🔔 Amazon EventBridge - SOA-C03 Practice Questions

Use EventBridge rules, schedules, event patterns, and integrations to automate operational responses and connect AWS services.

21Questions Available
2Exam Domains

Practice EventBridge Questions Now

Start a timed practice session focusing on Amazon EventBridge topics from the SOA-C03 question bank.

Start SOA-C03 Practice Quiz →

SOA-C03 EventBridge Question Bank (21 Questions)

Browse all 21 practice questions covering Amazon EventBridge for the SOA-C03 certification exam. Answers are intentionally hidden on this page so you can self-test first before checking results in quiz mode.

  1. Question 1Monitoring, Logging & Remediation

    A company discovers that their EventBridge rules are failing to invoke a target Lambda function. The events are being published to a custom event bus, but the Lambda function is not being triggered. The Lambda function's resource-based policy only allows invocations from the default event bus. What is the root cause?

    ACustom event buses cannot invoke Lambda functions; only the default event bus supports Lambda targets.
    BThe Lambda function's resource-based policy must explicitly grant permission to the custom event bus to invoke it.
    CEventBridge custom event buses require a dead-letter queue to be configured before targets can be invoked.
    DThe events must include a `DetailType` field matching the Lambda function name.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  2. Question 2Monitoring, Logging & Remediation

    A SysOps administrator has configured an EventBridge archive that stores events matching a specific pattern from the last 30 days. During an incident review, the team needs to replay events from a specific 2-hour window three days ago to a different target event bus used for testing. Which statement about EventBridge replay is correct?

    AReplays can only target the same event bus from which the events were originally archived
    BReplays deliver events to the destination event bus using the original event time, and all rules on the destination bus will evaluate the replayed events
    CReplayed events are delivered with updated timestamps matching the replay execution time, not the original event time
    DA replay can only process the entire archive; there is no way to specify a time-based subset of events

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  3. Question 3Monitoring, Logging & Remediation

    A company uses Amazon EventBridge to route events from multiple AWS services to various targets. A SysOps administrator notices that some events from AWS Health are not reaching the intended Lambda function target. The administrator confirms the EventBridge rule pattern is correct. What should the administrator check next?

    AVerify that the Lambda function's resource-based policy allows `events.amazonaws.com` to invoke it.
    BVerify that the EventBridge rule is in the same Region where the AWS Health events are generated.
    CVerify that the Lambda function's execution role has permissions to read from EventBridge.
    DVerify that CloudTrail is enabled in the Region to capture EventBridge events.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  4. Question 4Monitoring, Logging & Remediation

    A company uses Amazon EventBridge to route application events to various targets. During a recent deployment, a rule was misconfigured and critical events were lost. The operations team needs the ability to replay those events for reprocessing. What should the administrator have configured BEFORE the incident?

    AEnable EventBridge Schema Registry to capture all event schemas
    BCreate an EventBridge archive on the event bus with an event pattern matching critical events
    CConfigure a dead-letter queue on the EventBridge rule target
    DEnable CloudTrail data events for EventBridge to log all published events

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  5. Question 5Monitoring, Logging & Remediation

    An administrator creates an EventBridge rule to capture EC2 instance state-change notifications and trigger a Lambda function when any instance enters the "stopped" state. The rule is not triggering. The event pattern is shown below: ```json { "source": ["aws.ec2"], "detail-type": ["EC2 Instance State-change Notification"], "detail": { "state": ["Stopped"] } } ``` What is the cause of the issue?

    AThe event pattern is missing the `region` field
    BThe `state` value should be lowercase `stopped` because EventBridge event fields are case-sensitive
    CThe `detail-type` should be `EC2 Instance State Change`
    DEventBridge cannot directly capture EC2 state change events; CloudTrail must be enabled first

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  6. Question 6Monitoring, Logging & Remediation

    An EventBridge rule must trigger only when an S3 bucket's ACL is changed to grant public access. The event pattern must match the PutBucketAcl API call and the specific request parameter. Which event pattern field structure should the administrator use?

