Which combination of actions should the DevOps engineer perform so that the stack rollback can complete successfully?
(Choose two.)
Attach the AWSCloudFormationFullAccess IAM policy to the AWS CloudFormation role.
Automatically recover the stack resources by using AWS CloudFormation drift detection.
Issue a ContinueUpdateRollback command from the AWS CloudFormation console or the AWS CLI.
Manually adjust the resources to match the expectations of the stack.
Update the existing AWS CloudFormation stack by using the original template.
Explanations:
Attaching the AWSCloudFormationFullAccess IAM policy to the AWS CloudFormation role does not directly resolve the UPDATE_ROLLBACK_FAILED state. This action focuses on permissions rather than addressing the underlying issue causing the rollback failure.
AWS CloudFormation drift detection is used to identify differences between the actual resources and the stack’s expected configuration. While useful for understanding discrepancies, it does not automatically recover stack resources or facilitate the rollback process.
Issuing a ContinueUpdateRollback command allows AWS CloudFormation to proceed with the rollback process, effectively resolving the UPDATE_ROLLBACK_FAILED state. This command instructs CloudFormation to continue rolling back to the last stable state.
Manually adjusting the resources to match the expectations of the stack can help resolve conflicts that caused the rollback to fail. By ensuring that the actual resources conform to the stack’s configuration, the rollback process can complete successfully.
Updating the existing AWS CloudFormation stack with the original template does not directly address the failed rollback process. Instead, it would require a new update action, which may not resolve the issues preventing the rollback from completing.
I compute that the answer is:
Issue a ContinueUpdateRollback command from the AWS CloudFormation console or the AWS CLI.