Skip to Content

DVA-C02: How to Prevent Accidental Database Deletion with AWS CloudFormation

Learn how to use AWS CloudFormation attributes and policies to protect your database from being deleted by mistake. Discover two solutions that will help you avoid data loss and ensure business continuity.

Question

A development team maintains a web application by using a single AWS CloudFormation template. The template defines web servers and an Amazon RDS database. The team uses the Cloud Formation template to deploy the Cloud Formation stack to different environments.

During a recent application deployment, a developer caused the primary development database to be dropped and recreated. The result of this incident was a loss of data. The team needs to avoid accidental database deletion in the future.

Which solutions will meet these requirements? (Choose two.)

A. Add a CloudFormation Deletion Policy attribute with the Retain value to the database resource.
B. Update the CloudFormation stack policy to prevent updates to the database.
C. Modify the database to use a Multi-AZ deployment.
D. Create a CloudFormation stack set for the web application and database deployments.
E. Add a Cloud Formation DeletionPolicy attribute with the Retain value to the stack.

Answer

A. Add a CloudFormation Deletion Policy attribute with the Retain value to the database resource.
B. Update the CloudFormation stack policy to prevent updates to the database.

Explanation

The correct answers are A and B.

A. Add a CloudFormation Deletion Policy attribute with the Retain value to the database resource. This solution will prevent the database from being deleted when the stack is deleted or updated. The DeletionPolicy attribute controls how CloudFormation handles the deletion of a resource. The Retain value means that CloudFormation keeps the resource but does not manage or delete it. This way, the database and its data will be preserved even if the stack is deleted or updated.

B. Update the CloudFormation stack policy to prevent updates to the database. This solution will prevent the database from being modified when the stack is updated. The stack policy is a JSON document that defines which actions can be performed on specified resources during a stack update. The developer can use the Deny effect to block any updates to the database resource. This way, the database and its data will be protected from accidental changes.

Option C is incorrect because modifying the database to use a Multi-AZ deployment will not prevent accidental database deletion. A Multi-AZ deployment is a configuration that enhances the availability and durability of a database by replicating it across multiple Availability Zones. However, it does not affect how CloudFormation handles the deletion of the database resource.

Option D is incorrect because creating a CloudFormation stack set for the web application and database deployments will not prevent accidental database deletion. A stack set is a collection of CloudFormation stacks that can be managed as a single unit across multiple accounts and Regions. However, it does not change how CloudFormation handles the deletion of individual resources within each stack.

Option E is incorrect because adding a CloudFormation DeletionPolicy attribute with the Retain value to the stack will not prevent accidental database deletion. The DeletionPolicy attribute can only be applied to individual resources, not to the entire stack.

The latest AWS Certified Developer – Associate DVA-C02 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the AWS Certified Developer – Associate DVA-C02 exam and earn AWS Certified Developer – Associate DVA-C02 certification.

AWS Certified Developer - Associate DVA-C02 Exam Questions and Answers

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.