Q33 — AWS DOP-C02 Ch.2
Question 33 of 100 | ← Chapter 2
A company deploys a critical application across an entire AWS Region. The application uses an Application Load Balancer (ALB) in each Availability Zone. The company configures Amazon Route 53 latency-based DNS records for each ALB. The company uses Amazon Route 53 Application Recovery Controller (ARC) to ensure the application can fail over across Regions. The Route 53 ARC configuration includes routing controls for each Region. The company performs quarterly disaster recovery (DR) tests using Route 53 ARC. During the most recent DR test, a DevOps engineer accidentally disabled all routing controls. The company needs to ensure that at least one routing control remains enabled at all times. Which solution meets this requirement?
- A. In Route 53 ARC, create a new assertion safety rule. Apply the assertion safety rule to both routing controls. Configure the rule with type AT_LEAST and threshold value 1. ✓
- B. In Route 53 ARC, create a new gating safety rule. Apply the gating safety rule to both routing controls. Configure the rule with type OR and threshold value 1.
- C. In Route 53 ARC, create a new resource set. Configure the resource set with resource type AWS::Route53::HealthCheck. Specify the ARNs of both routing controls as target resources. Create a new readiness check for the resource set.
- D. In Route 53 ARC, create a new resource set. Configure the resource set with resource type AWS::Route53RecoveryReadiness::DNSTargetResource. Add the domain names of the two Route 53 alias DNS records as target resources. Create a new readiness check for the resource set.
Correct Answer: A. In Route 53 ARC, create a new assertion safety rule. Apply the assertion safety rule to both routing controls. Configure the rule with type AT_LEAST and threshold value 1.
Explanation
Route 53 Application Recovery Controller (ARC) supports assertion safety rules to enforce constraints on resource states. The requirement—to ensure at least one of two routing controls remains enabled—is precisely addressed by an assertion rule with type AT_LEAST and threshold 1. AWS documentation confirms that assertion rules evaluate current state and prevent actions that would violate the constraint (e.g., disabling the last enabled routing control). Option B’s gating rule governs traffic routing decisions—not state enforcement. Options C and D involve resource sets and readiness checks, which assess application readiness but do not constrain routing control state. Only option A implements the required guardrail via assertion safety rules.