Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Amazon Exam DOP-C02 Topic 4 Question 30 Discussion

Actual exam question for Amazon's DOP-C02 exam
Question #: 30
Topic #: 4
[All DOP-C02 Questions]

An IT team has built an AWS CloudFormation template so others in the company can quickly and reliably deploy and terminate an application. The template creates an Amazon EC2 instance with a user data script to install the application and an Amazon S3 bucket that the application uses to serve static webpages while it is running.

All resources should be removed when the CloudFormation stack is deleted. However, the team observes that CloudFormation reports an error during stack deletion, and the S3 bucket created by the stack is not deleted.

How can the team resolve the error in the MOST efficient manner to ensure that all resources are deleted without errors?

Show Suggested Answer Hide Answer
Suggested Answer: B, E

You need to understand how SCP inheritance works in AWS. The way it works for Deny policies is different that allow policies.

Allow polices are passing down to children ONLY if they don't have an allow policy.

Deny policies always pass down to children.

That's why there is always an SCP set to the Root to allow everything by default. If you limit this policy, the whole organization will be limited, not matter what other policies are saying for the other OUs. So it's not A. It's not D because it restricts the wrong OU.


by Charlene at Jul 17, 2024, 02:02 PM

Limited Time Offer

25%

Off

Get Premium DOP-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Darrel
1 months ago
Hold up, did someone say 'Delete forcing'? That's my kind of party trick! Just make sure the bucket's not hosting your company's crown jewels, eh?
upvoted 0 times
...
Tracie
1 months ago
OpsWorks Stacks? Isn't that a bit overkill for this simple use case? I'd stick with the CloudFormation template and the DeletionPolicy.
upvoted 0 times
...
Shaun
1 months ago
Manually cleaning up the bucket? That's so 2010. Let's embrace the power of CloudFormation and automate this cleanup process!
upvoted 0 times
...
Keshia
1 months ago
A custom Lambda function to delete the objects in the bucket is a good idea, but it adds unnecessary complexity. The DeletionPolicy seems like the way to go here.
upvoted 0 times
Tuyet
13 days ago
C) Identify the resource that was not deleted. Manually empty the S3 bucket and then delete it.
upvoted 0 times
...
Quentin
14 days ago
B) Add a custom resource with an AWS Lambda function with the DependsOn attribute specifying the S3 bucket, and an IAM role. Write the Lambda function to delete all objects from the bucket when RequestType is Delete.
upvoted 0 times
...
Ahmed
17 days ago
A) Add a DeletionPolicy attribute to the S3 bucket resource, with the value Delete forcing the bucket to be removed when the stack is deleted.
upvoted 0 times
...
Nidia
17 days ago
A) Add a DeletionPolicy attribute to the S3 bucket resource, with the value Delete forcing the bucket to be removed when the stack is deleted.
upvoted 0 times
...
...
Derrick
2 months ago
The DeletionPolicy attribute sounds like the most efficient solution to ensure the S3 bucket is deleted along with the stack. Elegantly handles the issue without additional custom code.
upvoted 0 times
Tyra
1 months ago
C) I agree, it's important to address these issues efficiently to avoid any lingering resources.
upvoted 0 times
...
Timothy
1 months ago
A) Yes, it's a simple and effective way to handle the deletion of resources.
upvoted 0 times
...
Colette
1 months ago
B) That sounds like a good solution to ensure everything gets deleted properly.
upvoted 0 times
...
Sarina
2 months ago
A) Add a DeletionPolicy attribute to the S3 bucket resource, with the value Delete forcing the bucket to be removed when the stack is deleted.
upvoted 0 times
...
...
Adell
2 months ago
That's a good point too. We should consider the pros and cons of each option before making a decision.
upvoted 0 times
...
Hui
2 months ago
I disagree, I believe option A is the way to go. Adding a DeletionPolicy attribute to the S3 bucket resource will ensure it is removed when the stack is deleted.
upvoted 0 times
...
Adell
2 months ago
I think option B is the best solution. Adding a custom resource with an AWS Lambda function to delete all objects from the S3 bucket when the stack is deleted seems efficient.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77