Whatsapp Us

Scan or Click here to open the chat!%s
,

[SOLVED] Cloud Foundations COSC2757 Milestone 2

$25

File Name: Cloud_Foundations_COSC2757_Milestone_2.zip
File Size: 357.96 KB

Categories: , Tag:
5/5 - (1 vote)
COSC2757 Assignment 2

Cloud Foundations COSC2757/ Semester 1, 2024 Milestone 2 (Timed AWS cloud implementation)

 

Assessment Type

To be attempted individually.

Submit online via CanvasAssignmentsSecond Milestone

Marks are awarded for meeting requirements as closely as possible. Clarifications/updates may bemade via announcements/relevant discussion forums.

Due Date

Week 12, Friday 31 May 2024, 5:00 pm AEST [please note the time]

Marks

 

  1. Overview (you must read this first)

    You are to attempt this assignment individually, no group work is allowed. You will use material and knowledge gained from reading AWS Academy Cloud Foundations course.

    • You will need your AWS academy accounts for this milestone. Email invites to use this account were sent earlierin the semester. Please accept the invite and start using this account. If you have any account-related issue, please email Course Coordinator: Hai Dong ([email protected]) at your earliest. Most of the time these queries will be directed to AWS and may take few days to resolve.

      If you find a specification open to interpretation, post a query identifying the specification in the corresponding discussion board for assignment 2. Software development and deployment in real life does not come with a definitive roadmap and flowcharts complete with instructions. More often than not, it is the job of the developer/analyst to clarify requirements from the client.

      All of us have been affected by the unfortunate COVID-19 scenario and its aftermath. It is often hard to concentrate and study online; but as a student enrolled in this course, it is your responsibility to regularly attend the online session(s).

    • Bring your questions to online facilitation sessions

    • Watch the online recordings on a regular basis if you cannot attend the live sessions.

    • Do NOT start the work on the assignment at the last minute.

    • Do NOT ask for last minute extensions, these are often rejected. Extensions can only be granted for personaland medical reasons, provided you submit an extension form (link) as well as supply some evidence.

  2. Learning Outcomes

    This assessment relates to all of the learning outcomes of the course which are:

    • CLO 1: Define and understand AWS and its components

    • CLO 2: Create a virtual private cloud (VPC) and demonstrate Amazon Elastic Compute Cloud (Amazon EC2)

    • CLO 3: Comprehend AWS storage services

    • CLO 4: Comprehend AWS database services

    • CLO 5: Understand architectural principles, security and compliance issues in AWS Cloud

  3. Academic integrity and plagiarism (standard warning)

    Academic integrity is about the honest presentation of your academic work. It means acknowledging the work of others while developing your own insights, knowledge, and ideas. You should take extreme care that you have:

    • Acknowledged words, data, diagrams, models, frameworks and/or ideas of others you have quoted (i.e. directly copied), summarised, paraphrased, discussed or mentioned in your assessment through the appropriate referencing methods,

    • Provided a reference list of the publication details so your reader can locate the source if necessary. This includes material taken from Internet sites.

      If you do not acknowledge the sources of your material, you may be accused of plagiarism because you have passed off the work and ideas of another person without appropriate referencing, as if they were your own.

      RMIT University treats plagiarism as a very serious offence constituting misconduct. Plagiarism covers a variety of inappropriate behaviours, including:

    • Contract cheating- paying/asking someone to do your work

    • Failure to properly document a source involving none, insufficient or incorrect referencing

    • Copyright material from the internet or databases

    • Collusion between students

  4. Extension and late submissions

    • Email course coordinator: Hai Dong ([email protected]) for any extension related queries.

    • Do NOT ask for last minute extensions, these are often rejected. Extensions can only be granted for personal and medical reasons, provided you can supply some evidence.

    • According to RMIT assessment policy as outlined here: https://www.rmit.edu.au/students/my- course/assessment-results/special-consideration-extensions/extensions

      If you are seeking an extension of seven calendar days or less (from the original due date) you must apply at least one working day before the assessment deadline.

