The 8-Week AWS SAA-C03 Study Plan I Used to Score 812 While Working Full-Time
Every AWS Solutions Architect Associate study plan on the internet seems to recommend the same three things:
- Watch a video course
- Take three mock exams
- Read Adrian Cantrill’s notes
That is not a study plan. It is a resource list.
A real study plan should:
- Cover the SAA-C03 exam blueprint proportionally
- Fit around your actual work and personal commitments
- Include hands-on practice
- Leave enough time for mock exams and weak-topic revision
Here is the eight-week plan I used to pass the AWS Certified Solutions Architect – Associate exam with a score of 812/1000, while working approximately 45 hours per week in a role unrelated to AWS.
Understanding the SAA-C03 Exam Blueprint
The SAA-C03 exam is divided into four domains:
| Domain | Exam Weight |
|---|---|
| Design Secure Architectures | 30% |
| Design Resilient Architectures | 26% |
| Design High-Performing Architectures | 24% |
| Design Cost-Optimized Architectures | 20% |
Assuming you study for eight weeks at approximately ten hours per week, you have around 80 total study hours.
A simple allocation based entirely on exam weight would look like this:
| Domain | Approximate Study Time |
|---|---|
| Security | 24 hours |
| Resilience | 21 hours |
| Performance | 19 hours |
| Cost Optimization | 16 hours |
However, I would not recommend allocating your time strictly according to the blueprint.
Security deserves more focused attention because it is one of the areas candidates frequently underestimate. You should also reserve the final two weeks for mock exams, gap analysis, and weak-topic drilling rather than learning entirely new content.
My actual eight-week structure looked like this:
| Week | Focus |
|---|---|
| Weeks 1–2 | Security and compliance |
| Week 3 | Resilient architectures |
| Week 4 | High-performing architectures |
| Week 5 | Cost optimization |
| Week 6 | First full mock and gap analysis |
| Week 7 | Weak-topic drilling |
| Week 8 | Final mocks, review, and rest |
Week 1: Security and Compliance — IAM Foundations
Recommended study time: 10 hours
Focus on:
- IAM users, groups, roles, and policies
- Identity-based policies versus resource-based policies
- When to use each policy type
- IAM policy evaluation logic
- Cross-account access using IAM roles and trust policies
- Service Control Policies through AWS Organizations
- IAM Access Analyzer
- IAM Access Advisor
The most important IAM rule to remember is:
Explicit deny > Explicit allow > Implicit deny
Do not only memorize this rule. Practice reading actual IAM policy JSON and predicting whether a request will be allowed or denied.
Practical Exercise
In your personal AWS account, create an IAM role that grants a Lambda function read-only access to one specific S3 bucket.
Try to complete the exercise without searching for instructions.
If you can configure the role, permissions policy, and trust relationship from memory, your IAM understanding is probably strong enough for the exam.
Weekly Question Target
Complete approximately 20 IAM-focused questions.
Aim for a score of at least 80% before moving on.
Week 2: Security and Compliance — Network and Data Security
Recommended study time: 10 hours
Focus on:
- Security groups versus Network ACLs
- Stateful versus stateless filtering
- AWS Shield Standard versus Shield Advanced
- AWS WAF
- AWS Firewall Manager
- AWS Key Management Service
- Customer-managed KMS keys
- Envelope encryption
- Key rotation
- S3 encryption methods
- CloudTrail versus CloudWatch Logs versus AWS Config
- Secrets Manager versus Systems Manager Parameter Store
For S3 encryption, understand the differences between:
| Encryption Type | Description |
|---|---|
| SSE-S3 | AWS manages both encryption and keys |
| SSE-KMS | AWS KMS manages the encryption keys |
| SSE-C | The customer provides the encryption key |
| Client-Side Encryption | Data is encrypted before being uploaded |
Also spend time comparing AWS Secrets Manager and SSM Parameter Store. Questions involving these two services appear frequently in SAA-style scenario questions.
