In this lab, I created a static website for a mock cafe. The website was hosted on an Amazon S3 bucket.
The bucket was properly configured to host a static website, and anyone could access it via the assigned
Amazon S3 endpoint URL. The steps I completed in order to earn credit for the lab are listed below:
1.Extracting the files that you need for the lab
2.Creating an S3 bucket to host your static website
3.Uploading content to your S3 bucket
4.Creating a bucket policy to grant public read access
5.Enabling versioning on the S3 bucket
6.Setting lifecycle policies
7.Enable cross-Region replication.
The web application in this lab originally used the MariaDB that was installed on the EC2 isntance.
However, in the course of the lab, I created an RDS MariaDB instance, dumped the data out of the database on
the EC2 instance, and migrated the data into the RDS database. To accomplish the migration, I connected to the
EC2 instance using the AWS Systems Manager Session Manager. Database credentials and database connection information
were stored in the AWS Systems Manager Parameter Store. So, an IAM role was attached to the EC2 instance to
allow the web application read data out of the Parameter Store. The steps I completed in order to earn credit
for the lab are listed below:
1.Creating an RDS instance
2.Analyzing the existing café application deployment
3.Working with the database on the EC2 instance
4.Working with the RDS database
5.Importing the data into the RDS database instance
6.Connecting the café application to the new database
The architecture in this lab originally had both the web application layer and database layer in the
same public subnet of a VPC. The task for this lab was to create a two-tier architecture where the web application
layer is separate from the database layer. The steps I completed in order to earn credit for the lab are listed below:
1.Creating a public subnet
2.Creating a bastion host
3.Allocating an Elastic IP address for the bastion host
4.Testing the connection to the bastion host
5.Creating a private subnet
6.Creating a NAT gateway
7.Creating an EC2 instance in a private subnet
8.Configuring your SSH client for SSH passthrough
9.Testing the SSH connection from the bastion host
10.Creating a network ACL
11.Testing your custom network ACL
In this lab, I was assigned to define what level of access users should have across the cloud resources for
a particular web application. Using IAM Roles, Groups, and Users I defined fine-grained access control for
every IAM user following the principle of least principle. The steps I completed in order to earn credit
for the lab are listed below:
1.Configuring an IAM group with policies and an IAM user
2.Logging in as test_user and testing access
3.Configuring IAM for database administrator user access
4.Logging in as the database administrator and resolving the database connectivity issue
5.Using the IAM Policy Simulator and creating a custom IAM policy with the visual editor
In this lab, I was responsible for creating a highly available and scalable website architecture by using
an application load balancer and an auto scaling group. Furthermore, the lab required me to improve the
availability of the application by creating a Multi-AZ deployment. The steps I completed in order to earn credit
for the lab are listed below:
1.Creating a NAT gateway for the second Availability Zone
2.Creating a bastion host instance in a public subnet
3.Creating a launch template
4.Creating an Auto Scaling group
5.Creating a load balancer
6.Testing the web application
7.Testing automatic scaling under load
CloudFormation templates allow you to quickly deploy, make changes to, and delete entire architectures in AWS.
In this lab, I was tasked to create an AWS CloudFormation template from scratch and then make some changes
to the infrastructure by editing the CloudFormation template. I created and updated the template using
AWS CodeCommit. All of the steps that I completed in order to earn credit for this lab are listed below:
1.Creating an AWS CloudFormation template from scratch
2.Configuring the bucket as a website and updating the stack
3.Cloning a CodeCommit repository that contains AWS CloudFormation templates
4.Creating a new network layer with AWS CloudFormation, CodeCommit, and CodePipeline
5.Updating the network stack
6.Defining an EC2 instance resource and creating the application stack
7.Duplicating the café network and website to another AWS Region
Serverless Architectures offer many advantages over traditional server based architectures. They generally
decouple the architecture, are less expensive, and are highly available as well as secure. In this lab, I
worked with AWS Lambda, SNS, and Amazon EventBridge to decouple an architecture. The steps that I completed to earn
credit for this lab are listed below:
1.Downloading the source code
2.Creating the DataExtractorLambda function in the VPC
3.Creating the salesAnalysisReportLambda function
4.Creating an SNS topic
5.Creating an email subscription to the SNS topic
6.Testing the salesAnalysisReportLambda function
7.Setting up an Amazon EventBridgeEvent to trigger the Lambda function each day