NOIDA INSTITUTE OF ENGINEERING & TECHNOLOGY

GREATER NOIDA

CLOUD COMPUTING LAB

BMCA0301
Master of Computer Applications
(Session:2024-2025)

Affiliated to

Dr. A.P.J. Abdul Kalam Technical University, Lucknow (U.P.)

Under Guidance of: Submitted by:

Mr. ABHISHEK KUMAR Name: ASHUTOSH PANDEY

(Asst. Professor) Roll No.: 2301330140041
(School of Computer Applications)

1
 INDEX

Sr.No. Date List of Experiment Page SIGN

30 /08/ 2024 Navigate the AWS Management

1. Console.

30 /08/ 2024 Create and manipulate Elastic Compute

2. Cloud instances.

06 /09/ 2024 Create AWS EC2 Virtual Machine

3. Using AWS Console.

06 /09/ 2024 Monitoring Virtual Resources in AWS.

4.

04 /10 / 2024 Getting Started with S3 in Cloud.

5.

04 /10 / 2024 Working with EBS in AWS.

6.

18 /10 / 2024 Build a relational database server.

7.

18 /10 / 2024 Create private cloud, Designing a

8. Custom VPC (Virtual Private Cloud).

25 /11 / 2024 Create an IAM Group in Cloud.

9.

25 /11 / 2024 Built a RESTful serverless API on AWS.

10.

2
Experiment 1

Aim: Navigate the AWS Management Console.

Task 1. To open AWS Management Console for a service:

Steps:
To open AWS Management Console for a service do one of the following:
In the search box on the navigation bar, enter all or part of the name of the
service. Under Services, choose the service that you want from the list of search
results.
Under Recently visited services, choose a service
name. Under All services, choose a service name.
On the navigation bar, choose Services to open a full list of services.
Then choose a service under Recently visited or All services.

Task 2. To search for a service, feature, documentation, or AWS Marketplace product:

Steps:
In search box on the navigation bar of the AWS Management Console, enter all or part of your search
terms. Do any of the following to refine your search and get more detail:
To narrow the results to the type of content that you want, choose one of the categories on
the left. To see more results for a particular category, choose See all n results by each
category heading.
To return to the main results list, choose Back in the top left corner.
To quickly navigate to popular features of a service, pause on the service name in the results and choose a
link. To get more detail about a documentation or AWS Marketplace result, pause on the result title.
Choose any link to navigate to your intended service, topic, or AWS Marketplace page.

Task 3. To launch AWS Cloudshell:

Steps:
You can launch AWS CloudShell from the AWS Management Console using either one of the following two
methods:
Choose the AWS CloudShell icon on the console navigation bar.
Start typing "cloudshell" in the Find Services box and then choose the AWS CloudShell option.

Task 4. To get your billing information:

Steps:
On the navigation bar, choose your account name.
Choose Billing Dashboard.
3
Use the AWS Billing and Cost Management dashboard to find a summary and a breakdown of your monthly
spending.

4
Experiment 2

Aim: Create and manipulate Elastic Compute Cloud Instances.

Steps:

Task 1. Choose an Amazon Machine Image (AMI)

Choose the Services menu, locate the Compute services, and select EC2.
Choose the Launch instance button in the middle of the page, and then select Launch instance from the
dropdown menu.

Task 2. Choose an instance type

For this activity, we used a t2.micro instance. This instance type has 1 virtual central processing unit (CPU)
and 1 GiB of memory.

Task 3. Configure instance details

This page configures the instance to meet your requirements. This includes networking and monitoring
settings. Select Next: Add Storage.

Task 4. Add storage

Amazon EC2 stores data on a network-attached virtual disk called Amazon Elastic Block Store (Amazon EBS).

Task 5. Add tags

Tags help in categorizing the AWS resources in different ways; for example, by purpose, owner, or
environment. Select Add Tag, and then configure:
Key: Name
Enter Web Server
Value:
Enter

Task 6. Configure the security group

Keep the default selection Create a new security
Webenter
group. Security group name: Clear the text and Server
Security group for my web server
Description: Clear the text and enter

Task 7. Review the instance and launch

This is the final step to launch your EC2 instance. The Review page displays the configurations selected for
the instance you are about the launch.