    AMatch `source: aws.s3`, `detail-type: AWS API Call via CloudTrail`, `detail.eventName: PutBucketAcl`, and use a content filter on `detail.requestParameters.x-amz-acl` with a prefix match of `public`
    BMatch `source: aws.s3`, `detail-type: Object ACL Changed`, and filter `detail.publicAccess: true`
    CMatch `source: aws.s3`, `detail-type: Bucket ACL Update`, `detail.accessLevel: public`
    DMatch `source: aws.config`, `detail-type: Config Rules Compliance Change`, and filter for the `s3-bucket-public-read-prohibited` rule

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  7. Question 7Monitoring, Logging & Remediation

    An administrator sets up an EventBridge rule with the following event pattern to capture IAM policy changes: ```json { "source": ["aws.iam"], "detail-type": ["AWS API Call via CloudTrail"], "detail": { "eventName": [{ "prefix": "Put" }, { "prefix": "Delete" }, { "prefix": "Attach" }, { "prefix": "Detach" }] } } ``` The rule is triggering for events such as `PutObject` from S3. What is the problem?

    AThe prefix matching on `eventName` matches across all AWS services, not just IAM; the administrator should add a filter on `detail.eventSource` equal to `iam.amazonaws.com`
    BThe `source` field for IAM events should be `aws.cloudtrail` instead of `aws.iam`
    CEventBridge does not support prefix matching on the `eventName` field
    DThe rule should use `detail.userIdentity.type` to scope events to IAM operations

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  8. Question 8Monitoring, Logging, and Remediation

    A SysOps administrator uses Amazon EventBridge to automate responses to CloudWatch alarms. An alarm triggers but the EventBridge target (Lambda) is not invoked. What should they check?

    AThe Lambda function's VPC configuration
    BThe EventBridge rule's event pattern matches the CloudWatch alarm state change event, and the Lambda resource policy allows EventBridge to invoke it
    CCloudTrail data events for Lambda
    DThe CloudWatch alarm's SNS subscription

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  9. Question 9Monitoring, Logging & Remediation

    An operations team needs CloudTrail to detect when an IAM user creates access keys for another user, specifically when `CreateAccessKey` is called by one principal for a different user. The event should trigger an EventBridge rule. How should the administrator distinguish this from a user creating keys for themselves?

    AEnable CloudTrail Insights and filter for unusual `CreateAccessKey` activity patterns.
    BCreate an EventBridge rule that matches CloudTrail events where `eventName` is `CreateAccessKey` and uses an input transformer to compare the `userIdentity.arn` with the `requestParameters.userName`.
    CUse a CloudWatch Logs metric filter on the CloudTrail log group that extracts both the caller identity and target username, then alarm when they differ.
    DConfigure an AWS Config custom rule that evaluates IAM key creation events.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  10. Question 10Monitoring, Logging & Remediation

    A SysOps administrator is configuring Amazon EventBridge to trigger a Lambda function whenever an IAM policy is changed. The rule has been created but the Lambda function is not being invoked. Which of the following is the MOST LIKELY cause?

    AThe EventBridge rule's event pattern does not match the IAM API calls
    BCloudTrail is not enabled in the region where the EventBridge rule was created
    CThe Lambda function does not have a resource-based policy allowing EventBridge to invoke it
    DThe IAM role attached to EventBridge does not have permission to invoke Lambda

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  11. Question 11Deployment, Provisioning & Automation

    A company uses EC2 Image Builder with a pipeline triggered on a weekly schedule. The pipeline builds an AMI and distributes it to three target Regions. Last week, the AMI was built successfully but distribution to one Region failed. What is the MOST likely cause?

    AThe Image Builder service-linked role does not have `ec2:CopyImage` permissions in the target Region
    BThe target Region has an opt-in status that is not enabled for the account, or the distribution configuration's target account does not have the necessary permissions
    CEC2 Image Builder does not support cross-Region distribution; a separate pipeline is needed per Region
    DThe weekly schedule caused a timeout before distribution could complete

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  12. Question 12Monitoring, Logging & Remediation

    A company has configured AWS Health Dashboard notifications. The operations team wants to automatically create Jira tickets when AWS posts a scheduled maintenance event affecting their EC2 instances. Which approach should the administrator implement?

    ASubscribe to the AWS Health RSS feed and use a polling script to detect new events
    BCreate an EventBridge rule matching AWS Health events for EC2 scheduled maintenance and target a Lambda function that creates Jira tickets via API
    CConfigure SNS topic subscriptions with email notifications and have the team manually create tickets
    DUse CloudWatch alarms on the `StatusCheckFailed_System` metric to trigger a Lambda function

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  13. Question 13Monitoring, Logging & Remediation

    A development team wants to decouple their microservices so that a change notification from the Order Service is received only by the Inventory Service and Shipping Service, while a different notification from the Payment Service is received only by the Accounting Service. All services are in the same AWS account. Which EventBridge configuration provides this routing with the LEAST operational overhead?

