Q33 — AWS DOP-C02 Ch.2

Question 33 of 100 | ← Chapter 2

A company deploys a critical application across an entire AWS Region. The application uses an Application Load Balancer (ALB) in each Availability Zone. The company configures Amazon Route 53 latency-based DNS records for each ALB. The company uses Amazon Route 53 Application Recovery Controller (ARC) to ensure the application can fail over across Regions. The Route 53 ARC configuration includes routing controls for each Region. The company performs quarterly disaster recovery (DR) tests using Route 53 ARC. During the most recent DR test, a DevOps engineer accidentally disabled all routing controls. The company needs to ensure that at least one routing control remains enabled at all times. Which solution meets this requirement?

Correct Answer: A. In Route 53 ARC, create a new assertion safety rule. Apply the assertion safety rule to both routing controls. Configure the rule with type AT_LEAST and threshold value 1.

Explanation

Route 53 Application Recovery Controller (ARC) supports assertion safety rules to enforce constraints on resource states. The requirement—to ensure at least one of two routing controls remains enabled—is precisely addressed by an assertion rule with type AT_LEAST and threshold 1. AWS documentation confirms that assertion rules evaluate current state and prevent actions that would violate the constraint (e.g., disabling the last enabled routing control). Option B’s gating rule governs traffic routing decisions—not state enforcement. Options C and D involve resource sets and readiness checks, which assess application readiness but do not constrain routing control state. Only option A implements the required guardrail via assertion safety rules.