- A
Set the DeletionPolicy attribute to Retain on the S3 bucket resource
DeletionPolicy: Retain prevents the bucket from being deleted when the stack is deleted.
- B
Enable termination protection on the S3 bucket
Why wrong: Termination protection is an EC2 feature.
- C
Add a DependsOn clause to the bucket referencing the stack itself
Why wrong: DependsOn does not affect deletion behavior.
- D
A bucket policy that denies s3:DeleteBucket
Why wrong: Bucket policy controls permissions, not stack deletion behavior.
Quick Answer
The answer is to set the DeletionPolicy attribute to Retain on the S3 bucket resource. This configuration overrides CloudFormation’s default behavior, which deletes all resources when a stack is removed, by instructing the service to preserve the bucket and its versioned objects even after the stack deletion. On the AWS Certified DevOps Engineer Professional DOP-C02 exam, this question tests your understanding of resource lifecycle management within CloudFormation, specifically how to prevent accidental deletion of stateful resources like S3 buckets. A common trap is confusing DeletionPolicy with stack policies or IAM permissions, but the key distinction is that DeletionPolicy is a resource-level attribute that directly controls what happens during stack deletion. Remember the mnemonic: "Retain to remain" — if you want the bucket to stay, set Retain.
DOP-C02 Configuration Management and IaC Practice Question
This DOP-C02 practice question tests your understanding of configuration management and iac. The scenario asks you to isolate a root cause — eliminate options that address a different problem before choosing. After answering, compare your reasoning against the explanation and wrong-answer breakdown below. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.
A DevOps engineer is writing an AWS CloudFormation template that creates an Amazon S3 bucket with versioning enabled. The engineer wants to ensure that the bucket cannot be deleted accidentally. What should the engineer add to the template?
Answer choices
Why each option matters
Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.
Correct answer & explanation
Set the DeletionPolicy attribute to Retain on the S3 bucket resource
Setting the DeletionPolicy attribute to Retain on the S3 bucket resource ensures that when the CloudFormation stack is deleted, the bucket is preserved and not removed. This is the correct AWS CloudFormation mechanism to prevent accidental deletion of a resource, as it overrides the default behavior of deleting all resources when a stack is deleted.
Key principle: Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.
Answer analysis
Option-by-option breakdown
For each option: why learners choose it and why it is or isn't the right answer here.
- ✓
Set the DeletionPolicy attribute to Retain on the S3 bucket resource
Why this is correct
DeletionPolicy: Retain prevents the bucket from being deleted when the stack is deleted.
Related concept
Read the scenario before looking for a memorised answer.
- ✗
Enable termination protection on the S3 bucket
Why it's wrong here
Termination protection is an EC2 feature.
- ✗
Add a DependsOn clause to the bucket referencing the stack itself
Why it's wrong here
DependsOn does not affect deletion behavior.
- ✗
A bucket policy that denies s3:DeleteBucket
Why it's wrong here
Bucket policy controls permissions, not stack deletion behavior.
Common exam traps
Common exam trap: answer the scenario, not the keyword
The trap here is that candidates confuse termination protection (an EC2 feature) with CloudFormation's DeletionPolicy, or mistakenly believe a bucket policy can override CloudFormation's resource deletion behavior during stack teardown.
Detailed technical explanation
How to think about this question
The DeletionPolicy attribute in CloudFormation can be set to Retain, Delete (default), or Snapshot for supported resources. When set to Retain, CloudFormation will skip the deletion of the resource during stack deletion, leaving it orphaned in the AWS account. This is particularly useful for stateful resources like S3 buckets with versioning enabled, where data loss from accidental deletion would be catastrophic. Note that DeletionPolicy only applies during stack deletion; it does not prevent manual deletion of the bucket via the console or CLI.
KKey Concepts to Remember
- Read the scenario before looking for a memorised answer.
- Find the constraint that changes the correct option.
- Eliminate answers that are true in general but not in this case.
TExam Day Tips
- Watch for words such as best, first, most likely and least administrative effort.
- Review why wrong options are wrong, not only why the correct option is correct.
Key takeaway
Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.
Real-world example
How this comes up in practice
A startup's cloud architect reviews their monthly bill and notices costs are higher than expected for a long-running batch job. Switching from on-demand instances to Reserved Instances — or using Spot/Preemptible VMs — can reduce compute costs by up to 72 %. Questions like this test whether you understand the tradeoffs between commitment, flexibility, and cost across cloud pricing models.
What to study next
Got this wrong? Here's your next step.
Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.
- →
Configuration Management and IaC — study guide chapter
Learn the concepts, then practise the questions
- →
Configuration Management and IaC practice questions
Targeted practice on this topic area only
- →
All DOP-C02 questions
1,740 questions across all exam domains
- →
AWS Certified DevOps Engineer Professional DOP-C02 study guide
Full concept coverage aligned to exam objectives
- →
DOP-C02 practice test guide
How to use practice tests most effectively before exam day
Related practice questions
Related DOP-C02 practice-question pages
Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.
Configuration Management and IaC practice questions
Practise DOP-C02 questions linked to Configuration Management and IaC.
Resilient Cloud Solutions practice questions
Practise DOP-C02 questions linked to Resilient Cloud Solutions.
Monitoring and Logging practice questions
Practise DOP-C02 questions linked to Monitoring and Logging.
Incident and Event Response practice questions
Practise DOP-C02 questions linked to Incident and Event Response.
Security and Compliance practice questions
Practise DOP-C02 questions linked to Security and Compliance.
SDLC Automation practice questions
Practise DOP-C02 questions linked to SDLC Automation.
DOP-C02 fundamentals practice questions
Practise DOP-C02 questions linked to DOP-C02 fundamentals.
DOP-C02 scenario practice questions
Practise DOP-C02 questions linked to DOP-C02 scenario.
DOP-C02 troubleshooting practice questions
Practise DOP-C02 questions linked to DOP-C02 troubleshooting.
Practice this exam
Start a free DOP-C02 practice session
Short sessions build daily habit. Longer sessions build exam-day stamina. Try a timed session to simulate real conditions.
FAQ
Questions learners often ask
What does this DOP-C02 question test?
Configuration Management and IaC — This question tests Configuration Management and IaC — Read the scenario before looking for a memorised answer..
What is the correct answer to this question?
The correct answer is: Set the DeletionPolicy attribute to Retain on the S3 bucket resource — Setting the DeletionPolicy attribute to Retain on the S3 bucket resource ensures that when the CloudFormation stack is deleted, the bucket is preserved and not removed. This is the correct AWS CloudFormation mechanism to prevent accidental deletion of a resource, as it overrides the default behavior of deleting all resources when a stack is deleted.
What should I do if I get this DOP-C02 question wrong?
Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.
What is the key concept behind this question?
Read the scenario before looking for a memorised answer.
About these practice questions
Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →
Same concept, more angles
1 more ways this is tested on DOP-C02
These questions test the same concept from different angles. Work through them to make sure you can recognise it however the exam phrases it.
Variation 1. A DevOps engineer deploys the CloudFormation snippet shown in the exhibit. After the stack is deleted, the engineer checks for the S3 bucket. Which statement best describes the outcome?
medium- A.The bucket is deleted because the stack deletion overrides the DeletionPolicy.
- ✓ B.The bucket is retained (not deleted) after the stack deletion.
- C.The stack deletion fails because the bucket has versioning enabled.
- D.The bucket is deleted along with the stack because the DeletionPolicy is not supported for S3 buckets.
Why B: Option C is correct because the DeletionPolicy: Retain ensures the bucket is not deleted when the stack is deleted. Option A is wrong because the bucket is retained. Option B is wrong because the bucket exists. Option D is wrong because the stack deletion succeeds, but the bucket remains.
Last reviewed: Jun 24, 2026
This DOP-C02 practice question is part of Courseiva's free Amazon Web Services certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the DOP-C02 exam.
Question Discussion
Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.
Sign in to join the discussion.