AWS Certified DevOps Engineer – Professional — Question 98

An IT team has built an AWS CloudFormation template so others in the company can quickly and reliably deploy and terminate an application. The template creates an Amazon EC2 instance with a user data script to install the application and an Amazon S3 bucket that the application uses to serve static webpages while it is running.

All resources should be removed when the CloudFormation stack is deleted. However, the team observes that CloudFormation reports an error during stack deletion, and the S3 bucket created by the stack is not deleted.

How can the team resolve the error in the MOST efficient manner to ensure that all resources are deleted without errors?

Answer options

• A. Add a DeletionPolicy attribute to the S3 bucket resource, with the value Delete forcing the bucket to be removed when the stack is deleted.
• B. Add a custom resource with an AWS Lambda function with the DependsOn attribute specifying the S3 bucket, and an IAM role. Write the Lambda function to delete all objects from the bucket when RequestType is Delete.
• C. Identify the resource that was not deleted. From the S3 console, empty the S3 bucket and then delete it.
• D. Replace the EC2 and S3 bucket resources with a single AWS OpsWorks Stacks resource. Define a custom recipe for the stack to create and delete the EC2 instance and the S3 bucket.

Correct answer: B

Explanation

The correct answer is B because using a custom AWS Lambda function allows for the automatic deletion of all objects within the S3 bucket during the stack deletion process, which resolves the issue of the bucket not being deleted. Option A, while useful, does not address the problem if the bucket contains objects that block deletion. Option C requires manual intervention, which is less efficient, and option D complicates the architecture without addressing the underlying issue.