Practical Exercise
Upload an object to S3 and encrypt it using:
- SSE-KMS
- A customer-managed KMS key
Then:
- Enable key rotation
- Retrieve and decrypt the object
- Understand how envelope encryption works behind the scenes
Weekly Question Target
Complete approximately 25 security questions covering both Week 1 and Week 2.
Aim for at least 78% overall.
Week 3: Designing Resilient Architectures
Recommended study time: 10 hours
Focus on:
- Multi-AZ versus multi-region architectures
- Recovery Time Objective and Recovery Point Objective
- RDS Multi-AZ versus Read Replicas
- DynamoDB Global Tables
- Auto Scaling policies
- Elastic Load Balancer types
- Route 53 routing policies
- CloudFront with S3
- Disaster recovery strategies
Services and Concepts to Compare
RDS Multi-AZ vs Read Replicas
| Feature | Multi-AZ | Read Replica |
|---|---|---|
| Primary purpose | High availability | Read scaling |
| Synchronous replication | Yes | Usually no |
| Automatic failover | Yes | No automatic application failover |
| Can serve read traffic | Standby generally cannot | Yes |
Elastic Load Balancers
Understand when to use:
- Application Load Balancer
- Network Load Balancer
- Gateway Load Balancer
Route 53 Routing Policies
Know the purpose of:
- Simple
- Weighted
- Latency-based
- Failover
- Geolocation
- Geoproximity
- Multivalue answer
Disaster Recovery Strategies
Study the trade-offs between:
- Backup and restore
- Pilot light
- Warm standby
- Multi-site active-active
You should understand how cost, complexity, RTO, and RPO change across these strategies.
Practical Exercise
Create two static websites in S3 buckets located in different AWS regions.
Use Route 53 failover routing to direct traffic to the secondary website when the primary endpoint becomes unavailable.
Then deliberately break the primary endpoint and verify that DNS traffic switches to the secondary site.
Weekly Question Target
Complete approximately 25 resilience-focused questions.
Target at least 78%.
Week 4: Designing High-Performing Architectures
Recommended study time: 10 hours
Focus on:
- EC2 instance families
- EBS volume types
- ElastiCache
- CloudFront
- AWS Global Accelerator
- Aurora
- Messaging and event services
EC2 Instance Families
Understand the common workload categories:
- General purpose
- Compute optimized
- Memory optimized
- Storage optimized
- Accelerated computing
Do not memorize every instance name. Learn how to identify the correct instance family from a workload description.
EBS Volume Types
Compare:
| Volume Type | Best For |
|---|---|
| gp3 | General-purpose SSD workloads |
| io2 | High-performance, mission-critical databases |
| st1 | Throughput-heavy, frequently accessed workloads |
| sc1 | Low-cost, infrequently accessed workloads |
Understand the difference between IOPS, throughput, latency, and cost.
Caching and Global Delivery
Study:
- Redis versus Memcached
- Redis cluster mode enabled versus disabled
- CloudFront cache behavior
- Origin selection
- Signed URLs
- Signed cookies
- Global Accelerator versus CloudFront
CloudFront and Global Accelerator solve different problems. CloudFront is primarily a content delivery network, while Global Accelerator improves the availability and performance of applications using AWS’s global network.
Databases
Compare:
- Standard Amazon Aurora
- Aurora Serverless v2
- Traditional Amazon RDS engines
Messaging Service Selection
Be able to choose between:
- Amazon SQS
- Amazon SNS
- Amazon EventBridge
- Amazon Kinesis
A simple mental model:
| Service | Typical Use |
|---|---|
| SQS | Message queues and decoupling |
| SNS | Push-based fan-out |
| EventBridge | Event routing and application integration |
| Kinesis | High-volume streaming data |
Practical Exercise
Take a workload such as:
An application needs low-latency global access to frequently read user-profile data.
Design a solution using an appropriate combination of:
- Database or storage service
- Caching layer
- Content delivery or global networking service
Write one paragraph explaining why each service belongs in the architecture.
Weekly Question Target
Complete approximately 25 performance-focused questions.
Target at least 78%.
Week 5: Designing Cost-Optimized Architectures
Recommended study time: 8 hours
This can be a slightly lighter week because you should already have built consistent study momentum.