Select View
Instances. Wait for
the following:
Instance state: Running
Status check: 2/2 checks passed
5
 Task 8. Access your EC2 instance
From the Details tab, copy the Public IPv4 address value of your instance to the clipboard.

Open a new tab in your web browser, paste the public IP address you just copied, and press
Enter. The webpage does not load. You must update the security group to be able to access
the page.

Task 9. Update the security group

You are not able to access your web server because the security group is not permitting inbound traffic on
port 80, which is used for HTTP web requests. In this task, you update the security group.
Return to the EC2 Management Console browser tab.
In the left navigation pane, under Network & Security, choose Security Groups.
Select the Web Server security group, which you created when launching your EC2
instance. In the lower pane, choose the Inbound rules tab.

Task 10. Create a rule

Create an inbound rule.
Choose Edit inbound rules, and then choose Add rule.
Configure the following:
Type: HTTP
Source:
Anywhere
Choose Save
rules
The new inbound HTTP rule creates an entry for IPv4 IP (0.0.0.0/0) and IPv6 IP addresses (::/0).

Task 11. Test your rule

Return to the tab that you used to try to connect to the web server.
Refresh the page.
The page should display the message Hello From Your Web Server!

6
Experiment 3

Aim: Create AWS EC2 Virtual Machine using AWS Console.

Steps:

$ aws ec2 run-instances --image-id ami-173d747e --count 1 --instance-type t1.micro -

-key-name MyKeyPair -- security-groups my-sg { c
"OwnerId": "123456789012",
"ReservationId": "r-5875ca20",
"Groups": [
{ "GroupName": "my-sg",
"GroupId": "sg-903004f8"
}
],
"Instances": [
{
"Monitoring":
{
"State": "disabled"
},
"PublicDnsName": null,
"Platform": "windows",
"State": {
"Code": 0,
"Name": "pending"
},
"EbsOptimized": false,
"LaunchTime": "2013-07-19T02:42:39.000Z",
"ProductCodes": [],
"InstanceId": "i-5203422c",
"ImageId": "ami-173d747e",
"PrivateDnsName": null,
"KeyName": "MyKeyPair",
"SecurityGroups": [
{
7
"GroupName": "my-sg",

"GroupId": "sg-903004f8"
}
],
"ClientToken": null,
"InstanceType": "t1.micro",
"NetworkInterfaces": [],
"Placement": {
"Tenancy": "default",
"GroupName": null,

"AvailabilityZone": "us-west-2b"
},
"Hypervisor": "xen",
"BlockDeviceMappings": [
{
"DeviceName": "/dev/sda1",
"Ebs": {
"Status": "attached",
"DeleteOnTermination": true,
"VolumeId": "vol-877166c8",
"AttachTime": "2013-07-19T02:42:39.000Z"
}
}
],
"Architecture": "x86_64",
"StateReason":
{
"Message": "pending",
"Code": "pending"
},
"RootDeviceName": "/dev/sda1",
"VirtualizationType": "hvm",
"RootDeviceType": "ebs",
"Tags": [
{
"Value": "MyInstance",
8
"Key": "Name"
}
],
"AmiLaunchIndex": 0

]
}

9
Experiment 4

Aim: Monitoring Virtual Resources in AWS.

Steps:

Task 1. Create and subscribe to an SNS topic

Choose the Services menu, locate the Application Integration section, and choose Simple Notification
Service. In the left navigation pane, select Topics.
Select Create topic.
For Type, select Standard.
For Name, enter MoneyAlert
Choose Create topic.
In the Subscriptions section, choose Create
subscription. For Topic ARN, select the MoneyAlert topic
you created. For Protocol, select Email to get an email
alert.
For Endpoint, enter your email address or phone number, depending on what you selected for
Protocol. Select Create subscription.

Task 2. Create a CloudWatch alarm

Now you will create the billing alert.
Choose the Services menu, locate the Management & Governance section, and choose
CloudWatch. In the left navigation pane, select Alarms.
Choose Create
alarm. Choose
Select metric.
Select Billing.
Select Total Estimated Charge.
Check the box for
EstimatedCharges. Choose Select
metric.

In the Notification section, configure the

following: For Alarm state trigger, choose In
alarm.
For Select an SNS topic, choose Select an existing SNS topic.
For Send a notification to..., choose the MoneyAlert topic.

