AWS Certified Solutions Architect Professional SAP-C02 Practice Question

Your company operates a production environment that is defined entirely in AWS CloudFormation and deployed through an automated AWS CodePipeline. The stack includes a critical Amazon RDS for MySQL instance. Compliance requires that any pipeline update that would replace or delete this database must be blocked automatically, while in-place modifications (for example, changing the backup window) must proceed. The control must be enforced natively by CloudFormation so that it applies regardless of which IAM identity or deployment tool performs the update, and it should introduce the least ongoing operational burden.

Which solution meets these requirements?

  • Have the pipeline create a change set for every update and require a manual approval step before execution.

  • Enable termination protection on the CloudFormation stack so that destructive actions are rejected automatically.

  • Attach a CloudFormation stack policy that denies the Update:Replace and Update:Delete actions for the DB instance resource.

  • Add a DeletionPolicy of Retain to the DB instance in the template to ensure the database cannot be removed.

AWS Certified Solutions Architect Professional SAP-C02
Design for New Solutions
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot