AWS Certified DevOps Engineer – Professional (DOP-C02) — Question 112

A company uses AWS CloudFormation stacks to deploy updates to its application. The stacks consist of different resources. The resources include AWS Auto Scaling groups, Amazon EC2 instances, Application Load Balancers (ALBs), and other resources that are necessary to launch and maintain independent stacks. Changes to application resources outside of CloudFormation stack updates are not allowed.

The company recently attempted to update the application stack by using the AWS CLI. The stack failed to update and produced the following error message: “ERROR: both the deployment and the CloudFormation stack rollback failed. The deployment failed because the following resource(s) failed to update: [AutoScalingGroup].”

The stack remains in a status of UPDATE_ROLLBACK_FAILED.

Which solution will resolve this issue?

Answer options

• A. Update the subnet mappings that are configured for the ALBs. Run the aws cloudformation update-stack-set AWS CLI command.
• B. Update the IAM role by providing the necessary permissions to update the stack. Run the aws cloudformation continue-update-rollback AWS CLI command.
• C. Submit a request for a quota increase for the number of EC2 instances for the account. Run the aws cloudformation cancel-update-stack AWS CLI command.
• D. Delete the Auto Scaling group resource. Run the aws cloudformation rollback-stack AWS CLI command.

Correct answer: B

Explanation

The correct answer is B because updating the IAM role to include the necessary permissions allows the stack to proceed with the rollback. The other options do not address the underlying permission issue that caused the update failure; modifying ALB subnet mappings or deleting the Auto Scaling group does not resolve the permissions limitation, and requesting a quota increase is unrelated to the specific resource update failure.