-C03 Dumps Questions (page: 3)

AWS Certified Solutions Architect - Associate SAA-C03 PDF — 903 Questions

A company is implementing a new business application. The application runs on two Amazon EC2 instances and uses an Amazon S3 bucket for document storage. A solutions architect needs to ensure that the EC2 instances can access the S3 bucket.
What should the solutions architect do to meet this requirement?

  1. Create an IAM role that grants access to the S3 bucket. Attach the role to the EC2 instances.
  2. Create an IAM policy that grants access to the S3 bucket. Attach the policy to the EC2 instances.
  3. Create an IAM group that grants access to the S3 bucket. Attach the group to the EC2 instances.
  4. Create an IAM user that grants access to the S3 bucket. Attach the user account to the EC2 instances.

Answer(s): A

Explanation:

A) A is correct because attaching an IAM role to EC2 instances provides temporary credentials via instance metadata, enabling Secure S3 access without embedded keys. Roles are the recommended method for EC2 access to AWS services.
B) Attaching an IAM policy directly to EC2 is invalid; policies grant permissions to principals (users, roles, groups), not to compute resources. You must attach a role (or user) with the policy.
C) IAM groups are for users, not for EC2 instances; there is no mechanism to attach a group to an EC2 instance.
D) IAM users are long-term credentials unsuitable for EC2 without rotating access keys; embedding user credentials is insecure. Roles are preferred.



An application development team is designing a microservice that will convert large images to smaller, compressed images. When a user uploads an image through the web interface, the microservice should store the image in an Amazon S3 bucket, process and compress the image with an AWS Lambda function, and store the image in its compressed form in a different S3 bucket.
A solutions architect needs to design a solution that uses durable, stateless components to process the images automatically.
Which combination of actions will meet these requirements? (Choose two.)

  1. Create an Amazon Simple Queue Service (Amazon SQS) queue. Configure the S3 bucket to send a notification to the SQS queue when an image is uploaded to the S3 bucket.
  2. Configure the Lambda function to use the Amazon Simple Queue Service (Amazon SQS) queue as the invocation source. When the SQS message is successfully processed, delete the message in the queue.
  3. Configure the Lambda function to monitor the S3 bucket for new uploads. When an uploaded image is detected, write the file name to a text file in memory and use the text file to keep track of the images that were processed.
  4. Launch an Amazon EC2 instance to monitor an Amazon Simple Queue Service (Amazon SQS) queue. When items are added to the queue, log the file name in a text file on the EC2 instance and invoke the Lambda function.
  5. Configure an Amazon EventBridge (Amazon CloudWatch Events) event to monitor the S3 bucket. When an image is uploaded, send an alert to an Amazon ample Notification Service (Amazon SNS) topic with the application owner's email address for further processing.

Answer(s): A,B

Explanation:

The correct options A and B implement a durable, stateless, event-driven flow using S3 to trigger SQS and Lambda to process and store results without servers.
A) S3 event to SQS decouples uploader from processing and provides durable, retriable messaging for Lambda.
B) Lambda consuming from SQS ensures automatic scaling, stateless processing, and proper message deletion after success.
C) Not stateless or durable (in-memory tracking) and misses event-driven reliability.
D) EC2 introduces stateful management and server provisioning, breaking durability and scalability.
E) SNS alerting is not a processing trigger or durable workflow for image transformation.



A company has a three-tier web application that is deployed on AWS. The web servers are deployed in a public subnet in a VPC. The application servers and database servers are deployed in private subnets in the same VPC. The company has deployed a third-party virtual firewall appliance from AWS Marketplace in an inspection VPC. The appliance is configured with an IP interface that can accept IP packets.
A solutions architect needs to integrate the web application with the appliance to inspect all traffic to the application before the traffic reaches the web server.
Which solution will meet these requirements with the LEAST operational overhead?

  1. Create a Network Load Balancer in the public subnet of the application's VPC to route the traffic to the appliance for packet inspection.
  2. Create an Application Load Balancer in the public subnet of the application's VPC to route the traffic to the appliance for packet inspection.
  3. Deploy a transit gateway in the inspection VPConfigure route tables to route the incoming packets through the transit gateway.
  4. Deploy a Gateway Load Balancer in the inspection VPC. Create a Gateway Load Balancer endpoint to receive the incoming packets and forward the packets to the appliance.

