Final Project Part 1

Overview for Final project

Web Server: http://52.204.104.204/

VPC

Configuration for VPC for Part 1

Resource Map

Subnets

Public Subnet

Private Subnet

Routing Tables

Public Routing Table

Private Routing Table

Internet Gateway

NAT Gateway

Elastic IP Addresses

Instances

EC2 Web

• Name: EC2 Web
• AMI: Amazon Linux 2 AMI
• Instance Type: t2.micro

Network Configs:

EC2 Management

• Name: EC2 Management
• AMI: Amazon Linux 2 AMI
• Instance Type: t2.micro

Network Configs:

EC2-MySQL

• Name: EC2-MySQL
• AMI: Amazon Linux 2 AMI
• Instance Type: t2.micro

Network Configs:

Screenshots

Jump box to database server - successful ssh

Web server to Database server - unsuccessful ssh

Security Groups

EC2 Web

EC2 Management

EC2-MySQL

Network ACL

Public Subnet

Private Subnet

Final Project Part 2

CloudWatch Metrics

EC2 Web

EC2 Management

EC2-MySQL

CloudWatch Alarms

ICMP>=10

This is an alarm set for EC2 Web, that if the threshold of packets sent to it is over 10, and alarm will go off.

EC2-MySQL Failing

This alarm will check for any system failings on the EC2-MySQL instance. This can be important especially since this is the Database for our Web Server and is vital for the backend.

75 CPU Utilization

This alarm will trigger when the CPU Utilization of EC2 Web is over 75%. In theory, you could use this to then automatically load balance the web server via a load balancer/auto scaler.

CloudTrail

S3 Bucket Logging

This logging event says that an AwsApiCall was from my account or the voclab account. And is essentially saying that I accessed the S3 Dashboard based on the event name of GetStorageLensDashboardDataInternal.

Similarly this one is a similar access log that says I tried to access a specific page on the AWS Console: