Assessment Title Assignment 2 Configure the cloud servicesCompetency Details

Unit code/s and title/s ICTCLD401 - Configure cloud services (Release 1)

Qualification code/s and title/s National Code: ICT40120

Certificate IV in Information Technology

Business unit/Work group Business and Arts / IT Studies

Instructions

Method/s of assessment Product and Questioning (Written)

Overview of assessment This assessment will require you to demonstrate your abilityto setup and config AWS cloud services as required, seeking feedback, and summary documentation.

Task/s to be assessed This assessment will require you to complete the practical tasks to set up cloud services:

Task 1: List functions, benefits and differences of cloud services

Task 2: Implement Cloud User

Task 3: Create AWS Virtual Network and Security settings

Task 4: Deployment of automatic scaling

Task 5: Complete project documentation and seek feedback.

Task 6: Respond to feedback

Students will also complete written answers to questions on the topics above.

Time allowed Refer to your schedule for submission dates Location of assessment Assessment can be completed anywhere with access to the resources required.(See Resources Required section below)

Decision making rules To receive a satisfactory outcome for this assessment you must complete all parts correctly.

Word counts are provided as guidance only.

Assessment conditions This assessment must be undertaken where the conditions replicate noise levels and interruptions that people typically experience working in the ICT industry.

This is an unsupervised assessment and you may access any required resources.

This is not group work and must be completed as an individual.Resources required To complete this assessment, you will require the following:

Access to Learn with Internet access

Learn resources

Word processing software such as Microsoft Word.

AWS account to be able to perform the tasks

AWS learning site to perform the tasks

ICTCLD401 - ASDS - Organisational Requirement.docx

Result notification and reassessment information You will be provided feedback and the result for your assignment on TAFESA Learn. You will be and given the chance to resubmit with required corrections only once.

Refer to the TAFE SA assessment policy for more information https://www.tafesa.edu.au/apply-enrol/before-starting/student-policies/assessmentScenario: Erfys Confection is pleased with your research and analysis of their current cloud requirements (Assignment 1). To fully commit to the cloud migration the board members would like to see a working proof of concept. Perform the following tasks to demonstrate the benefits of cloud adoption.

Task 1: List functions, benefits and differences of cloud services

After comparing the functions and benefits, list your recommended AWS services based on Erfys Confectionarys cloud service requirement and justify with reasons?

Vertical scaling or horizontal scaling

Virtual machines or Physical machines

Relational database or data warehouse or no SQL databases

self-hosted or managed or cloud-native database solutions

Block storage and object storage

archive storage and network filesystems storage

Answer

Adopted option(s) AWS Services Choice Recommendation Justification

Vertical scaling or horizontal scaling Virtual machines or Physical machines Relational database, data warehouse, or no SQL databases Self-hosted, or Managed or Cloud-native database solutions Block storage and object storage archive storage and network filesystems storage Task 2: Implement Cloud User

Accounts and restricted accessBelow are the tasks you need to implement on your AWS account or LMS environment. For each step you are required to provide a screenshot of each task.

Following the organisational requirements (File: ICTCLD401 - ASDS - Organisational Requirement.docx), complete the following tasks:

Create all the users listed in appendix A that require cloud access.

Create groups suitable for achieving the requirements identified in the Security requirements section of the Organisational requirements.

Use your initial name in front of the group name, for example, John Smith will use JS-CEO as the CEO group name.

Assign permissions according to the Security requirements and Business protocols sections of the Organisational requirements.

Update password policy

Test user access and multi-factor authentication by logging into AWS web services with the CEOs account.

Insert screenshots below:

All created users with the group assigned.

CEO & Sales manager accounts to be logged in with the management console

Groups with security permissions assigned.

AWS Password Policy Screenshot

Multi-factor authentication login screenshot (R&D manager)

Use the AWS command Tool to list all users using the CEOs account

Task 3: Create AWS Virtual network and Security settingsAs a proof of concept before migration, your manager would like to see a simulated environment to test all functions and features.

Implement a multi-tiered network capable of supporting auto scaling. See network diagram below (fig.2):

Use the following network address:

10.X.0.0/16 to set up your virtual cloud network.

Use your year of birth as X, e.g., 1995 X=.95

fig.2

Create a multi-tiered virtual network according to the business requirements to support cores services and auto-scaling. (ICTCLD401 - ASDS - Organisational Requirement.docx)

You need to:

Set up a VPC (Virtual Private Cloud) network (your names initial@ ErfylVPC) and creates related subnets.

Create one virtual network and inside the network create 2 public and 2 private networks.

Assign Public/Private subnets to the related routing table associations based on requirements.

Create a security group that only allow HTTP, HTTPS and SSH to access the public network.

Insert the screenshots for the below Subnet Reference Table (replace X with the number provided previously)

Subnet Name IP Address Range Availability Zone Routing Table screenshot Subnet screenshot

ErfylVPC 10.X.0.0/16 N/A N/A Public Subnet 1 10.X.1.0/24 [Area]-[Location]-[Number]a (for example, us-west-2a) Private Subnet 1 10.X.2.0/24 Same as above Public Subnet 2 10.X.3.0/24 [Area]-[Location]-[Number]b (for example, us-west-2b) Private Subnet 2 10.X.4.0/24 Same as above Insert a screenshot showing the security group.

Insert the screenshot of routes for all your routing tables

Create virtual machines:

For test purposes, the ITWorks manager needs you to set up a virtual server according to the business requirements (Cloud service requirements section).

