Lab2_VPC

docx

School

Northern Kentucky University *

*We aren’t endorsed by this school

Course

285

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

6

Uploaded by Lukem11568

Report
CIT 438 Cloud Computing Lab#02: Virtual Private Cloud (VPC) In this lab, you will study the Virtual Private Cloud (VPC). You will use the AWS CLI to build a VPC. Tools and Materials 1. One CentOS VM on the vSphere server 2. AWS credentials 3. AWS CLI 4. Ubuntu Server 20.04 LTS AMI: ami-09e67e426f25ce0d7 Note: You need to replace words in italics with your information. Part 1 Create a VPC and a subnet 1. Log in your VM as cit438. Switch to root. Create a VPC via the following command: aws ec2 create-vpc --cidr-block 10.6.8.0/26 What is the output? What is VpcId? The information about the vpc is the output, my VpcId is vpc -03ae197d2f16f855c 2. Create a subnet in the VPC created at step 1 via the following command: aws ec2 create-subnet --vpc-id your_VpcId --cidr-block 10.6.8.0/28 --availability-zone us-east-1a What are your command and its output? What is SubnetId? How many IP addresses are there in your subnet? The command sets up the Subnet, and it output is details about the subnet and what it consists of. The SubnetId is subnet- 08c098e8382995721, and I have 11 Ip addresses 3. Create an internet gateway for your VPC with the following command: aws ec2 create-internet-gateway What is the internet gateway? What is the output? What is InternetGatewayId? component that allows communication between instances in your VPC and the internet. The output is my userId and the InernetGatewayId, my GatewayId is igw- 0981130380d3099ee 1
4. Attach the internet gateway to your VPC to enable connectivity between the internet and your VPC with the following command: aws ec2 attach-internet-gateway --vpc-id your_VpcId --internet-gateway-id your_ InternetGatewayId What is your command? aws ec2 attach-internet-gateway --vpc-id vpc -03ae197d2f16f855c --internet-gateway-id igw- 0981130380d3099ee 5. Create a route table for your VPC with the following command: aws ec2 create-route-table --vpc-id your_VpcId What are your command and its output? What is RouteTableId? aws ec2 create-route-table --vpc-id vpc -03ae197d2f16f855c, the output is the route table and it conents such as its Id which is, rtb-080f2d99f620cee78 6. Create a networking route in your route table within your VPC with the following command: aws ec2 create-route --route-table-id your_RouteTableId --destination-cidr-block 0.0.0.0/0 -- gateway-id your_ InternetGatewayId What are your command and its output? aws ec2 create-route --route-table-id rtb-080f2d99f620cee78--destination-cidr-block 0.0.0.0/0 -- gateway-id igw-0981130380d3099ee, it returned true 7. Verify your route has been created and is active with the following command: aws ec2 describe-route-tables --route-table-id your_RouteTableId What are your command and its output? aws ec2 describe-route-tables --route-table-id rtb-080f2d99f620cee78, the output is a describe of the route table we just setup 8. Associate the subnet with the route table in your VPC with the following command. This association causes traffic from your subnet to be routed according to the routes in your route table. aws ec2 associate-route-table --subnet-id your_ SubnetId --route-table-id your_RouteTableId 2
What are your command and its output? aws ec2 associate-route-table --subnet-id subnet-08c098e8382995721 --route-table-id rtb-080f2d99f620cee78, the output is the associationId 9. Modify the public IP addressing attribute with the following command so that the EC2 Instance launched into your subnet automatically receives a public IP address. aws ec2 modify-subnet-attribute --subnet-id your_ SubnetId --map-public-ip-on-launch What are your command and its output? aws ec2 modify-subnet-attribute --subnet-id subnet-08c098e8382995721 --map-public-ip- on-launch, , there was no output. 10. Do the following steps to test if the VPC, subnet, routing table you created at the previous steps function. Create a security group via the following command: aws ec2 create-security-group --group-name your_username --description "my security group" --vpc-id your_VpcId What is your security group Id? Id is sg-0fe9eb587b80eb52d Add a rule, which allows incoming traffic over port 22 for SSH, to the security group with the following command: aws ec2 authorize-security-group-ingress --group-id your_security_group_id -- protocol tcp --port 22 --cidr 0.0.0.0/0 If you want to reuse the key pair that you created in lab 1, then you can skip this step. Create a key pair with the following command (you may need to run "aws ec2 delete-key-pair --key-name your_username -key" to delete your key file first and then recreate a new key file ) : aws ec2 create-key-pair --key-name your_username -key --query 'KeyMaterial' -- output text > devenv-key.pem Modify permissions to the devenv-key.pem file with the following command so that only you can access it: chmod 400 devenv-key.pem 3