For Alarm name, enterMoneyAlertAlarm

Review the settings. Scroll down and choose Create alarm.
Congratulations! You have set up a CloudWatch alarm that uses Amazon SNS to send an alert when the cost
of services reaches $100.

10
11
Experiment 5

Aim: Getting started with S3 in Cloud.

Steps:

Task 1. Create an S3 bucket

Choose the Services menu, locate the Storage services, and select
S3. Select Create bucket on the right side of the page.
For Bucket name, enter a unique Domain Name System (DNS)-compliant name for your new bucket.
For Region, choose the AWS Region where you want the bucket to reside.
The new bucket appears in the Buckets list.

Task 2. Add a bucket policy to make the content publicly available

Choose the link for your bucket's name, and then select the Permissions tab and make it public.

Task 3. Upload an HTML

document In the console, choose
the Objects tab. Upload the html
file to your bucket.
Choose Upload.
Drag and drop the index.html file onto the upload
page. Expand the Permissions section.
Under Predefined ACLs, select Grant public-read access.
Expand the Properties section.
Ensure that the Standard storage class is
selected. At the bottom of the page, choose
Upload.
Choose Close.
The html file appears in the Objects list.

Task 4. Test your website

Select the Properties tab, and scroll down to the Static website hosting section.
Choose Edit.
Select Enable.
In the Index document text box, enter html file name
Select “Save changes”
Scroll down to the Static website hosting section again, and copy the Bucket website endpoint URL to
your clipboard.
Open a new tab in your web browser, paste the URL you just copied, and press Enter.
The Hello World webpage should display.

12
13
Experiment 6

Aim: Working with EBS in AWS.

Steps:

Task 1. Choose an Amazon Machine Image (AMI) and an instance type

Choose the Services menu, locate the Compute services, and select EC2.
Choose the Launch instance button in the middle of the page, and then select Launch instance from the
dropdown menu.
To the right of the Amazon Linux 2 AMI (HVM), SSD Volume Type AMI name, choose Select.

Task 2. Configure instance details

Scroll down, and expand Advanced Details. A field for User data appears.
write the following code and paste it into the User data field.

#!/bin/bash
yum update
-y
yum -y install httpd
systemctl enable
httpd systemctl
start httpd
echo '<html><h1>Hello World!</h1></html>' > /var/www/html/index.html

This script does the following:

Updates the server
Installs an Apache web server (httpd)
Configures the web server to automatically start on
boot Activates the web server
Creates a simple webpage
Select Next: Add Storage.

Task 3. Add storage and tags

Amazon EC2 stores data on a network-attached virtual disk called Amazon Elastic Block Store (Amazon EBS).
You will launch the Amazon EC2 instance using a default 8 GiB disk volume.

Choose Next: Add Tags.

Select Add Tag, and then configure:
Key:Name
Value:Web Server
Select Next: Configure Security Group.

14
 Task 4. Configure the security group
Configure a new security group:
Keep the default selection Create a new security
group. Select Review and Launch.

Task 5. Review the instance and launch

This is the final step to launch your EC2 instance.
When you are finished reviewing the launch details, select Launch.
Select Launch Instances.
Select View Instances.
The instance will appear in the Pending state, which means it is being launched. It will then change to
Running, which indicates that the instance has started booting.

Task 6. Access your EC2 instance

When you launched your EC2 instance, you provided a script that installed a web server and created a
simple webpage. In this task, you will try to access the content from the web server.
Select the Web Server instance, choose the Details tab, and copy the Public IPv4 address value of your
instance to your clipboard.
Open a new tab in your web browser, paste the public IP address you just copied, and press
Enter. The webpage does not load. You must update the security group to be able to access
the page.

Task 7. Update the security group

Return to the EC2 Management Console browser tab.
In the left navigation pane, under Network & Security, choose Security Groups.
Select the Web Server security group, which you created when launching your EC2
instance. In the lower pane, choose the Inbound rules tab.
Create an inbound rule.
Choose Edit inbound rules, and then choose Add rule.
Configure the following:
Type: HTTP
Source:
Anywhere
Choose Save
rules
Return to the tab that you used to try to connect to the web server, and refresh the
page. The page should display the message Hello World!

