Q39 — AWS SOA-C02 Ch.1
Question 39 of 100 | ← Chapter 1
A company uses AWS CloudFormation to deploy its infrastructure. The company recently retired an application. A cloud operations engineer initiates CloudFormation stack deletion, and the stack gets stuck in DELETE_FAILED status. A SysOps administrator discovers that the stack had deployed a security group. The security group is referenced by other security groups in the environment. The SysOps administrator needs to delete the stack without affecting other applications. Which solution will meet these requirements in the MOST operationally ecient manner?
- A. Create a new security group that has a different name. Apply identical rules to the new security group. Replace all other security groups that reference the new security group Delete the stack.
- B. Create a CloudFormation change set to delete the security group. Deploy the change set.
- C. Delete the stack again. Specify that the security group be retained. ✓
- D. Perform CloudFormation drift detection. Delete the stack.
Correct Answer: C. Delete the stack again. Specify that the security group be retained.
Explanation
当CloudFormation堆栈因安全组被其他资源引用而卡在DELETE_FAILED状态时,通过指定保留该安全组(使用--retain-resources参数),可直接跳过该资源的删除流程,实现堆栈的高效删除,且不影响其他依赖该安全组的应用正常运行,是最符合最小操作成本要求的方式。