AWS Certified DevOps Engineer – Professional (DOP-C02) — Question 8

An IT team has built an AWS CloudFormation template so others in the company can quickly and reliably deploy and terminate an application. The template creates an Amazon EC2 instance with a user data script to install the application and an Amazon S3 bucket that the application uses to serve static webpages while it is running.
All resources should be removed when the CloudFormation stack is deleted. However, the team observes that CloudFormation reports an error during stack deletion, and the S3 bucket created by the stack is not deleted.
How can the team resolve the error in the MOST efficient manner to ensure that all resources are deleted without errors?

Answer options

• A. Add a DelelionPolicy attribute to the S3 bucket resource, with the value Delete forcing the bucket to be removed when the stack is deleted.
• B. Add a custom resource with an AWS Lambda function with the DependsOn attribute specifying the S3 bucket, and an IAM role. Write the Lambda function to delete all objects from the bucket when RequestType is Delete.
• C. Identify the resource that was not deleted. Manually empty the S3 bucket and then delete it.
• D. Replace the EC2 and S3 bucket resources with a single AWS OpsWorks Stacks resource. Define a custom recipe for the stack to create and delete the EC2 instance and the S3 bucket.

Correct answer: B

Explanation

The correct answer is B because it directly addresses the issue by ensuring the S3 bucket is emptied before deletion through a Lambda function. Option A is incorrect as simply adding a DeletionPolicy won't resolve existing issues with the bucket's contents. Option C involves manual intervention which is less efficient, and Option D complicates the architecture without addressing the specific deletion error.