    • After the due date, you will have 5 business days to submit your assignment as a late submission. Late submissions will incur a penalty of 10% per day. After these five days, Canvas will be closed, and you will lose ALL the assignment marks.

  5. Marking Guidelines

    The marks allocated have been added to each of the tasks.

  6. Assignment 2 tasks

    There are two types of tasks:

    • Solutions of Basic Tasks can mostly be referenced from existing lectorial and lab notes and recordings or demonstration videos.

    • Solutions of Advanced Tasks require you to conduct research yourself to find.

      The tasks need to be completed in the classroom titled AWS Academy Learner Lab [78895]; uponlogging in to the correct classroom you should see the following:

      PLEASE NOTE- Your entry times are logged each time you work in the AWS Academy Learner Lab [78895] classroom created for you under your AWS account. If you work under an incorrect or personal account, these log entries will not exist, and you will get a ZERO for the whole assignment 2. No marks will be awarded for using a personal AWS account.

      NOTE: You will be required to submit a series of screenshots to show that you have completed the tasks.

      Please make sure that all your AWS Management Console screenshots show all the details and your AWS username (appearing in the top-right corner of the management console) otherwise you will receive a ZERO mark for any tasks that miss the details and username.

Scenario: You have a small business with a website that is hosted on an Amazon Elastic Compute Cloud (Amazon EC2) instance. You have customer data that is stored on a backend database server that you want to keep private. You also have an on-premise network. You want to use Amazon VPC to set up a VPC that meets the following requirements:

TASK A) VPC (7 marks)

  1. (Basic) Create a new VPC in us-east-1, and name it as s1234567 (i.e. your student ID).

    • You will create three public subnets, and three private subnets in three availability zones (each pair of public subnet and private subnet is within an availability zone). Give them appropriate names. (1 mark)

    • The first address of your network must be xx (the last two digits of your student id, e.g. 67 for s1234567).xx (the last fourth and third digits of your student ID, e.g. 45 for s1234567).0.0. Each subnet must have 1024 IPv4 addresses in total. (1 mark)

    • Ensure your three public subnets are associated with a route table and three private subnets are associated with another route table. Each table is properly named and configured. (1 mark)

    • Create a security group to allow HTTP, HTTPS and SSH Access inside the public subnets from the wider internet and name it as s1234567-public. (1 mark)

      Note: if the last two digits of your student ID are 00 (e.g. s1234500), the first IP address of your network address must be 10.xx.0.0 (e.g. 10.45.0.0 for s1234500).

  2. (Advanced) Connect the private subnets of this VPC with your on-premises network (CIDR: 192.168.10.0/24) to form a virtual private network. (3 marks)

TASK B) EC2 (5 marks)

  1. (Basic) Inside EC2, launch:

    • An instance with Amazon Linux 2023 AMI and t2.small Instance Type and name it as s1234567- Web Server 1. Make sure it is inside Public Subnet 3 of the s1234567 VPC and assign the Security Group you created earlier. (1 mark)

    • Install a web server, a database, and PHP libraries into the EC2 (see Lab 2 instructions). Assign a permanent public IP address to the EC2 (i.e. the IP address will not change when the instance is restarted) so that you can access the website using the public IP address after launching the instance. (1 mark)

    • Choose Choose an existing key pair when you launch the instance. Access the instance using Putty/Terminal/Command Prompt/Git Bash/PowerShell (No EC2 Instance Connect or Session Manager Allowed) and the key pair provided by the Learner Lab. (1 mark)

  2. (Advanced) Enabling HTTPS on your web server so that the web server can be accessed through HTTPS protocol. (2 marks)

TASK C) S3&IAM&Lambda (6 marks)

  1. (Basic) Create an S3 bucket (name it as s1234567-s3) in us-east-1 and create and upload a webpage that can show your name, student ID, and registered COSC2757 practical name (in HTML format) to the S3 bucket and make S3 host this webpage as a public website (so the public can access it from its object URL). (2 marks)

  2. (Advanced) Create a Lambda function and configure a trigger for the bucket. Every time that you add an object to your Amazon S3 bucket, your function runs and outputs the object type to CloudWatch Logs. (2 marks)

  3. (Advanced) Create another S3 bucket (name it as s1234567-iam) in us-east-1 and a private connection between the public subnets of VPC and this bucket without using authentication. (2 marks)

TASK D) EBS&EFS (6 marks)

  1. (Basic) Create a new EBS volume (Type: GP3, Size: 8 GB) and attach it to the EC2 instance.