    ACreate a single default event bus with separate rules that match event source patterns and route to the appropriate Lambda targets.
    BCreate a custom event bus per microservice (Order, Payment) and configure rules on each bus to route events to the correct consumer targets.
    CUse a single SNS topic with subscription filter policies per consuming service.
    DCreate one SQS queue per consuming service and have each producing service publish messages directly to the correct queues.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  14. Question 14Select All That ApplyMonitoring, Logging & Remediation

    An on-call engineer receives an AWS Health notification that a hardware degradation event is scheduled for one of their EC2 instances in 14 days. They need to determine the recommended remediation action and whether any other instances in the account are also affected. Which steps should the engineer take? (Select TWO.)

    ACheck the AWS Personal Health Dashboard (AWS Health Dashboard — Your account) to see the affected resources and AWS-recommended actions for the specific event.
    BCheck the AWS Service Health Dashboard to see if there is a region-wide outage affecting the instance's Availability Zone.
    CUse the AWS Health API or EventBridge integration to programmatically list all resources affected by the same event ID.
    DRun an Amazon Inspector assessment on the instance to check for hardware-related vulnerabilities.
    ECheck AWS Trusted Advisor for the "Amazon EC2 Scheduled Maintenance" check.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  15. Question 15Monitoring, Logging & Remediation

    A SysOps Administrator wants to use Amazon EventBridge to route EC2 instance state-change events to a Lambda function but needs to transform the event payload before delivery. The Lambda function expects a simplified JSON structure containing only the instance ID, state, and timestamp. Which EventBridge feature should the administrator use?

    AConfigure an EventBridge rule with an input transformer that defines an input path to extract the fields and an input template to format the output.
    BConfigure the EventBridge rule to route to an SQS queue, then have a second Lambda function read from the queue and transform the payload.
    CAdd a Lambda layer to the target function that strips unwanted fields from the event before the handler processes it.
    DUse EventBridge Schema Registry to define the simplified schema and enable automatic payload conversion.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  16. Question 16Monitoring, Logging & Remediation

    A company uses a third-party SaaS monitoring tool that natively integrates with Amazon EventBridge as a partner event source. The SysOps Administrator wants to receive events from this SaaS tool and route critical alerts to an SNS topic while archiving all events to an S3 bucket. Which steps should the administrator take?

    ACreate a custom event bus, manually configure the SaaS tool to send webhook events to an API Gateway that puts events on the custom bus, and add rules for SNS and S3.
    BAccept the partner event source in the EventBridge console to create the associated partner event bus. Create one rule on the partner event bus that routes critical alerts to SNS and a second rule that sends all events to a Kinesis Data Firehose delivery stream for S3 archival.
    CConfigure the SaaS tool to publish directly to an SNS topic, then subscribe a Lambda function to archive events in S3.
    DCreate a partner event bus and add a single rule with two targets — one for SNS and one for S3 — using the same event pattern that matches all events.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  17. Question 17Reliability & Business Continuity

    A SysOps Administrator manages an Auto Scaling group (ASG) with a target tracking scaling policy that targets 60% average CPU utilization. After a scale-out event adds instances, the ASG immediately scales in before the new instances have finished warming up, causing a flapping pattern. Which configuration should the administrator adjust?

    AIncrease the health check grace period on the ASG.
    BIncrease the default cooldown period or configure a scale-in specific cooldown that is longer than the instance warm-up time.
    CDisable the scale-in policy entirely and only use scheduled scaling.
    DReduce the target CPU utilization from 60% to 40%.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  18. Question 18Deployment, Provisioning & Automation

    A SysOps Administrator needs to deploy the same CloudFormation stack across 15 accounts in an AWS Organization. The stack provisions a Config rule and an S3 bucket. The administrator wants a single deployment action that targets all accounts without logging into each one. Which approach should be used?

    ACloudFormation StackSets with service-managed permissions, deploying to the organization root or specific OUs.
    BA CodePipeline that runs 15 parallel `aws cloudformation deploy` commands, one per account.
    CShare the template via Service Catalog and require each account to launch the product manually.
    DCreate an SSM Automation document that assumes a role in each account and creates the stack.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  19. Question 19Select All That ApplySecurity & Compliance

    A SysOps administrator discovers that a KMS customer-managed key used for encrypting sensitive data was scheduled for deletion with the minimum 7-day waiting period. The team needs to implement preventive measures to avoid this in the future. (Select TWO.)

