AWS · SAP-C02

Cost Blind Spot — AWS Solutions Architect Pro (SAP-C02)

The architecturally correct answer was also the most expensive. The exam wanted the cost-optimized option that still meets requirements.

Savings Plans Cover the Floor; Lambda Covers the Spike

A fleet of EC2 workers provisioned for peak demand sits idle between jobs, burning Reserved Instance or Savings Plan spend on unused capacity. When the scenario describes workloads as 'spiky,' 'event-driven,' or 'idle between batch runs,' an always-on fleet with commitment pricing is more expensive than scale-to-zero alternatives. Lambda and Fargate handle irregular demand without paying for idle time. Savings Plans are correct for predictable baseline load; scale-to-zero is correct for variable peaks. Applying commitment pricing to the entire workload without separating baseline from variable demand produces an architecturally sound but economically incorrect answer.

17%of exam questions affected (33 of 200)

The Scenario

The question describes a video transcoding pipeline processing uploaded files — fault-tolerant, no user-facing latency requirements, files reprocessable on failure. You choose a Multi-AZ ECS cluster with On-Demand Fargate tasks and auto-scaling. The correct answer uses EC2 Spot Instances in an Auto Scaling group with a Spot Fleet diversified across instance types and AZs. Same throughput, 60-90% less cost. The workload is explicitly fault-tolerant (files can be reprocessed), which is the textbook Spot qualification. The exam said "most cost-effective" and you optimized for availability that the scenario never required.

How to Spot It

  • When the question says "cost-effective" or "minimize cost," check whether the workload is fault-tolerant. Batch processing, media transcoding, CI/CD builds, data analysis, and any workload with "reprocessable on failure" are Spot Instance candidates. Spot saves 60-90% over On-Demand.
  • Multi-AZ deployments, provisioned IOPS, and dedicated hosts all add cost. If the scenario does not mention an SLA, uptime requirement, or "highly available," these features are cost traps the exam uses to test whether you add unnecessary resilience.
  • S3 Intelligent-Tiering adds a $0.0025/1000 objects monitoring fee. For billions of small objects, that monitoring fee exceeds the storage savings. The exam tests whether you know when Intelligent-Tiering costs more than just picking the right tier manually.

Decision Rules

Whether to use native AWS Config auto-remediation actions backed by AWS-managed SSM Automation runbooks versus a custom EventBridge-to-Lambda remediation pipeline, when the binding constraint is eliminating new Lambda function ownership and minimizing ongoing operational overhead across a multi-account organization.

AWS ConfigAWS Systems ManagerAmazon EventBridge

Whether ECS on Fargate or an EKS variant better satisfies a scenario where the team lacks Kubernetes expertise and the dominant constraints are eliminating patching overhead and minimizing orchestration cost — ECS on Fargate wins because it carries no control-plane fee and zero node OS lifecycle obligations, while every EKS option incurs the $0.10/hr control-plane charge and/or Kubernetes operational complexity the scenario explicitly rules out.

Amazon Elastic Container Service (Amazon ECS)AWS FargateAmazon Elastic Kubernetes Service (Amazon EKS)

Determine whether the stated RPO/RTO pair (4 h / 2 h) requires the continuous-replication cost of Aurora Global Database or cross-Region read replicas, or whether automated cross-Region backup copies via AWS Backup combined with Aurora PITR fully satisfies both targets at backup-restore tier pricing.

AWS BackupAmazon AuroraAmazon S3

Whether to apply a uniform rehost strategy across all workloads for speed or to differentiate strategies per workload class—specifically replatforming the Oracle EE database to Aurora PostgreSQL to eliminate ongoing Oracle license costs while rehosting the stateless web tier—so that the explicit 30 percent TCO reduction target is actually achieved rather than preserved unchanged on AWS.

AWS Application Discovery ServiceAWS Migration HubAWS Schema Conversion Tool (AWS SCT)

Whether RPO < 1 hour and RTO < 4 hours mandates always-on cross-Region replication or is fully satisfied by multi-AZ Aurora with automated AWS Backup snapshots and Route 53 health-check failover.

Amazon AuroraAWS BackupAmazon Route 53

Warm standby (Aurora Global Database + AWS Elastic Disaster Recovery + Route 53 health checks) is the minimum sufficient DR tier for RTO < 15 minutes and RPO < 1 minute; multi-site active/active satisfies the same thresholds at materially higher continuous cost with no additional constraint benefit, making it an unjustified over-provision under an explicit cost constraint.

Amazon Route 53Amazon AuroraAWS Elastic Disaster Recovery

Whether to deploy AWS Network Firewall in a single centralized inspection VPC governed by Firewall Manager versus replicating independent Network Firewall instances per member account — the central hub model satisfies both the policy-drift and cost constraints; per-account replication satisfies inspection coverage but fails on multiplicative endpoint cost and relies on after-the-fact drift detection rather than proactive enforcement.

AWS Network FirewallAWS Firewall ManagerAWS WAF

Domain Coverage

Design Solutions for Organizational ComplexityDesign for New SolutionsContinuous Improvement for Existing SolutionsAccelerate Workload Migration and Modernization

Difficulty Breakdown

Hard: 23Medium: 10

Related Patterns

Migration Assessment And Workload Selection4% of examMulti-Az And Data Durability Design3% of examMulti-Region Failover Architecture3% of exam
Start training this trap →

See all SAP-C02 traps →