Answer(s): D

Explanation:

Gateway Load Balancer (GWLB) with a GWLB endpoint provides transparent, scalable traffic steering to the inline inspection appliance in an inspection VPC, allowing all traffic to be inspected before reaching the web tier with minimal operational overhead. It supports autoscaling and preserves source IP, and integrates with third-party appliances via standard inline networking.
A) NLB would route at layer 4 but not provide built-in integration with a centralized inline appliance in a separate inspection VPC.
B) ALB is application-layer and not suitable for transparent inline inspection of all traffic to the web tier.
C) Transit Gateway adds complexity and does not inherently provide inline inspection with a dedicated appliance endpoint.



A company wants to improve its ability to clone large amounts of production data into a test environment in the same AWS Region. The data is stored in Amazon EC2 instances on Amazon Elastic Block Store (Amazon EBS) volumes. Modifications to the cloned data must not affect the production environment. The software that accesses this data requires consistently high I/O performance.
A solutions architect needs to minimize the time that is required to clone the production data into the test environment.
Which solution will meet these requirements?

  1. Take EBS snapshots of the production EBS volumes. Restore the snapshots onto EC2 instance store volumes in the test environment.
  2. Configure the production EBS volumes to use the EBS Multi-Attach feature. Take EBS snapshots of the production EBS volumes. Attach the production EBS volumes to the EC2 instances in the test environment.
  3. Take EBS snapshots of the production EBS volumes. Create and initialize new EBS volumes. Attach the new EBS volumes to EC2 instances in the test environment before restoring the volumes from the production EBS snapshots.
  4. Take EBS snapshots of the production EBS volumes. Turn on the EBS fast snapshot restore feature on the EBS snapshots. Restore the snapshots into new EBS volumes. Attach the new EBS volumes to EC2 instances in the test environment.

Answer(s): D

Explanation:

The correct answer D is right because EBS Fast Snapshot Restore pre-wills data to SSD storage, allowing immediate high IOPS-attached volumes in the test environment after restoring from snapshots, meeting the isolation and performance requirements and minimizing clone time.
A is incorrect because restoring to instance store volumes loses EBS durability and requires rebuilding; not suitable for high I/O or consistent production data cloning.
B is incorrect because Multi-Attach is for attaching a single volume to multiple instances for shared access, not for isolating test data; it risks data corruption when the production volume is modified.
C is incorrect because restoring from snapshots to new volumes is valid but slower without Fast Snapshot Restore; it increases clone time.



An ecommerce company wants to launch a one-deal-a-day website on AWS. Each day will feature exactly one product on sale for a period of 24 hours. The company wants to be able to handle millions of requests each hour with millisecond latency during peak hours.
Which solution will meet these requirements with the LEAST operational overhead?

  1. Use Amazon S3 to host the full website in different S3 buckets. Add Amazon CloudFront distributions. Set the S3 buckets as origins for the distributions. Store the order data in Amazon S3.
  2. Deploy the full website on Amazon EC2 instances that run in Auto Scaling groups across multiple Availability Zones. Add an Application Load Balancer (ALB) to distribute the website traffic. Add another ALB for the backend APIs. Store the data in Amazon RDS for MySQL.
  3. Migrate the full application to run in containers. Host the containers on Amazon Elastic Kubernetes Service (Amazon EKS). Use the Kubernetes Cluster Autoscaler to increase and decrease the number of pods to process bursts in traffic. Store the data in Amazon RDS for MySQL.
  4. Use an Amazon S3 bucket to host the website's static content. Deploy an Amazon CloudFront distribution. Set the S3 bucket as the origin. Use Amazon API Gateway and AWS Lambda functions for the backend APIs. Store the data in Amazon DynamoDB.

Answer(s): D

Explanation:

A concise justification:
D) Uses S3 for static content with CloudFront, plus API Gateway and Lambda for backend, and DynamoDB for scalable, low-latency data storage. This serverless approach minimizes operational overhead, scales to millions of requests per hour with millisecond latency, and avoids provisioning/manage servers or clusters.
A) S3 with CloudFront alone handles static content and low-latency delivery but lacks a scalable, serverless backend and suitable data store for dynamic order data.
B) EC2 Auto Scaling with ALB incurs more operational effort and management; scaling the backend and database is heavier.
C) EKS with Cluster Autoscaler adds Kubernetes management complexity; still requires relational DB and more maintenance.