    • Create a file system and a file on this new volume and create a snapshot for this volume. (1 mark)

    • Delete this volume, recreate a volume (10 GB) based on the snapshot, attach the restored volume to the instance, and show the file system is restored and resized. (2 marks)

  2. (Basic) Create an EFS (name it as s1234567-EFS) and mount it to the EC2 instance (i.e. only allowing the EC2 instance to access it). (3 marks)

TASK E) RDS&DynamoDB (7 marks)

  1. (Basic) Create a security group for the s1234567 VPC called s1234567-DB Access. This security group should allow inbound connections on the port used for MySQL connections from the instance that has the security group you created in Task A.

    • Create a Subnet Group (containing Private Subnet-1 and Private Subnet-2) for Database (name it as

      s1234567-Subnet-Group). (1 mark)

    • Create Database (2 marks)

      • Go to Create Database under RDS, and select MySQL.

      • Leave the Settings as default, but set password to ‘ s1234567

      • Set the DB instance type to db.t3.micro with 8 GB SSD (GP2).

      • The deployment must be a Multi-AZ deployment (with replicas).

      • Ensure it is launched in the s1234567 VPC, using the subnet group you created previously.

      • Ensure you attach the DB Security Group.

      • Disable automatic backups, encryption and enhanced monitoring.

    • (Advanced) Use Putty/Terminal/Command Prompt/Git Bash/PowerShell to show that the EC2 instance can access the DB instance. (1 mark)

  2. Inside DynamoDB,

    • (Basic) Create a DynamoDB table (s1234567-Shopping) exactly following the schema and containing the information below. (1 mark)

      Customer_ID

      Purchase_Date

      Item_1

      Item_2

      ltem_3

      10004

      20-05-2024

      Tea

      Salad

      Sandwich

      10004

      25-05-2024

      Tea

      Sandwich

      10005

      22-05-2024

      Juice

      Soda

      Soda

      10005

      26-05-2024

      Pizza

      Tea

      Salad

      10006

      25-05-2024

      Water

      Pizza

      Fries

      10006

      29-05-2024

      Fries

      Salad

      Tea

      10007

      28-05-2024

      Soda

      Sandwich

      10007

      29-05-2024

      Soda

      Sandwich

      Tea

    • (Advanced) Create a single query to retrieve all the records that contain tea. (2 marks)

      TASK F) ELB&Auto Scaling (4 marks)

      (Basic) Create an Elastic Load Balancer (called s1234567-ELB) and an Auto Scaling Group (called s1234567-Auto Scaling) that launch instances (called s1234567-instance) of the same type and configuration across Private Subnet- 1 and Private Subnet-3, where

    • The target group is named as s1234567-Target-Group.

    • Enable EC2 instance detailed monitoring within CloudWatch.

    • Enable group metrics collection within CloudWatch.

    • Desired capacity: 3, Minimum capacity: 2, Maximum capacity: 4.

    • The scaling policy is that Average CPU Utilization is greater than 70% in 2 mins.

    • Automatically send AWS notifications to your student email for only scale-in and scale-out events. (1 mark)

    • Test your Autoscaling group by using the load test function of the hosted website. (3 marks)

TASK G) System Architecture (10 marks)

(Basic) Draw a system architecture to precisely illustrate all the components included in Tasks A-F as detailed as possible (including all services and their connections, region, AZs, VPC, subnets, security groups, CIDRs, IP addresses, details of route tables, etc.)