Task 8. Attach an EBS volume to your EC2 instance

Return to the EC2 Management Console browser tab.
In the left navigation pane, under Elastic Block Store, select
Volumes. Select Create Volume.
For Size, enter 1 to create a volume with 1 GiB.
For Availability Zone, select the same Availability Zone that your EC2 instance is running in.
15
Select Create Volume.
Select Close.
The new volume appears in the volumes list with a state of
available. Select the new volume. Then, choose Actions, and Attach
Volume.
Select the Instance drop-down menu, and then select your EC2 instance. The device will automatically
populate. Select Attach.
The state of the volume changes to in-use. The new volume is now attached to your EC2 instance.

16
Experiment 7

Aim: Build a relational database server.

Steps:

Task 1: Create a Security Group for the RDS DB Instance

In the AWS Management Console, on the Services menu, choose
VPC. In the left navigation pane, choose Security Groups.
Choose Create security group and then configure:
Security group name: DB Security Group
Description: Permit access from Web Security Group
VPC: Lab VPC

Task 2: Create a DB Subnet Group

On the Services menu, choose RDS.
In the left navigation pane, choose Subnet groups.
Name: DB-Subnet-Group
Description: DB Subnet Group
VPC: Lab VPC
Scroll down to the Add Subnets section.
Choose Create

Task 3: Create an Amazon RDS DB Instance

In the left navigation pane, choose Databases.
Choose Create database
Select MySQL.
Under Storage, configure:
Storage type: General Purpose (SSD)
Allocated storage: 20
Under Connectivity, configure:
Virtual Private Cloud (VPC): Lab VPC
Under Existing VPC security groups, from the dropdown list:
Choose DB Security Group.
Choose Create database

Task 4: Interact with Your Database

Open a new web browser tab, paste the WebServer IP address and press Enter.
The web application will be displayed, showing information about the EC2
instance. Choose the RDS link at the top of the page.
Configure the following settings:
Endpoint: Paste the Endpoint you copied to a text editor earlier
Database: lab
Username: main
17
Password: lab-password
Choose Submit

18
Experiment 8

Aim: Create a private cloud - Designing a custom VPC (Virtual Private Cloud).

Steps:

Task 1: Create your VPC

In the AWS Management Console, on the Service menu, choose
VPC. Choose Launch VPC Wizard
VPC name: Lab VPC
Availability Zone: Select the first Availability Zone
Public subnet name: Public Subnet 1
Availability Zone: Select the first Availability Zone
Private subnet name: Private Subnet 1
Choose Create VPC

Task 2: Create Additional Subnets

In the left navigation pane, choose Subnets.
Choose create subnet then configure:
VPC ID: Lab VPC
Subnet name: Public Subnet
2 Select the second Availability Zone
Availability Zone:

Task 3: Create a VPC Security Group

In the left navigation pane, choose Security Groups.
Choose Create security groups and then configure:
Security group name: Web Security Group
Description: Enable HTTP access
VPC: Lab VPC
In the Inbound rules pane, choose “Add Rule”
Configure the following settings:
Type: HTTP
Source: Anywhere-IPv4
Description: Permit web
Scroll to the requests
bottom of the page and choose create security group

19
20
Experiment 9

Aim: Create an IAM Group in Cloud.

Steps:

Task 1. Explore the users and groups

First, note the Region that you are in.
Choose the Services menu, locate the Security, Identity, & Compliance services, and choose
IAM. In the navigation pane on the left, choose Users.
The following IAM users have already been created:
user-1
user-2
user-3
Choose the name of user-1.
This brings you to a summary page for user-1.
The Permissions tab will be displayed.
Notice that user-1 does not have any permission.

Choose the Groups tab.

Notice that user-1 also is not a member of any of the groups.
Choose the Security credentials tab.
Notice that user-1 is assigned a Console password.
This allows the user to access the AWS Management Console.

In the navigation panel on the left, choose User

groups. The following groups have already been
created:
EC2-Admin
EC2-Support
S3-Support

Choose the name of the EC2-Support group.

This brings you to the summary page for the EC2-Support group.

Choose the Permissions tab.

Under Policy Name, choose the link for the AmazonEC2ReadOnlyAccess policy.
Choose the {} JSON tab.
Statements in an IAM policy have the following basic

structure: Effect says whether to Allow or Deny the

permissions.
Action specifies the API calls that can be made against an AWS service.
Resource defines the scope of entities covered by the policy rule.

