Starting with the AWS CLI CSCS402 Assessment
- Subject Code :
CSCS402
- University :
others Exam Question Bank is not sponsored or endorsed by this college or university.
- Country :
Canada
Program: CS
Course: Cloud Security
Assignment 2: Starting with the AWS CLI
Name: ___________________________________
Part A: First steps
- Install the AWS CLI either in your computer or in a VM of your choice. Show the steps with screenshots.
- How can you ensure your commands in the CLI prompt are sent to the proper AWS account?
- Which two local files are important to keep configuration and authentication information for your AWS account? Where are they located?
- Where is the AWS access key locally stored? Would you share it with a colleague at work? Why?
Part B: Instances
IMPORTANT NOTE: Resolve all commands in this and next sections using only the AWS CLI. The use of the dashboard will be considered null.
5. What would be the command in the AWS CLI to start an existing instance with ID i-1234567890abcdef0?
6. And how would you spin up a new instance considering the information below?
Image ID: ami-xxxxxxxx
Type: t2.micro
Key pair: MyKeyPair
Subnet: subnet-6e7f829e
Security group ID: sg-903004f8
7. With a CLI command, add a tag named ServerType with value MailServer to the instance with ID i-5203422c.
Part B: Storage
8. Explain in detail what the command below would perform.
aws ec2 attach-volume --volume-id vol-1234567890abcdef0 --instance-id i-01474ef662b89480 --device /dev/sdb
9. Why do you think the device was not /dev/sda in the command above?
10. John is considering the storage above for the Document Root of several webservers within a load balancing group, so that updating the static content by web developers takes immediate effect in all servers. What do you think?
Part C: Networking
11. Sarah wants to create an auto-scaling group named webservers-group for a farm of webservers with a timeout of 30 seconds. She executed the command below, but it does not work. Help her.
aws autoscaling attach-load-balancers --load-balancer-names web-load-balancer
12. Peter tried to remove the security group with ID sg-903004f8 with the command below, but he got an error about dependency violation. What is the most probable cause?
aws ec2 delete-security-group --group-id sg-903004f8
13. Complete the command below to create a NACL to allow HTTPS traffic from Internet.
aws ec2 create-network-acl-entry --network-acl-id acl-5fb85d36 --ingress --rule-number 100
14. With a similar command as the one above, create a NACL to block all outbound TCP traffic to a known malicious IP (use 1.2.3.4 as an example). You can use a random ACL ID and for rule number use the last 3 digits of your student ID.
