How should you prevent this from occurring in the future?

Your application uses CloudFormation to orchestrate your application’s resources. During your testing phase before the
application went live, your Amazon RDS instance type was changed and caused the instance to be re-created, resulting
In the loss of test data. How should you prevent this from occurring in the future?

Your application uses CloudFormation to orchestrate your application’s resources. During your testing phase before the
application went live, your Amazon RDS instance type was changed and caused the instance to be re-created, resulting
In the loss of test data. How should you prevent this from occurring in the future?

A.
Within the AWS CloudFormation parameter with which users can select the Amazon RDS instance type, set AllowedValues to only
contain the current instance type.

B.
Use an AWS CloudFormation stack policy to deny updates to the instance. Only allow UpdateStack permission to IAM principals that
are denied SetStackPolicy.

C.
In the AWS CloudFormation template, set the AWS::RDS::DBInstance’s DBlnstanceClass property to be read-only.

D.
Subscribe to the AWS CloudFormation notification “BeforeResourceUpdate,” and call CancelStackUpdate if the resource identified is
the Amazon RDS instance.

E.
In the AWS CloudFormation template, set the DeletionPolicy of the AWS::RDS::DBInstance’s DeletionPolicy property to “Retain.”

← Previous question

Next question →

Leave a Reply 9

Raj

Is answer C?

Reply

Woo

I also thought that the answer is C but… found out that RDS cannot be set to “read-only”.

Reply

BTuan

A, B, D is completely wrong.

C. In AWS::RDS::DBInstance, there is no “read-only” option.

E is answer.
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html?shortFooter=true

Reply

Sadeel Anjum

Yeah , E is the right answer.
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html?shortFooter=true

Reply

SamT

E is talking about deletion – that is not our situation.
Our issue is changing of instance type – A should fix it.

Reply

ak

E seems to be correct

Note that this capability also applies to update operations that lead to resources being removed.

Reply

James

Agree. The question is regarding using the CloudFormation in version-control as a re-useable tool in updates that include replacing instance types and retiring unwanted instances.

Reply

bcw

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/protect-stack-resources.html?shortFooter=true

“your Amazon RDS instance type was changed and caused the instance to be re-created” – the type was changed in the CloudFormation template, but this will only cause the existing instance to change if the stack is updated. Deleting the stack may delete instances, but will regardless if the type is changed. Changing the type only matters for updates. ‘DeletionPolicy’ is only about deleting a stack, not updating it.

The answer is B.

Reply

Unnat

E is the correct Answer.

Reply