AWS Certified SysOps Administrator – Associate — Question 16

A SysOps administrator has used AWS CloudFormation to deploy a serverless application into a production VPC. The application consists of an AWS Lambda function, an Amazon DynamoDB table, and an Amazon API Gateway API. The SysOps administrator must delete the AWS CloudFormation stack without deleting the DynamoDB table.
Which action should the SysOps administrator take before deleting the AWS CloudFormation stack?

Answer options

• A. Add a Retain deletion policy to the DynamoDB resource in the AWS CloudFormation stack.
• B. Add a Snapshot deletion policy to the DynamoDB resource in the AWS CloudFormation stack.
• C. Enable termination protection on the AWS CloudFormation stack.
• D. Update the application's IAM policy with a Deny statement for the dynamodb:DeleteTable action.

Correct answer: A

Explanation

The correct answer is A because applying a Retain deletion policy to the DynamoDB resource ensures that it is not deleted when the CloudFormation stack is removed. Options B and C do not prevent the deletion of the table, while option D merely restricts the deletion action without addressing the stack deletion process.