AWS SAA-C03 Cheat Sheet: Solutions Architect

May 1, 2026

Review a compact AWS Certified Solutions Architect Associate (SAA-C03) cheat sheet for secure, resilient, high-performing, and cost-optimized AWS architecture decisions before using IT Mastery practice.

On this page

Use this cheat sheet as an architecture decision checklist before SAA-C03 practice. The exam usually rewards the answer that meets the stated requirement with the right managed AWS pattern, not the most complicated design.

Open the SAA-C03 practice page for the free diagnostic, architecture topic pages, and IT Mastery web route.

Open SAA-C03 practice page Try free diagnostic

Snapshot

Item	Review cue
Exam route	AWS Certified Solutions Architect Associate
Exam code	SAA-C03
Items	65 total
Time	130 minutes
Practice option	Live IT Mastery practice available
Best use	Practice architecture trade-offs across security, resilience, performance, and cost

Domain checklist

Domain	Weight	What to know	Common trap
Design Secure Architectures	30%	IAM, encryption, network controls, logging, data protection, least privilege	optimizing before fixing the security boundary
Design Resilient Architectures	26%	Multi-AZ, backups, replication, failover, decoupling, recovery objectives	choosing multi-Region when Multi-AZ is enough
Design High-Performing Architectures	24%	compute, storage, database, caching, CDN, scaling, async design	solving every performance issue with larger instances
Design Cost-Optimized Architectures	20%	rightsizing, pricing models, storage tiers, managed services, data transfer	cutting cost in a way that violates the requirement

Must-know distinctions

Distinction	Exam reflex
Multi-AZ vs multi-Region	Multi-AZ improves availability inside one Region. Multi-Region supports geographic resilience or latency needs.
SQS vs SNS	SQS buffers work. SNS publishes messages to subscribers.
EBS vs EFS vs S3	Block, shared file, and object storage solve different access patterns.
RDS vs DynamoDB	RDS fits relational workloads. DynamoDB fits key-value and document access at scale.
CloudFront vs Global Accelerator	CloudFront caches HTTP content. Global Accelerator improves global network routing for supported endpoints.
NAT gateway vs VPC endpoint	NAT supports outbound internet access. VPC endpoints keep supported AWS service traffic private.

High-yield checklist

Identify the hard requirement first: latency, recovery point objective, recovery time objective, compliance, throughput, durability, or cost.
Apply least privilege, encryption, and private access before performance tuning.
Use managed services to reduce operational burden when the scenario allows it.
Decouple components with queues or events when traffic spikes or failure isolation matters.
Use caching or CDN only when access pattern and freshness requirements support it.
Match database choice to query pattern, consistency, scale, and operational needs.
Check data transfer, storage class, and idle capacity before choosing a cost answer.

Practice strategy

For each missed SAA-C03 question, write the architecture trade-off you missed. If the miss was caused by a service-pair confusion, drill that pair before another mixed set. If the miss was caused by ignoring a constraint, slow down and underline the hard requirement in each scenario.

Revised on Monday, May 25, 2026

Free Practice Exam