Domain 1 · 26% of Exam

Design Solutions for Organizational Complexity

Domain 1 validates enterprise-scale architecture across multiple accounts, networks, governance boundaries, security controls, reliability, and cost visibility.

What You'll Be Tested On

  • Designing multi-account environments with AWS Organizations, Control Tower, SCPs, and delegated administration
  • Architecting hybrid and multi-VPC network connectivity with Transit Gateway, Direct Connect, VPN, Route 53 Resolver, and VPC endpoints
  • Prescribing security controls across accounts, identities, networks, encryption, logging, and audit evidence
  • Designing resilient architectures that reduce blast radius and meet enterprise availability requirements
  • Determining cost allocation, visibility, and governance strategies for complex organizations

Key AWS Services in This Domain

ORGOrganizationsCTControl TowerIAMIAMIDCIAM Identity CenterNETNetworkingTGWTransit GatewayDXDirect ConnectSECSecurity & ComplianceCOSTCost Optimization

Exam Tips for Domain 1

💡

For large organizations, think in account boundaries, OU structure, centralized controls, and delegated ownership.

💡

Transit Gateway is the usual answer for scalable hub-and-spoke VPC and hybrid connectivity.

💡

SCPs set permission guardrails; they do not grant permissions by themselves.

💡

Cost visibility often requires tagging, cost allocation reports, consolidated billing, and account-level separation.

Practice Domain 1 Questions

Test your knowledge of Design Solutions for Organizational Complexity with practice questions from our SAP-C02 question bank.

Start Practice Quiz →

Other SAP-C02 Domains

Domain 2Design for New Solutions29%Domain 3Continuous Improvement for Existing Solutions25%Domain 4Accelerate Workload Migration and Modernization20%
← SAP-C02 Study HubFree Mock Exam30-Day Study Plan