AWS · SOA-C03

Operational Excellence — AWS SysOps Administrator (SOA-C03)

2%of exam questions (4 of 200)

Four Tools, Four Different Operational Questions Answered

Requirement: full operational visibility across a production workload — infrastructure behavior, API activity, service traces, and configuration drift. Competing tools: CloudWatch, CloudTrail, X-Ray, Config. Each answers a different question. CloudWatch answers what is happening now. CloudTrail answers who did what and when. X-Ray answers where in the request path did this fail. Config answers whether this resource has drifted from its desired state. Misassigning a tool means misreading the scenario's actual observability gap.

What This Pattern Tests

The exam describes an operational challenge and tests whether you apply automation over manual intervention. CloudFormation and CDK make deployments repeatable and auditable. Systems Manager provides patch management via Patch Manager, parameter store for configuration, and runbook automation via SSM Automation documents across EC2 fleets. For DevOps-focused exams like DOP-C02, CodePipeline orchestrates CI/CD with approval gates, while Config rules detect drift and trigger SSM remediation. For data engineering exams like DEA-C01, Glue workflows and Step Functions orchestrate ETL pipelines with error handling and retry logic. CloudWatch composite alarms combine multiple metrics into single operational alerts. The trap is recommending manual processes — SSH into servers, manually apply patches, or hand-edit Glue job configurations.

Decision Axis

Reactive manual intervention vs. proactive automation. The exam always prefers automation that is auditable and repeatable.

Associated Traps

Observability Blind Spot (4)CloudWatch metrics show Lambda is healthy — but X-Ray reveals a 3-second DynamoDB bottleneck hiding inside a 5-second response.

More Top Traps on This Exam

Near-Right Architecture · 24%CloudFront + ALB or Global Accelerator + NLB? Both cut latency — only one preserves client IPs over TCP.Operational Complexity Underestimation · 21%Self-managed Kubernetes on EC2 — a full-time job disguised as a deployment strategy.

Decision Rules

Whether to create a CloudWatch Logs metric filter with pattern matching on userIdentity.type = Root against the existing log group — emitting a custom metric consumed by a CloudWatch alarm — or enable a separate detection service such as GuardDuty or AWS Config that introduces additional latency and cost beyond what the already-delivered log stream requires.

Amazon CloudWatch LogsAmazon CloudWatchAWS CloudTrail

Domain Coverage

Monitoring, Logging, Analysis, Remediation, and Performance Optimization

Difficulty Breakdown

Medium: 4

Build recognition speed →

See all SOA-C03 patterns →