21
In the navigation pane on the left, choose User
groups. Choose the name of the S3-Support group.
Choose the Permissions tab.
The S3-Support group has the AmazonS3ReadOnlyAccess policy attached.
Under Policy Name, choose the link for the AmazonS3ReadOnlyAccess policy.
Choose the {} JSON tab.

This policy has permissions to Get and List for all resources in Amazon S3.
In the navigation pane on the left, choose User groups.
Choose the name of the EC2-Admin group.
Choose the Permissions tab.

Under Policy Name, choose the name of the EC2-Admin-Policy policy.

Choose the JSON tab.
This policy grants permission to Describe information about Amazon EC2 instances, and also the
ability to Start and Stop instances.
At the bottom of the screen, choose Cancel to close the policy.

Task 2. Add users to groups

You want to add user-1 to S3-Support group so that they inherit the necessary permissions via
the attached AmazonS3ReadOnlyAccess policy.
Add user-1 to the S3-Support group
In the left navigation pane, choose User groups.
Choose the name of the S3-Support group.
On the Users tab, choose Add
users. Select user-1, and choose
Add users.
On the Users tab, notice that user-1 has been added to the group.

Add user-2 to the EC2-Support group

You want to add user-2 to EC2-Support group so that they inherit the necessary permissions via
the attached AmazonEC2ReadOnlyAccess policy.
Use what you learned from the previous steps to add user-2 to the EC2-Support group.
user-2 should now be part of the EC2-Support group.

Add user-3 to the EC2-Admin group

You want to add user-3 to the EC2-Admin group so that they inherit the necessary permissions via
the attached EC2-Admin-Policy.
Use what you learned from the previous steps to add user-3 to the EC2-Admin group.
user-3 should now be part of the EC2-Admin
group. In the navigation pane on the left, choose
User groups.

Task 3. Sign in and test users

Get the console sign-in URL
22
In the navigation pane on the left, choose Dashboard.
Notice the Sign-in URL for IAM users in this account section at the top of the
page. Copy the sign-in link to a text editor.

Test user-1 permissions

Open a private or incognito window in your browser.
Paste the sign-in link into the private browser, and press ENTER.
You will now sign-in as user-1, who has been hired as your Amazon S3 storage support
staff. Sign in with the following credentials:
IAM user name: user-1
Password: Lab-Password1
Choose the Services menu, and choose S3.
Choose the name of one of your buckets, and browse the contents.

Because this user is part of the S3-Support group in IAM, they have permissions to view a list of Amazon S3
buckets and their contents.
Now, test whether the user has access to Amazon
EC2. Choose the Services menu, and choose EC2.

In the left navigation pane, choose Instances.

You cannot see any instances. Instead, an error message says you are not authorized to perform this
operation. This user has not been assigned any permissions to use Amazon EC2.
You will now sign in as user-2, who has been hired as your Amazon EC2 support person.
First, sign out user-1 from the console:
In the upper-right corner of the page, choose user-1.
Choose Sign Out.

Test user-2 permissions

Paste the sign-in link into the private browser again, and press
ENTER. Sign in with the following credentials:
IAM user name:user-2
Password:Lab-Password2
Choose the Services menu, and choose EC2.
In the navigation pane on the left, choose Instances.
You are now able to see an EC2 instance. However, you cannot make any changes to Amazon EC2 resources
because you have read-only permissions.

Select the EC2 instance.

Choose the Instance state menu, and then choose Stop
instance. To confirm that you want to stop the instance,
choose Stop.
An error message appears and says that You are not authorized to perform this operation. This demonstrates
that the policy only allows you to view information without making changes.
Next, check if user-2 can access Amazon S3.

23
Choose the Services menu, and choose S3.
An error message says You don't have permissions to list buckets because user-2 does not have
permissions to use Amazon S3.
You will now sign-in as user-3, who has been hired as your Amazon EC2
administrator. First, sign out user-2 from the console:
In the upper-right corner of the page, choose user-2.
Choose Sign Out.

