Try 12 original AWS SAA-C04 planning sample questions for a possible Solutions Architect Associate refresh, compare the current SAA-C03 route, and subscribe for IT Mastery updates when AWS publishes official details.
AWS has not published a formal public SAA-C04 exam guide on the official AWS exam-guide or coming-soon pages reviewed for this site. Use the current AWS SAA-C03 Solutions Architect Associate page for current official preparation, and use this SAA-C04 page only to follow successor-code updates.
Practice option: Update watch
Start with the 12 sample questions on this page. Dedicated practice for AWS SAA-C04 is not currently included as a full web-app practice page; enter your email to get updates when full practice becomes available or expands for this exam.
Need live practice now? See current SAA-C03 Solutions Architect Associate page.
This page is an early update-watch page for candidates who are already tracking a possible SAA-C04 refresh. The sample questions below are original IT Mastery 2027-oriented planning scenarios based on the current Solutions Architect Associate role, current AWS service direction, and common architecture shifts. They are not official AWS questions and are not based on a published SAA-C04 blueprint.
| If you searched for… | Use this now |
|---|---|
| SAA-C04 registration, exam guide, or official domains | Check AWS official certification pages first; no formal SAA-C04 blueprint is represented here yet. |
| Current AWS Solutions Architect Associate practice | Use SAA-C03 for current practice. |
| Future-code update notice | Use the Notify me form above. |
| Architecture sample questions for likely refresh themes | Try the 12 original planning questions below. |
If AWS refreshes the Solutions Architect Associate exam, reasonable areas to watch include resilient multi-account design, serverless integration, private connectivity, cost-aware compute choices, data protection, GenAI application boundaries, observability, and sustainability-aware architecture. Treat these as preparation estimates, not exam facts.
| Area to watch | Why it may matter |
|---|---|
| Multi-account governance | AWS architecture increasingly expects Organizations, SCPs, IAM Identity Center, logging, and account boundaries to work together. |
| Event-driven and serverless integration | SQS, SNS, EventBridge, Step Functions, Lambda, and API Gateway remain central to resilient architectures. |
| GenAI application architecture | Bedrock, knowledge bases, model access, data boundaries, and safety controls may appear in architecture trade-off scenarios. |
| Cost and sustainability trade-offs | Graviton, Savings Plans, right-sizing, storage tiering, and managed services can change the best answer. |
| Resilience testing and recovery | Multi-AZ, multi-Region, backup, failover, and RTO/RPO reasoning are core architect skills. |
Try these 12 original AWS SAA-C04 2027 planning questions. They are designed for self-assessment and update tracking, not as official exam material.
What this tests: multi-account governance
A company has separate AWS accounts for development, staging, production, and shared security tooling. Application teams need autonomy, but security wants baseline guardrails that prevent public S3 buckets, require centralized logging, and keep identity management consistent. Which design is the best fit?
Best answer: C
Explanation: Multi-account architecture should combine account boundaries with centralized governance. AWS Organizations and SCPs set guardrails, centralized logging improves visibility, and IAM Identity Center avoids duplicated identities. A single account weakens isolation, manual review does not scale, and copied IAM users create operational and security risk.
What this tests: event-driven workload design
An ecommerce platform receives unpredictable bursts of order events. Payment validation, inventory reservation, fraud checks, and fulfillment notification should run independently, and one failed downstream step should not block all other processing. Which architecture is most appropriate?
Best answer: A
Explanation: EventBridge supports event routing, loose coupling, and independent consumers. Synchronous chains increase blast radius and latency. Local files do not provide durable shared integration, and database triggers make business workflow harder to observe, scale, and recover.
What this tests: global data access trade-offs
A read-heavy application serves users in North America, Europe, and Asia. Most requests are reads, but users occasionally update their profiles. The business wants low-latency reads in each Region and managed replication without operating database servers. Which option is most likely to fit?
Best answer: C
Explanation: DynamoDB global tables are a managed multi-Region option for low-latency access to replicated data. A single RDS instance centralizes latency and risk. EFS is not a cross-Region application database, and S3 Transfer Acceleration does not turn S3 into a profile database.