    ACreate a CloudWatch alarm on the KMS `KeyDeletion` CloudTrail event and configure an EventBridge rule to trigger a Lambda function that cancels the key deletion
    BApply an SCP that denies `kms:ScheduleKeyDeletion` for all principals except a specific break-glass role
    CEnable KMS key auto-recovery, which automatically cancels scheduled deletions after 48 hours
    DSet the minimum deletion waiting period to 30 days using a KMS key policy condition
    EUse AWS Config rule `kms-key-deletion-disabled` to prevent key deletion scheduling

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  20. Question 20Monitoring, Logging & Remediation

    A company recently adopted EventBridge for event-driven workflows. During a recent deployment, a critical event was published but the downstream Lambda consumer had a bug that discarded the event. The team wants the ability to replay this specific event to reprocess it. What should the administrator configure BEFORE such incidents occur?

    AEnable EventBridge dead-letter queues on all rules to capture failed event deliveries
    BCreate an EventBridge archive on the event bus with an event pattern matching the critical events, then use the replay feature to reprocess events from the archive
    CConfigure the Lambda function's asynchronous invocation settings with a maximum retry count and an on-failure destination
    DEnable CloudTrail data events for EventBridge to log all published events, then manually reconstruct and republish lost events

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  21. Question 21Deployment, Provisioning, and Automation

    A SysOps administrator uses Elastic Beanstalk and wants to customize the number of instances in the environment based on scheduled events. Which feature enables scheduled scaling?

    AElastic Beanstalk scaling triggers (CPU-based)
    BElastic Beanstalk scheduled actions for Auto Scaling
    CCloudWatch Events → Lambda → Elastic Beanstalk API
    DElastic Beanstalk does not support scheduled scaling

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz

Key EventBridge Concepts for SOA-C03

eventbridgeevent busevent patternruleschedulecrontargetevent

SOA-C03 EventBridge Exam Tips

Amazon EventBridge questions in SOA-C03 are typically scenario-based. Focus on operations, observability, incident response, and automated remediation. Priority concepts: eventbridge, event bus, event pattern, rule, schedule, cron.

What SOA-C03 Expects

  • Anchor your answer in prioritize operational visibility and repeatable runbook-ready automation.
  • EventBridge scenarios for SOA-C03 are frequently mapped to Domain 1 (22%), Domain 3 (22%), so read the objective carefully before picking controls or architecture.
  • Expect multi-topic scenarios where EventBridge interacts with IAM, networking, storage, or observability patterns rather than appearing as an isolated question.
  • When two options are both technically valid, prefer the choice that best aligns with the exam's operational scope (Associate) and vendor best practices.

High-Value EventBridge Concepts

  • Know the core EventBridge building blocks cold: eventbridge, event bus, event pattern, rule.
  • Review the edge-case features and limits for schedule, cron; these details are commonly used to differentiate answer choices.
  • Practice service-integration reasoning: how EventBridge pairs with CloudWatch, Systems Manager, Lambda, SNS in real deployment patterns.
  • For SOA-C03, explain why the chosen EventBridge design meets reliability, security, and cost expectations better than the alternatives.

Common SOA-C03 Traps

  • Watch for answers that deploy quickly but are hard to monitor or recover.
  • Questions in Monitoring, Logging, Analysis, Remediation, and Performance Optimization often include distractors that look correct for EventBridge but violate least-privilege, durability, or availability requirements.
  • Avoid picking options purely by feature name; validate data path, failure handling, and governance impact before answering.
  • If the prompt hints at automation or repeatability, eliminate manual-only operational answers first.

Fast Review Checklist

  • Can you compare at least two EventBridge implementation paths and justify which one best fits the scenario?
  • Can you map the chosen answer back to Monitoring, Logging, Analysis, Remediation, and Performance Optimization (22%) outcomes for SOA-C03?
  • Can you explain security and access boundaries for EventBridge without relying on default-open assumptions?
  • Can you describe how EventBridge integrates with CloudWatch and Systems Manager during failure, scaling, and monitoring events?

Exam Domains Covering EventBridge

Domain 1Monitoring, Logging, Analysis, Remediation, and Performance Optimization22%Domain 3Deployment, Provisioning, and Automation22%

Related Resources

🎯 Free SOA-C03 Mock Exam CloudWatch Questions Systems Manager Questions Lambda Questions SNS Questions

More SOA-C03 Study Resources

← SOA-C03 Study Hub30-Day Study PlanFull Practice Exam