Q37 — AWS DOP-C02 Ch.2

Question 37 of 100 | ← Chapter 2

A company uses AWS CloudFormation stacks to deploy and update applications. The stack consists of various resources, including an AWS Auto Scaling group, Amazon EC2 instances, an Application Load Balancer (ALB), and other resources required to launch and maintain the independent stack. No changes to application resources outside of CloudFormation stack updates are permitted. Recently, the company attempted to update the application stack using the AWS CLI. The stack update failed and returned the following error message: "Error: Deployment and CloudFormation stack rollback both failed. Deployment failed because the following resource failed to update: [AutoScalingGroup]." The stack remains in the UPDATE_ROLLBACK_FAILED state. Which solution resolves this issue?

Correct Answer: B. Update the IAM role by providing the permissions required to update the stack. Run the AWS cloudformation continue-update-rollback AWS CLI command.

Explanation

When an AWS CloudFormation stack update fails, if the failure is due to permission issues preventing resource updates or rollback, IAM role permissions must be adjusted. AWS documentation states that when a stack is in UPDATE_ROLLBACK_FAILED state, after fixing the root cause, you should use continue-update-rollback to resume rollback. Option B addresses the root cause by updating IAM role permissions and executing that command, aligning with the recommended remediation workflow. Other options—subnet mapping updates, quota increases, or deleting resources—are unrelated to the error cause or violate the constraint prohibiting modifications outside CloudFormation.