AWS Certified DevOps Engineer – Professional — Question 172

A company has developed a static website hosted on an Amazon S3 bucket. The website is deployed using AWS CloudFormation. The Cloud Formation template defines an S3 bucket and a custom resource that copies content into the bucket from a source location.

The company has decided that it needs to move the website to a new location, so the existing CloudFormation stack must be deleted and re-created. However, CloudFormation reports that the stack could not be deleted cleanly.

What is the MOST likely cause and how can the DevOps engineer mitigate this problem for this and future versions of the website?

Answer options

• A. Deletion has failed because the S3 bucket has an active website configuration. Modify the CloudFormation template to remove the WebsiteConfiguration property from the S3 bucket resource
• B. Deletion has failed because the S3 bucket is not empty. Modify the custom resource's AWS Lambda function code to recursively empty the bucket when RequestType is Delete.
• C. Deletion has failed because the custom resource does not define a deletion policy. Add a DeletionPolicy property to the custom resource definition with a value of RemoveOnDeletion.
• D. Deletion has failed because the S3 bucket is not empty. Modify the S3 bucket resource in the CloudFormation template to add a DeletionPolicy property with a value of Empty.

Correct answer: B

Explanation

The correct answer is B because CloudFormation cannot delete an S3 bucket that contains objects. By modifying the AWS Lambda function in the custom resource to empty the bucket upon deletion, the stack can be removed cleanly. Options A and C do not address the actual issue of the bucket's contents, and while option D suggests a deletion policy, it does not resolve the immediate problem of the bucket not being empty.