Task Statement 2.1: Design scalable and loosely coupled architectures.
📘AWS Certified Solutions Architect – (SAA-C03)
Before learning the services, you must clearly understand two key terms for the exam:
1️⃣ Scalability
Scalability means a system can handle:
- More users
- More data
- More requests
without crashing or slowing down.
There are two types:
- Vertical scaling – Add more CPU/RAM to one server.
- Horizontal scaling – Add more servers.
In AWS, most managed services are built for automatic horizontal scaling.
2️⃣ Loosely Coupled Architecture
Loosely coupled means:
- Different parts of the system do NOT depend tightly on each other.
- If one component fails, others continue working.
- Components communicate through messages or APIs instead of direct dependency.
This improves:
- Fault tolerance
- Scalability
- Maintainability
The exam frequently tests how to decouple applications using managed services.
2. Why AWS Managed Services Are Important for the Exam
A managed service means:
- AWS handles infrastructure.
- AWS manages scaling.
- AWS manages high availability.
- AWS handles patching and maintenance.
For the SAA-C03 exam:
If the question mentions scalability, high availability, low operational overhead, or serverless design — choose managed services.
3. AWS Transfer Family
What is AWS Transfer Family?
AWS Transfer Family is a fully managed service that enables secure file transfer directly into AWS storage services such as:
- Amazon S3
- Amazon EFS
It supports:
- SFTP
- FTPS
- FTP
Why It Exists
Many organizations still use:
- SFTP clients
- FTP-based systems
- Legacy file transfer systems
Instead of building and managing your own SFTP servers on EC2, AWS Transfer Family:
- Automatically scales
- Is highly available
- Integrates with IAM
- Stores files directly in S3 or EFS
How It Helps in Scalable Architecture
Without Transfer Family:
- You would deploy EC2 servers.
- You must manage scaling.
- You must manage patches.
- You must configure high availability.
With Transfer Family:
- No servers to manage.
- Automatic scaling.
- Built-in availability.
This makes it loosely coupled because:
- File transfer layer is separate.
- Storage layer (S3/EFS) is separate.
- Processing layer (Lambda/EC2) is separate.
Each layer can scale independently.
Exam Use Cases
You should choose AWS Transfer Family when:
- An organization needs secure SFTP access.
- External partners upload files.
- You want to store uploaded files directly in S3.
- You want minimal operational management.
- You need integration with IAM or Active Directory.
4. Amazon SQS (Simple Queue Service)
What is Amazon SQS?
Amazon Simple Queue Service is a fully managed message queue service.
It allows different parts of an application to communicate using messages.
Why Queues Are Important for Loosely Coupled Systems
Without a queue:
- Application A directly calls Application B.
- If B fails → A fails.
- If B is slow → A becomes slow.
With SQS:
- Application A sends a message to a queue.
- Application B reads from the queue.
- If B fails, messages stay in the queue.
- A continues working.
This removes tight dependency.
Key SQS Concepts for the Exam
1️⃣ Standard Queue
- Nearly unlimited throughput.
- At-least-once delivery.
- Messages may be delivered more than once.
- Best for high-scale systems.
2️⃣ FIFO Queue
- First-In-First-Out order guaranteed.
- Exactly-once processing.
- Lower throughput than Standard.
- Used when order matters.
Exam Tip:
If the question mentions order must be preserved, choose FIFO.
Important SQS Features
- Dead Letter Queue (DLQ)
Stores failed messages for debugging. - Visibility Timeout
Prevents multiple consumers from processing the same message at the same time. - Long Polling
Reduces empty responses and cost.
How SQS Improves Scalability
- Producers and consumers scale independently.
- EC2 instances can increase or decrease automatically.
- Lambda functions can scale automatically when reading from SQS.
- If traffic increases, messages accumulate in queue.
- Consumers scale based on queue depth.
This is a key SAA-C03 concept.
Exam Use Cases for SQS
Choose SQS when:
- You need to decouple microservices.
- You need buffering during traffic spikes.
- One system processes data slower than another.
- You want fault tolerance between components.
- You need asynchronous communication.
5. AWS Secrets Manager
What is AWS Secrets Manager?
AWS Secrets Manager is a managed service that securely stores and rotates secrets.
Secrets include:
- Database passwords
- API keys
- Access tokens
- Encryption keys
Why Secrets Manager Is Important
Hardcoding secrets inside:
- Application code
- Configuration files
- EC2 instances
is a security risk.
Secrets Manager provides:
- Encrypted storage (using KMS)
- Automatic rotation
- Fine-grained access control via IAM
- Audit logging with CloudTrail
How It Supports Loosely Coupled Architecture
Without Secrets Manager:
- Each application stores credentials locally.
- Changing passwords requires redeploying applications.
With Secrets Manager:
- Applications retrieve secrets dynamically.
- Secret updates do not require code changes.
- Multiple services can securely share credentials.
This removes tight dependency on hardcoded values.
Key Exam Features
1️⃣ Automatic Rotation
- Automatically changes database passwords.
- Reduces manual security risks.
2️⃣ IAM Integration
- Control which services can access which secrets.
3️⃣ Encryption
- Uses AWS KMS for encryption at rest.
When to Choose Secrets Manager in Exam Questions
Choose it when:
- You need automatic credential rotation.
- You must securely store API keys.
- You want centralized secret management.
- You need auditability.
- Applications should not store passwords in code.
6. Comparing the Services for the Exam
| Service | Purpose | Helps With | Common Exam Scenario |
|---|---|---|---|
| AWS Transfer Family | Secure file transfer | Managed SFTP/FTP | External file uploads to S3 |
| Amazon SQS | Message queue | Decoupling services | Asynchronous processing |
| AWS Secrets Manager | Secure secret storage | Security & rotation | Storing DB passwords |
7. Architecture Pattern for the Exam
You may see a scenario like this:
- External system uploads file → Transfer Family
- File stored in S3
- S3 triggers Lambda
- Lambda sends message to SQS
- EC2 processes messages
- EC2 retrieves DB password from Secrets Manager
This design is:
- Scalable
- Loosely coupled
- Secure
- Managed
8. Key Exam Keywords to Watch
If you see these phrases, think of the correct service:
| Keyword in Question | Likely Service |
|---|---|
| Decouple components | SQS |
| Asynchronous processing | SQS |
| Order must be preserved | SQS FIFO |
| Secure SFTP access | Transfer Family |
| Minimal operational overhead | Managed services |
| Store API keys securely | Secrets Manager |
| Automatic credential rotation | Secrets Manager |
9. Common Exam Traps
❌ Storing secrets in EC2 environment variables manually
✔ Use Secrets Manager
❌ Building custom SFTP server on EC2
✔ Use AWS Transfer Family
❌ Direct service-to-service communication for heavy workloads
✔ Use SQS to decouple
10. Final Exam Strategy
For SAA-C03:
When designing scalable and loosely coupled architectures:
- Prefer managed services.
- Remove direct dependencies.
- Use queues for decoupling.
- Use managed file transfer for legacy integration.
- Use managed secret storage instead of hardcoding credentials.
- Ensure services scale independently.
Final Summary
To pass this section of the exam, remember:
- Scalable = can handle growth automatically
- Loosely coupled = components do not depend tightly on each other
- AWS Transfer Family = managed secure file transfer
- Amazon SQS = decouple systems using message queues
- AWS Secrets Manager = secure and rotate credentials
If a question asks for:
- Reduced operational overhead → choose managed services.
- High availability → choose AWS-managed services.
- Secure credential storage → choose Secrets Manager.
- Asynchronous communication → choose SQS.
- Secure file transfer to S3 → choose Transfer Family.
