Hands-on on AWS-L2

Case1:

Create two groups called storage-admin, compute-admin

In each group create three users stadmin1…stadmin3, compadmin1…compadmin3.
In storage-admin group every user must have storage-viewer role, except stadmin2, it should have full
access to storage.
Compadmin1 must have application deployment authority. All the users of comp-admin group should
have full access of EC2.
Create a S3 bucket as yourfirstname-ddmmyyyy-store
create a IAM user who should have get and list authorization on that specific bucket.
Case2

Create a VPC in any given region of your choice as yourfirstname-vpc-ddmmyyy.

Create two subnets in that VPC. The CIDR should be as per your choice.
 The first subnet should be able to interact with internet and accept incoming ssh, http, https, icmp
requests.
 The second subnet should be internal. But EC2 instances created in this subnet should be able to
interact with the first subnet.
Case3
Create a EC2 instance on the first subnet on the VPC created in the above case. The instance should be
of Linux type. Test whether you are able to connect that from your own laptop/Desktop from external
network. Enable monitoring while creating the instance.
Not able to connect from the system due to errors/failed in installation of PUTTY

Create another EC2 instance on the second subnet the Instance must be using the same kind of Firewall
rules. Test whether both the systems are able to ping each other using the internal IP address.
Not able to connect from the system due to errors/failed in installation of PUTTY

Add a EBS volume in the first VM, the size of the volume should be 5GB. Show the information, that the
disk is attached to the first VM.
From the CloudWatch dash board enable event monitoring of EC2. Shutdown the first VM and start that
again. Check the dash board whether those events are captured.
Case4
Create a storage bucket as yourfirstname-emplyeeid. Enable versioning for that bucket.
In the bucket upload 3 jpeg or png or gif files from command line and a .txt file from console
After a while modify the text file by writing some new lines and again upload from command line.
Now, login to the console by using the stadmin1 user’s credential and check whether it can view the
content.
Logout from stadmin1 and log-in using stadmin2 and check whether it can create new bucket and
upload file.
First 30 days in S3-Standard
Next 100 days in S3-Standard-IA

Next 100 days in S3 Glacier and then expire.

Create another S3 bucket, provide name as per your choice, use the bucket to host static website.
Provide public access to that and check from outside whether everyone can access the content of the
site.
Case5
Create a billing alert and budget where you want to spend $500 maximum per month. You want to
receive notification when your spending will reach 60% 75% and 90% of monthly budget. Check whether
any bucket is created to store the logs.