AWS Certified Solutions Architect - Professional (#474)

A company is using AWS CloudFormation to deploy its infrastructure. The company is concerned that, if a production CloudFormation stack is deleted, important data stored in Amazon RDS databases or Amazon EBS volumes might also be deleted. How can the company prevent users from accidentally deleting data in this way?

Modify the CloudFormation templates to add a
DeletionPolicy
attribute to RDS and EBS resources.
Configure a stack policy that disallows the deletion of RDS and EBS resources.
Modify IAM policies to deny deleting RDS and EBS resources that are tagged with an
“aws:cloudformation:stack-name”
tag.
Use AWS Config rules to prevent deleting RDS and EBS resources.