What this tests: private GenAI architecture boundaries
A company wants a support assistant to answer questions from internal documentation. The documents must stay encrypted, access must follow user permissions, and the model should not receive unrelated private records. Which design principle matters most?
Best answer: B
Explanation: A secure assistant should retrieve only authorized context, keep source documents protected, and enforce identity and data boundaries. Public storage, manual copy-paste, or disabled authorization undermines confidentiality even if the model is not directly changing data.
What this tests: compute modernization and cost
A stateless web API runs on x86 EC2 instances at steady baseline traffic with periodic spikes. The team can test ARM compatibility and wants lower compute cost without redesigning the service. What should the architect evaluate first?
Best answer: C
Explanation: For compatible workloads, Graviton can reduce compute cost, and Savings Plans can help with steady usage. Instance store does not solve compute economics for stateless APIs. Bastion workflows do not replace APIs, and disabling Auto Scaling increases availability risk.
What this tests: recovery objective reasoning
A workload has an RTO of 15 minutes and an RPO near zero. It serves critical transactions, and management accepts higher cost for faster recovery. Which direction best fits the requirement?
Best answer: D
Explanation: Very low RTO and near-zero RPO usually require pre-provisioned capacity, replication, and tested failover. Nightly snapshots may miss the RPO and RTO. Same-AZ backups and manual rebuilds are not enough for critical near-real-time recovery.
What this tests: data residency and access controls
A healthcare workload must keep regulated data in a specific Region. Analytics teams need aggregated results but should not access raw records. Which approach best supports both requirements?
Best answer: A
Explanation: The architecture should respect residency, minimize access to raw data, and expose only appropriately aggregated or de-identified outputs. Global raw replication, spreadsheet exports, and weaker encryption create avoidable compliance and privacy risk.
What this tests: API resilience
A public API occasionally depends on a slow third-party service. The API should avoid exhausting compute capacity during slow responses and should return a controlled fallback when dependency latency spikes. Which pattern is most appropriate?
Best answer: B
Explanation: Resilient APIs contain dependency failures with timeouts, bounded retries, circuit breakers, queues, and fallback behavior. Longer timeouts and long transactions consume capacity. External dependencies still require monitoring from the application boundary.
What this tests: storage tiering
An application stores compliance records that are frequently accessed for 30 days, rarely accessed for seven years, and must be retained with strong durability. Which architecture is most cost-aware?
Best answer: C
Explanation: S3 lifecycle policies support durable object storage and cost-aware transitions to archival classes. EBS and EC2 file systems can be expensive or operationally fragile for long-term retention. Instance store is ephemeral and inappropriate for compliance retention.
What this tests: network access simplification
A private application in a VPC needs to call AWS services without sending traffic over the public internet where supported. The design should reduce exposure and keep routing manageable. Which option should the architect use?
Best answer: D
Explanation: VPC endpoints keep supported AWS service traffic within AWS private connectivity paths and reduce public exposure. Public IPs, ad hoc tunnels, and broad NAT access are less controlled and can increase operational risk.
What this tests: observability design
A distributed checkout system uses API Gateway, Lambda, SQS, and DynamoDB. Operators need to understand where latency is introduced and correlate failures across components. Which capability is most useful?
Best answer: A
Explanation: Distributed systems need correlated telemetry. Tracing and structured logs help connect request flow across services and identify bottlenecks. Screenshots, one isolated CPU alarm, or billing reports do not provide enough diagnostic context.
What this tests: sustainable and cost-aware architecture
A batch analytics workload runs nightly and can tolerate interruption if it finishes before business hours. The company wants to reduce cost while keeping completion reliable. Which approach is most appropriate?
Best answer: B
Explanation: Interruptible batch workloads are good candidates for Spot capacity when the design includes orchestration, retries, and fallback capacity. Continuous oversized on-demand capacity and idle duplicate clusters waste money. Developer laptops are not reliable production architecture.