AWS Certified Solutions Architect – Professional SAP-C01 – Question512

A company is using AWS CloudFormation to deploy its infrastructure. The company is concerned that, if a production CloudFormation stack is deleted, important data stored in Amazon RDS databases or Amazon EBS volumes might also be deleted.
How can the company prevent users from accidentally deleting data in this way?

A.
Modify the CloudFormation templates to add a DeletionPolicyattribute to RDS and EBS resources.
B. Configure a stack policy that disallows the deletion of RDS and EBS resources.
C. Modify IAM policies to deny deleting RDS and EBS resources that are tagged with an “aws:cloudformation:stack-name” tag.
D. Use AWS Config rules to prevent deleting RDS and EBS resources.

Correct Answer: A

Explanation:

Explanation: With the DeletionPolicyattribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicyattribute for each resource that you want to control. If a resource has no DeletionPolicyattribute, AWS CloudFormation deletes the resource by default. To keep a resource when its stack is deleted, specify Retain for that resource. You can use retain for any resource. For example, you can retain a nested stack, Amazon S3 bucket, or EC2 instance so that you can continue to use or modify those resources after you delete their stacks.
Reference:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-…