Q41 — AWS DOP-C02 Ch.2
Question 41 of 100 | ← Chapter 2
A DevOps engineer uses an AWS CloudFormation custom resource to set up an AD Connector. An AWS Lambda function runs and creates the AD Connector, but CloudFormation does not transition from CREATE_IN_PROGRESS to CREATE_COMPLETE.
- A. Ensure the Lambda function code exits successfully.
- B. Ensure the Lambda function code returns a response containing a presigned URL. ✓
- C. Ensure the Lambda function’s IAM role has the cloudformation:UpdateStack permission for the stack ARN.
- D. Ensure the Lambda function’s IAM role has the ds:ConnectDirectory permission for the AWS account.
Correct Answer: B. Ensure the Lambda function code returns a response containing a presigned URL.
Explanation
In AWS CloudFormation, custom resources rely on Lambda functions to perform operations. After execution, the Lambda function must return a specific response—including a physical resource ID and a presigned URL—to signal success to CloudFormation and enable stack status transition. Without this response, CloudFormation remains stuck in CREATE_IN_PROGRESS. Therefore, ensuring the Lambda function returns the presigned URL response (Option B) is correct.