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Launch an EC2 instance into your VPC with the following command: aws ec2 run-instances --image-id ami-09e67e426f25ce0d7 --count 1 --instance-type t3.micro -- key-name your_username -key --security-group-ids your_security_group_id --subnet-id your_ SubnetId Use the SSH command to log into your instance and then run "ping google.com" What are the first 5 lines of the output? They are pings from google.com Before moving on to the next session, exit out of your EC2 Instance by typing exit. You will need to exit twice if you made yourself root using sudo. Terminate you instance with the following command: aws ec2 terminate-instances --instance-ids your_InstanceId Part 2: NACL (Network Access Control List) 11. Find out the default NACL for your subnet with the following command: aws ec2 describe-network-acls --region us-east-1 --output table --query 'NetworkAcls[*].NetworkAclId' --filters Name=association.subnet-id,Values= your_ SubnetId Note - Make sure there is no space between Key=Value ie Values= subnetid. There cannot be any spaces between the equals sign otherwise you will get an error ie aws ec2 describe-network-acls --region us-east-1 --output table --query 'NetworkAcls[*].NetworkAclId' --filters Name=association.subnet-id,Values= subnet- 0d61567a0ae6da699 Error parsing parameter '--filters': Expected: '=', received: 'EOF' for input: subnet-0d61567a0ae6da699 What is your network ACL Id? Acl-0c1cc4836d57lea4e 12. Describe your network ACL with the following command: aws ec2 describe-network-acls --network-acl-ids your_network_acl_id What are your command and its output? Please explain the ACL rules in the output. 4
aws ec2 describe-network-acls --network-acl-ids Acl-0c1cc4836d57lea4e, the output is the networksacl, and the rule action is allowed with a rule number 100, and the rule is denied, at rule number 32767 13. Create an instance in your subnet with the following command: aws ec2 run-instances --image-id ami-05c9c0fab0c0bb43e --count 1 --instance-type t1.micro --key-name your_username -key --security-group-ids your_security_group_id --subnet-id your_ SubnetId What is the public IP address of your instance? 10.6.8.6 14. Can you use ssh to log into your instance? If you’re logged into your instance, you need to exit out of your instance for the next step. 15. Create an entry (a rule) in your network ACL with the following command: aws ec2 create-network-acl-entry --network-acl-id your_network_acl_id --ingress --rule- number 80 --protocol tcp --port-range From=22,To=22 --cidr-block 0.0.0.0/0 --rule-action deny What is your command? What is the rule? aws ec2 create-network-acl-entry --network-acl-id Acl-0c1cc4836d57lea4e --ingress --rule- number 80 --protocol tcp --port-range From=22,To=22 --cidr-block 0.0.0.0/0 --rule-action deny, the rule action is deny, and the number is 80. 16. Verify if the new rule is added to the default NACL with the following command: aws ec2 describe-network-acls --network-acl-ids your_network_acl_id 17. Can you use ssh to log into your instance? If not, why? You can’t because of the rules . 18. Remove the rule you added in step 15 with the following command: aws ec2 delete-network-acl-entry --network-acl-id your_network_acl_id --ingress --rule- number 80 19. Verify if the rule is removed with the following command: aws ec2 describe-network-acls --network-acl-ids your_network_acl_id 5
20. Can you use ssh to log into your instance? If yes, why? We can because we changed back the rules. Part 3: Cleanup 21. Terminate your instance. What is your command? aws ec2 terminate-instances --instance-ids i-0b8095666ec947692 Clean Up: Run the following commands to remove all created components. aws ec2 delete-security-group --group-id security group id from step 10 aws ec2 disassociate-route-table --association-id association Id from step 8 aws ec2 delete-route-table --route-table-id route table id from step 5 aws ec2 detach-internet-gateway --internet-gateway-id internet gateway id step 3 --vpc-id vpc- id from step 1 aws ec2 delete-subnet --subnet-id subnet id from from step 2 aws ec2 delete-vpc --vpc-id vpcid from step 1 What are your commands? aws ec2 delete-security-group --group-id sg-0fe9eb587b80eb52d aws ec2 disassociate- route-table --association-id Acl-0c1cc4836d57lea4e aws ec2 delete-route-table --route-table-id rtb-080f2d99f620cee78 aws ec2 detach-internet-gateway --internet-gateway-id igw-0981130380d3099ee --vpc-id vpc -03ae197d2f16f855c aws ec2 delete-subnet --subnet-id subnet-0d61567a0ae6da699 aws ec2 delete-vpc --vpc-id vpc -03ae197d2f16f855c Submission instruction After completing this work, submit this word document with your answers to the Canvas. In your word document, your answers should be in bold print. At the end of your word document, you should write a few sentences that explain the goals of this lab and a paragraph or two that summarizes (high level) the steps one needs to take in order to complete those goals. Overall, the lab is designed to give a comprehensive, hands-on understanding of VPCs in AWS, covering creation, configuration, security, and management aspects. This knowledge is vital for anyone aiming to build secure and efficient cloud-based systems. 6
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Weekly summary 3.docx
Final Exam Project Layout.docx
DSS Case Study Instructions.docx
Weekly Summary.docx
Case Study- (Layout and Creation).docx
Case Study 5- Data Curation Project.docx
Project Charter.docx
LabAssignment6FULLUltimateKaliLinux.docx
FS_9002_L10_QuestionedDoc.docx
7-1 Project Three Submission Technical Brief - Copy.pdf
Q2pt1.pdf
Data_Dictionary_for_Excel_data.doc: 202410-Spring 2024-RSCH-4101-090-Research Methods.pdf