A database specialist is creating an AWS CloudFormation stack. The database specialist wants to prevent accidental deletion of an Amazon RDS ProductionDatabase resource in the stack. Which solution will meet this requirement?
A.
Create a stack policy to prevent updates. Include ג€Effectג€ : ג€ProductionDatabaseג€ and ג€Resourceג€ : ג€Denyג€ in the policy.
B.
Create an AWS CloudFormation stack in XML format. Set xAttribute as false.
C.
Create an RDS DB instance without the DeletionPolicy attribute. Disable termination protection.
D.
Create a stack policy to prevent updates. Include ג€Effectג€ : ג€Denyג€ and ג€Resourceג€ : ג€ProductionDatabaseג€ in the policy.
The answer is D. https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/protect-stack-resources.html
"When you set a stack policy, all resources are protected by default. To allow updates on all resources, we add an Allow statement that allows all actions on all resources. Although the Allow statement specifies all resources, the explicit Deny statement overrides it for the resource with the ProductionDatabase logical ID. This Deny statement prevents all update actions, such as replacement or deletion, on the ProductionDatabase resource."
D. Create a stack policy to prevent updates.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/protect-stack-resources.html#:~:text=The%20following%20example%20stack%20policy%20prevents%20updates%20to%20the%20ProductionDatabase%20resource%3A
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
james90
Highly Voted 3 years, 4 months agoPranava_GCP
Most Recent 1 year, 7 months agoKirrr
2 years, 3 months agothetachi
2 years, 1 month agonovice_expert
3 years agoRotterDam
3 years, 2 months agoRotterDam
3 years, 2 months ago