Focus on:
- Compute Savings Plans
- EC2 Instance Savings Plans
- Reserved Instances
- Spot Instances
- S3 storage classes
- S3 Intelligent-Tiering
- Cost Explorer
- AWS Budgets
- AWS Cost Anomaly Detection
- AWS Compute Optimizer
- Data-transfer costs
Compute Pricing Models
Compare:
- Compute Savings Plans
- EC2 Instance Savings Plans
- Standard Reserved Instances
- Convertible Reserved Instances
- Spot Instances
For Spot Instances, understand:
- Appropriate workloads
- Interruption handling
- Spot Fleet
- Mixed instance policies
- EC2 Auto Scaling with Spot capacity
S3 Storage Classes
Know the progression:
S3 Standard
→ S3 Standard-IA
→ S3 One Zone-IA
→ S3 Glacier Instant Retrieval
→ S3 Glacier Flexible Retrieval
→ S3 Glacier Deep Archive
For each storage class, understand:
- Retrieval time
- Storage cost
- Retrieval charges
- Minimum storage duration
- Availability and resilience characteristics
Also understand when S3 Intelligent-Tiering is appropriate.
Do Not Ignore Data-Transfer Costs
Data transfer is frequently overlooked when designing cost-optimized architectures.
Pay particular attention to:
- Cross-region transfer
- Availability Zone transfer
- Internet egress
- NAT Gateway processing
- CloudFront pricing
- Transfers between AWS services
Practical Exercise
Consider the following workload:
A company stores 100 TB of application logs. Logs from the most recent 30 days are accessed frequently. Older logs are accessed approximately once per month for audits.
Design an S3 lifecycle policy and estimate the approximate monthly cost.
The exact estimate matters less than demonstrating that you understand the cost trade-offs.
Weekly Question Target
Complete approximately 20 cost-optimization questions.
Aim for at least 80%. This domain is often more straightforward than the others once you understand the available pricing models.
Week 6: First Full Mock and Gap Analysis
Recommended study time: 12 hours
Allocate approximately:
- 2 hours and 10 minutes for the mock
- 3 to 6 hours for detailed review
- Additional time for revisiting weak concepts
Take one complete 65-question mock exam under real exam conditions.
That means:
- No pausing
- No searching online
- No checking notes
- A strict 130-minute limit
Your first mock score is not the most important result.
Your gap map is.
Review Every Uncertain Answer
Review:
- Every incorrect answer
- Every correct answer you were unsure about
- Every question where you guessed between two services
Do not simply read the explanation and continue.
Write down:
- Which service you selected
- Which service was correct
- Why your answer was wrong
- Which clue in the question should have changed your decision
Categorize Each Mistake
1. Concept Gap
You do not properly understand the service.
Action: Read the relevant AWS documentation and create a short summary.
2. Application Gap
You understand the service but selected the wrong solution for the scenario.
Action: Complete more scenario-based questions.
3. Distractor Confusion
Two services appeared equally suitable.
Action: Create a comparison flashcard showing when to use each service.
For example:
CloudFront vs Global Accelerator
SQS vs EventBridge
RDS Multi-AZ vs Read Replica
Secrets Manager vs Parameter Store
Security Groups vs NACLs
Week 7: Weak-Topic Drilling
Recommended study time: 12 hours
Use your gap map from Week 6 to identify your weakest domains.
Complete three or four focused mini-mocks containing approximately 25 questions each.
Avoid repeatedly taking complete mock exams without analyzing your weaknesses. Focused practice usually produces better improvement at this stage.
This is where adaptive practice platforms can be useful. A static question bank presents broadly similar questions to every learner. An adaptive platform can increase the difficulty and frequency of questions from your weakest topics.
Full Disclosure
I run a certification-preparation platform called CertsRise, and this stage of my preparation is one of the reasons I built it.
I became frustrated with static question banks that did not adjust based on my performance.
For adaptive SAA-C03 weak-topic practice, you can explore:
👉 AWS SAA-C03 preparation on CertsRise
The SAA preparation package is available for a one-time payment of $19.
You can also use a static question bank such as Tutorials Dojo. The platform matters less than the method:
Identify your weak areas, practise them deliberately, and review every mistake.
Week 8: Final Mocks, Review, and Rest
Recommended study time: 15 hours, followed by complete rest
Suggested schedule:
| Day | Activity |
|---|---|
| Monday | Take the second full mock |
| Wednesday | Take the third full mock |
| Thursday | Review Wednesday’s incorrect answers |
| Friday | Rest |
| Saturday | Rest |
| Sunday | Light preparation only; confirm exam logistics |
| Monday | Take the exam |
Target Scores
- Second full mock: 78% or higher
- Third full mock: 82% or higher
After the third mock, stop trying to learn large new topics.
Review only:
- Incorrect answers
- Comparison notes
- Important architecture patterns
- Services you consistently confuse
Rest Is Part of the Study Plan
Do not spend the final night cramming.
Sleep supports memory consolidation. Cramming the night before the exam often leaves you both tired and anxious.
Two rested days can help more than another ten hours of unfocused revision.
Exam-Day Tactics
Manage Your Time
You have:
130 minutes ÷ 65 questions = 2 minutes per question
If you have spent more than approximately two and a half minutes on one question, select the best available answer, flag it, and continue.
Use the Review Flag
On your first pass:
- Answer every question
- Flag anything you are not at least 90% confident about
- Avoid spending too long on one scenario
On your second pass:
- Revisit flagged questions
- Look for architecture clues you may have missed
- Change an answer only when you have a specific reason
Read Every Option
AWS distractors are designed to exploit the following pattern:
Recognize a keyword → immediately select the matching service
Do not fall into this trap.
Read all four options before answering, even when the first option looks correct.
Trust Your Initial Reasoning
When you narrow the answer down to two options and still cannot decide, your first reasoned choice is often better than an anxious last-minute change.
Do not change an answer unless you can identify a clear technical reason.
What I Would Do Differently
After completing the exam, I would change three things about my preparation.
1. Spend More Time on Security
I would devote three weeks to security rather than two.
Security questions often combine multiple services, such as:
- IAM
- KMS
- S3 bucket policies
- Organizations
- CloudTrail
- VPC controls
The individual concepts are not always difficult, but the scenarios can be subtle.
2. Avoid Repetitive Mock Banks
I would skip the second Whizlabs question bank.
In my experience, there was significant overlap with the first bank, which reduced its value.
3. Add More Hands-On Practice During Performance Week
Performance concepts become much easier to remember after you have actually:
- Resized an EC2 instance
- Changed an EBS volume
- Configured caching
- Worked with load balancers
- Tested CloudFront behavior
Hands-on experience makes scenario questions more intuitive.
TL;DR
- Eight weeks at approximately ten hours per week can be enough for a full-time professional starting with basic AWS knowledge.
- Start with security, then study resilience, performance, and cost optimization.
- Take your first complete mock in Week 6.
- Convert every mistake into a gap map.
- Spend Week 7 drilling weak topics.
- Use Week 8 for confidence-building mocks and rest.
- Your mock scores during the final two weeks are usually more meaningful than your total number of study hours.
My approximate time allocation was:
| Area | Share of Study Time |
|---|---|
| Security | 25% |
| Resilience | 20% |
| Performance | 20% |
| Cost Optimization | 12% |
| Mocks and Review | 23% |
The core sequence is:
Learn the concepts
→ Take a mock
→ Analyse the gaps
→ Drill weak topics
→ Take confidence mocks
→ Rest
→ Take the exam
Generate a Personalised SAA-C03 Study Plan
For a customised version of this schedule based on your available study hours and target exam date, try the free:
👉 CertsRise AWS Study Plan Generator
It generates a week-by-week schedule based on:
- Your target exam date
- Available study hours per day
- Existing experience level
- Remaining preparation time
It takes around 30 seconds and does not require signup—only an email address.
Questions are welcome in the comments. I read and respond to them.
Top comments (0)