Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam DOP-C02 Topic 4 Question 30 Discussion

Actual exam question for Amazon's DOP-C02 exam
Question #: 30
Topic #: 4
[All DOP-C02 Questions]

An IT team has built an AWS CloudFormation template so others in the company can quickly and reliably deploy and terminate an application. The template creates an Amazon EC2 instance with a user data script to install the application and an Amazon S3 bucket that the application uses to serve static webpages while it is running.

All resources should be removed when the CloudFormation stack is deleted. However, the team observes that CloudFormation reports an error during stack deletion, and the S3 bucket created by the stack is not deleted.

How can the team resolve the error in the MOST efficient manner to ensure that all resources are deleted without errors?

Show Suggested Answer Hide Answer
Suggested Answer: B, E

You need to understand how SCP inheritance works in AWS. The way it works for Deny policies is different that allow policies.

Allow polices are passing down to children ONLY if they don't have an allow policy.

Deny policies always pass down to children.

That's why there is always an SCP set to the Root to allow everything by default. If you limit this policy, the whole organization will be limited, not matter what other policies are saying for the other OUs. So it's not A. It's not D because it restricts the wrong OU.


by Charlene at Jul 17, 2024, 02:02 PM

Limited Time Offer

25%

Off

Get Premium DOP-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Darrel
19 days ago
Hold up, did someone say 'Delete forcing'? That's my kind of party trick! Just make sure the bucket's not hosting your company's crown jewels, eh?
upvoted 0 times
...
Tracie
20 days ago
OpsWorks Stacks? Isn't that a bit overkill for this simple use case? I'd stick with the CloudFormation template and the DeletionPolicy.
upvoted 0 times
...
Shaun
21 days ago
Manually cleaning up the bucket? That's so 2010. Let's embrace the power of CloudFormation and automate this cleanup process!
upvoted 0 times
...
Keshia
25 days ago
A custom Lambda function to delete the objects in the bucket is a good idea, but it adds unnecessary complexity. The DeletionPolicy seems like the way to go here.
upvoted 0 times
Ahmed
2 days ago
A) Add a DeletionPolicy attribute to the S3 bucket resource, with the value Delete forcing the bucket to be removed when the stack is deleted.
upvoted 0 times
...
Nidia
2 days ago
A) Add a DeletionPolicy attribute to the S3 bucket resource, with the value Delete forcing the bucket to be removed when the stack is deleted.
upvoted 0 times
...
...
Derrick
1 months ago
The DeletionPolicy attribute sounds like the most efficient solution to ensure the S3 bucket is deleted along with the stack. Elegantly handles the issue without additional custom code.
upvoted 0 times
Tyra
19 days ago
C) I agree, it's important to address these issues efficiently to avoid any lingering resources.
upvoted 0 times
...
Timothy
22 days ago
A) Yes, it's a simple and effective way to handle the deletion of resources.
upvoted 0 times
...
Colette
30 days ago
B) That sounds like a good solution to ensure everything gets deleted properly.
upvoted 0 times
...
Sarina
1 months ago
A) Add a DeletionPolicy attribute to the S3 bucket resource, with the value Delete forcing the bucket to be removed when the stack is deleted.
upvoted 0 times
...
...
Adell
2 months ago
That's a good point too. We should consider the pros and cons of each option before making a decision.
upvoted 0 times
...
Hui
2 months ago
I disagree, I believe option A is the way to go. Adding a DeletionPolicy attribute to the S3 bucket resource will ensure it is removed when the stack is deleted.
upvoted 0 times
...
Adell
2 months ago
I think option B is the best solution. Adding a custom resource with an AWS Lambda function to delete all objects from the S3 bucket when the stack is deleted seems efficient.
upvoted 0 times
...

Save Cancel