Test user-3 permissions

Paste the sign-in link into the private browser again, and press
ENTER. Sign in with the following credentials:
IAM user name:user-3
Password:Lab-Password3
Choose the Services menu, and choose EC2.
In the navigation pane on the left, choose Instances.
An EC2 instance is listed. As an Amazon EC2 Administrator, this user should have permissions to Stop the EC2
instance.
Select the EC2 instance.
Choose the Instance state menu, and then choose Stop instance.
To confirm that you want to stop the instance, choose Stop.
This time, the action is successful because user-3 has permissions to stop EC2 instances. The
Instance state changes to Stopping and starts to shut down.
Close your private browser window

24
Experiment 10

Aim: Build a RESTFul serverless API on AWS.

Steps:

Task 1. Create a New REST API

In the AWS Management Console, click Services then select API Gateway under Application Services.
Choose Create API.
Select New API and enter WildRydes for the API Name.
Keep Edge optimized selected in the Endpoint Type dropdown. Note: Edge optimized are best for public
services being accessed from the Internet. Regional endpoints are typically used for APIs that are accessed
primarily from within the same AWS Region.
Choose Create API

Task 2. Create a Cognito User Pools Authorizer

Under your newly created API, choose Authorizers.
Chose Create New Authorizer.
Enter WildRydes for the Authorizer
name. Select Cognito for the type.
In the Region drop-down under Cognito User Pool, select the Region where you created your Cognito user
pool.
Enter WildRydes (or the name you gave your user pool) in the Cognito User Pool
input. Enter Authorization for the Token Source.
Choose Create.
Verify your authorizer configuration
Open a new browser tab and visit /ride.html under your website's domain.
If you are redirected to the sign-in page, sign in with the user you created in the last module. You will be
redirected back to /ride.html.
Copy the auth token from the notification on the /ride.html,
Go back to previous tab where you have just finished creating the
Authorizer Click Test at the bottom of the card for the authorizer.
Paste the auth token into the Authorization Token field in the popup dialog.

Task 3. Create a new resource and method

In the left nav, click on Resources under your WildRydes API.
From the Actions dropdown select Create Resource.
Enter ride as the Resource Name.
Ensure the Resource Path is set to
ride.
Select Enable API Gateway CORS for the resource.
Click Create Resource.
With the newly created /ride resource selected, from the Action dropdown select Create Method.

25
Working with EBS in AWS.
Build a relational database server.
Create a private cloud - Designing a custom VPC (Virtual Private Cloud).
Create an IAM Group in Cloud.
Build a RESTFul serverless API on AWS.

Select POST from the new dropdown that appears, then click the checkmark.
Select Lambda Function for the integration type.
Check the box for Use Lambda Proxy integration.
Select the Region you are using for Lambda Region.
Enter the name of the function you created in the previous module, RequestUnicorn, for Lambda Function.
Choose Save.

Task 4. Deploy Your API

In the Actions drop-down list select Deploy API.
Select [New Stage] in the Deployment stage drop-down list.
Enter prod for the Stage Name.
Choose Deploy.
Note the Invoke URL. You will use it in the next section.

Task 5. Update the Website Config

visit /js/config.js under the base URL for your website and choose File, then choose Save Page As from your

browser.

Open the config.js file in a text editor.

Update the invokeUrl setting under the api key in the config.js file. Set the value to the Invoke URL for the deployment
stage your created in the previous section.

An example of a complete config.js file is included below. Note, the actual values in your file will be different.

window._config = {
cognito: {
userPoolId: 'us-west-2_uXboG5pAb', // e.g. us-east-2_uXboG5pAb
userPoolClientId: '25ddkmj4v6hfsfvruhpfi7n4hv', // e.g. 25ddkmj4v6hfsfvruhpfi7n4hv region: 'us-west-2' // e.g. us-
east-2
},
api: {
invokeUrl: 'https://rc7nyt4tql.execute-api.us-west-2.amazonaws.com/prod' // e.g. https://rc7nyt4tql.execute-api.us-
west-2.amazonaws.com/prod,
}
};
Save your changes locally.
In the AWS Management Console, choose Services then select S3 under Storage.
Navigate to the website bucket and then browse to the js key prefix.
Choose Upload.
Choose Add files, select the local copy of config.js and then click Next.
26
Choose Next without changing any defaults through the Set permissions and Set properties sections.

Choose Upload on the Review section.

27
28