SAA-C03 Exam Dumps : AWS Certified Solutions Architect - Associate (SAA-C03)

The correct answers are A, B, and C because the company needs to handle a sharp increase in read traffic , maintain high availability , and avoid application changes . These three options improve scaling at different layers of the architecture while remaining aligned with the current application design.

A. Amazon CloudFront helps reduce load on the web tier by caching content closer to users at edge locations. This improves responsiveness and reduces the number of requests that must reach the origin web servers during the marketing event. It is a common way to scale web traffic without changing the application.

B. Auto Scaling for the application layer is also appropriate because the application layer is already described as stateless and supports automatic scaling. Adding or removing EC2 instances based on demand helps the application remain responsive under high load.

C. Amazon Aurora with Aurora Replicas and Aurora Auto Scaling is the best way to scale the relational database layer for read-heavy workloads. Aurora Replicas can offload read traffic from the writer instance, and Aurora Auto Scaling can automatically adjust replica capacity based on demand. This preserves the relational architecture while improving read scalability and availability.

Option D can reduce database read pressure, but adding ElastiCache effectively requires the application to use the cache, which conflicts with the requirement to avoid modifying the application. Option E is incorrect because replacing the ALB with an NLB does not solve the application’s scaling or read-traffic bottlenecks. Option F is incorrect because migrating from a relational database to DynamoDB would require a major redesign.

So the best combination is CloudFront , Auto Scaling for the stateless application tier , and Aurora with read scaling features .

AWS Certificate Manager (ACM) issues and automatically renews public TLS certificates used by Amazon CloudFront. With DNS validation, ACM creates CNAME records that prove domain control; once validated, renewals occur automatically without manual approval, providing the lowest operational effort. For CloudFront, ACM certificates must be in the US East (N. Virginia) Region. CloudFront security policies (A) configure protocol/cipher requirements, not certificate issuance. OAC (B) secures origin access and is unrelated to certificate management. Email validation (D) requires mailbox approvals and operational handling at issuance/renewal, which is less efficient than DNS validation. Thus, ACM with DNS validation delivers automated creation and renewal with minimal overhead.

The application requires independent scaling, ordered asynchronous processing, and relational data storage. Option A provides a microservices-oriented, decoupled architecture using managed services.

Amazon ECS with AWS Fargate enables containerized workloads without server management and allows each component to scale independently. Amazon RDS supports relational data storage for user profiles and content. Amazon SQS ensures reliable, ordered message processing and decouples long-running background tasks, allowing services to evolve independently.

Option B uses SNS, which does not guarantee message ordering. Option C uses DynamoDB, which does not meet the relational data requirement. Option D offers less granular scaling and higher coupling.

Therefore, A best meets scalability, resilience, and modularity requirements.