  1. Submission Instructions

    You need to create a single zipped archive containing the following:

    Tasks

    Subtasks

    Screenshots required

    Name of screenshot files

    Task A

    VPC_1

    Resource Map

    Subnets (including CIDRs) Public Route Table Private Route Table

    Public Security Group

    Name all screenshots with

    TaskA_1

    e.g. Task A_1-Resource Map, etc.

    VPC_2

    Route Table Security Group

    VPN

    Name all screenshots with

    TaskA_2

    Task B

    EC2_1

    Instances (with instance selected to show details, security and networking)

    Website (show URL in HTTP)

    Instance access (using Putty/Terminal/Command Prompt/Git Bash/PowerShell)

    Name all screenshots with

    TaskB_1

    EC2_2

    Operations (in Putty/Terminal/Command Prompt/Git Bash/PowerShell)

    Website (show URL in HTTPS)

    Name all screenshots with

    TaskB_2

    Task C

    S3&IAM&Lambda_

    1

    The website (with the URL)

    Name all screenshots with

    TaskC_1

    S3&IAM&Lambda_ 2

    Lambda Function Overview S3 Object Uploading CloudWatch Log Events

    Name all screenshots with

    TaskC_2

    S3&IAM&Lambda_ 3

    VPC Endpoint (full information)

    Bucket Policy

    Name all screenshots with

    TaskC_3

    TASK D

    EBS&EFS_1

    EBS Volume (Details) File System Operations Snapshot (Details) Volume Deletion Volume Recreation

    File System Restoration and Resizing

    Restored File System Demonstration

    Name all screenshots with

    TaskD_1

    EBS&EFS_2

    EFS (Network Information) Mount Operations

    Mounted EFS Demonstration

    Name all screenshots with

    TaskD_2

    TASK E

    RDS&DynamoDB_1 Security Group

    Subnet Groups

    DB Instance (full information)

    EC2 and DB Instances Interactions

    Name all screenshots with

    TaskE_1

    RDS&DynamoDB_2

    Table

    Query and Results

    Name all screenshots with

    TaskE_2

    TASK F

    ELB&AutoScaIing

    Launch Configuration (Details)

    Autoscaling Group (Summary of all the steps)

    Target Groups (Details (show healthy status) and Targets) Website (with the URL of ELB DNS and shown in different availability zones)

    CloudWatch Alarms (showing In alarm status) Alarm Message (in your student email)

    Scale-Out EC2 Instances and Their Located Subnets

    Name all screenshots with

    TaskF_

    Task G

    System

    Architecture

    System Architecture Graph

    Name it with TaskG_

    Note:

    1. Make sure the font size in your screenshots is large enough to identify.

    2. You may make two or more screenshots for the same required screenshot if a single screenshot cannot cover all the details.

    3. Include your username (appearing in the top-right corner of your AWS management console) in all submitted screenshots otherwise you will receive a 0 mark for any screenshots missing the username.

    4. You may create folders (use the task/subtask titles to name the folders) to contain the screenshots of each task/subtask.

    You must submit this single zipped archive via Assignment submission link under Milestone 2 Canvas.

    The zipped file must be named as yourStudentNumber_a2.zip, as an example if your student number is s1234567 the file must be named as

    s1234567_a2.zip

    INCORRECT file name will attract a penalty of 5 marks from the total score.

    Note: You won’t receive a penalty for the Canvas auto-generated file name appendix (e.g. s1234567_a2-1.zip)

    Assessment declaration: When you submit work electronically, you agree to the assessment declaration: https://www.rmit.edu.au/students/student-essentials/assessment-and-exams/assessment/assessment-declaration For further information on our policies and procedures, please refer to: https://www.rmit.edu.au/students/student-essentials/rights-and-responsibilities/academic-integrity

  2. Assignment queries

Please attend Week11-12 tutelab sessions or post questions on the discussion board to query doubts concerning this assignment.

Related products

Shopping Cart
[SOLVED] Cloud Foundations COSC2757 Milestone 2
$25