Configure the following:

Public IP address (obtained from AWS)

The VM as a HTTP server in your public Zone B with the below loading script:

------------------

#!/bin/bash -ex

# Updated to use Amazon Linux 2

yum -y update

yum -y install httpd php mysql php-mysql

amazon-linux-extras install -y lamp-mariadb10.2-php7.2 php7.2

yum install -y httpd mariadb-server

/usr/bin/systemctl enable httpd

/usr/bin/systemctl start httpd

cd /var/www/html

wget https://aws-tc-largeobjects.s3.amazonaws.com/CUR-TF-100-ACCLFO-2/lab5-rds/lab-app-php7.zip

unzip lab-app-php7.zip -d /var/www/html/

chown apache:root /var/www/html/rds.conf.php

---------------------

Setup virtual network security rules to only allow HTTP, HTTPS and SSH traffic to public subnets.

Test your HTTP access from your home/class PC and take screenshots.

Insert your screenshots below:

EC2 console with public IP address and availability zone

Security Groups with rules allow HTTP, HTTPS & SSH

Successful web access page from your computer

Add additional storage and make storage expandable.

Erfys Confectionary wish to test storage functionality.

Conduct the below tasks:

Create an Amazon EBS volume with your name initials

Attach and mount your volume to an EC2 instance

Increase the EBS storage size from 1 GB to 10 GB

Insert the following screenshots:

EBS page

EC2 instance page

EBS storage resize page

DF h result in Linux CLI

Erfys Confectionary wish to implement a highly available database. Perform the following tasks:

Launch an Amazon RDS DB instance with high availability across 2 different availability zones.

Configure the DB instance to permit connections from your web server.

Open a web application and link to your database.

Configure RDS backup retention period to 14 days

Insert the following screenshots:

Network DB security group.

Database Subnet Group

Database creation

The website successfully connects to Database (Showing address book)

Database retention period is set up as 14 days

Complete the troubleshooting table below:

Problems Description (Cause) Common Fix

Web site accessibility fail but ok with other websites DNS service cannot resolve domain after transferring domain to AWS Route 53. Public instance cannot access Internet Task 4: Deployment of automatic scalingIn this task, you need to configure and apply auto-scaling to the virtual machine according to the Cloud requirements section of the organisational requirements. Once it is configured, you need to test and fix errors faced in the autoscaling.

To complete this activity, you need to do the tasks below:

Create an Amazon Machine Image (AMI) from a running instance.

Create a load balancer.

Create a launch configuration and an Auto Scaling group.

Automatically scale new instances within a private subnet

Create Amazon one CloudWatch target tracking policy and monitor the performance of your infrastructure.

Enable the CPU load of your VM and check that 2 to 5 instances are created.

Test autoscaling and fix errors

Final stage diagram Fg3:

Fg3.

Insert your screenshot for each request below:

Insert your screenshot for each request below:

Created AMI image

Load balance status page with DNS name

Launch configuration status page

Auto scaling groups detail page

Target Tracking policy page

Open Load balance DNS name in the browser

Enable CPU load

CloudWatch In alarm state after loading CPU on the webpage

At least 4 instances created on Auto scaling groups instance management page

Complete the troubleshooting table below:

Problems Description (Cause) Common Fix

Cannot find Load Balancer You are not authorized to perform this operation" error message when you try to access the web services Task 5: Complete project documentation and seek feedback.You are required to complete the following summary tasks:

Erfys Confectionary users require some instruction to perform some of the more complicated tasks. Create user documentation with instructions on how to create a new EC2 instance.

Include step-by-step instructions

Include screenshots to help the user

Use easy-to-read language

Store all documents according to the Organisational documentation storage procedures section of the Organisation requirements document (ICTCLD401 - ASDS - Organisational Requirement.docx).

After you have submitted the document, you are required to:

Composeanemailto the ITWorks manager (Lecturer). Do not send itbutsave and submit this email toLEARN.

The email should include the following. (Approximately 50 words)

Inform the ITWorks manager that theuser documentation has been submitted

Insert a screenshot of the submitted document of AWS S3

Seek feedbackfromthe ITWorks manager

Of your performance.

Any additional tasks or requirements.

Instruction for upload:

Please ensure the following is done when you submit your work:

Upload it to the TAFESA moodle. Ensure that youve named your file(s) according to the following: subject__assessment_lastname.doc (ie. CLD401_Assignment_Evans.doc)

Upload must include:

This document (Tasks 1-4).

The user documentation (from Task 5).

Lecturer preference may vary but students should only submit one file that contains all of their work. This saves time and the need to open and modify multiple documents. The layout of the document should be as follows:

TAFESA Online Assignment Cover Sheet

Use this document and place your evidence in the appropriate sections.

If youre still unsure about what/how to submit your assignment, consult your lecturer.

Task 6 Respond to feedback

Complete the additional tasks sent by your client.

Compose an email message in response, including the following:

Screenshot of your completed tasks

Public link to your document

insert this public link here.

Instruction for upload:

Please ensure the following is done when you submit your work:

Upload it to the TAFE SA moodle. Ensure that youve named your file(s) according to the following: subject__assessment_lastname.doc (ie. CLD401_Assignment_Evans.doc)

Upload must include:

This document (Tasks 6).

Lecturer preference may vary but students should only submit one file that contains all of their work. This saves time and the need to open and modify multiple documents. The layout of the document should be as follows:

TAFESA Online Assignment Cover Sheet

Use the this document and place your evidence in the appropiate sections.

If youre still unsure about what/how to submit your assignment, consult your lecturer.