A solutions architect is using Amazon S3 to design the storage architecture of a new digital media application. The media files must be resilient to the loss of an Availability Zone. Some files are accessed frequently while other files are rarely accessed in an unpredictable pattern. The solutions architect must minimize the costs of storing and retrieving the media files.
Which storage option meets these requirements?

  1. S3 Standard
  2. S3 Intelligent-Tiering
  3. S3 Standard-Infrequent Access (S3 Standard-IA)
  4. S3 One Zone-Infrequent Access (S3 One Zone-IA)

Answer(s): B

Explanation:

S3 Intelligent-Tiering automatically moves objects between frequent and infrequent access tiers based on usage, minimizing cost while providing the same-namespace resilience and durability as S3, including across AZs. A) S3 Standard is durable and highly available but not cost-optimized for unpredictable access patterns. C) S3 Standard-IA lowers storage cost but incurs retrieval fees and does not optimize for unpredictable access automatically. D) S3 One Zone-IA stores data in a single AZ, reducing durability resilience to AZ loss, which contradicts the requirement. B) correctly balances cost across access patterns and preserves data across AZs without manual tiering.



A company is storing backup files by using Amazon S3 Standard storage. The files are accessed frequently for 1 month. However, the files are not accessed after 1 month. The company must keep the files indefinitely.
Which storage solution will meet these requirements MOST cost-effectively?

  1. Configure S3 Intelligent-Tiering to automatically migrate objects.
  2. Create an S3 Lifecycle configuration to transition objects from S3 Standard to S3 Glacier Deep Archive after 1 month.
  3. Create an S3 Lifecycle configuration to transition objects from S3 Standard to S3 Standard-Infrequent Access (S3 Standard-IA) after 1 month.
  4. Create an S3 Lifecycle configuration to transition objects from S3 Standard to S3 One Zone-Infrequent Access (S3 One Zone-IA) after 1 month.

Answer(s): B

Explanation:

S3 Glacier Deep Archive is the lowest-cost storage for long-term data that is rarely accessed, making B cost-optimal for keeping backups indefinitely after an initial month of frequent access.
A) S3 Intelligent-Tiering adds monitoring costs and may still tier to frequent access tiers; not as cost-effective for long-term retention with no access. B) Correct: transitions after 1 month to Glacier Deep Archive minimizes storage cost while preserving access if needed in future. C) S3 Standard-IA incurs retrieval costs and higher per-GB price than Glacier Deep Archive for long-term, infrequently accessed data. D) One Zone-IA stores data in a single AZ and has higher risk of data loss and higher retrieval costs relative to Glacier Deep Archive for immutable backups.



A company observes an increase in Amazon EC2 costs in its most recent bill. The billing team notices unwanted vertical scaling of instance types for a couple of EC2 instances. A solutions architect needs to create a graph comparing the last 2 months of EC2 costs and perform an in-depth analysis to identify the root cause of the vertical scaling.
How should the solutions architect generate the information with the LEAST operational overhead?

  1. Use AWS Budgets to create a budget report and compare EC2 costs based on instance types.
  2. Use Cost Explorer's granular filtering feature to perform an in-depth analysis of EC2 costs based on instance types.
  3. Use graphs from the AWS Billing and Cost Management dashboard to compare EC2 costs based on instance types for the last 2 months.
  4. Use AWS Cost and Usage Reports to create a report and send it to an Amazon S3 bucket. Use Amazon QuickSight with Amazon S3 as a source to generate an interactive graph based on instance types.

Answer(s): B

Explanation:

The correct answer is B. Cost Explorer’s granular filtering allows you to drill down EC2 costs by instance type, over a two-month window, enabling fast, insight-driven root-cause analysis with minimal setup and operational overhead.
A) AWS Budgets focuses on cost thresholds and alerts, not in-depth per-instance-type cost analysis.
C) Billing dashboard graphs offer basic visuals but lack the granular, customizable filters needed for root-cause analysis by instance type and time range.
D) Cost and Usage Reports with QuickSight provides full analytics but involves additional data processing and setup, increasing overhead.



Viewing page 3 of 129

Share your comments for Amazon AWS Certified Solutions Architect - Associate SAA-C03 exam with other users:

A
Amitabha Roy
10/5/2023 3:16:00 AM

planning to attempt for the exam.

Anonymous
AI Tutor 👋 I’m here to help!