CIS Cloud
CIS Cloud
CIS Cloud
1
Project Objectives
Upon completion of this project, you will be able to:
1. Experience the communication challenges faced when attempting to apply technology as the
solution to business problems.
2. Translate customer requirements into a proposed technical solution.
3. Present the proposed solution to the customer.
Project Instructions
Some thoughts on this project:
NOTE: This project does not require you to utilize an AWS account. However, if you would
like to build any components of your solution, to be used as part of your presentation, you
could do so in the Sandbox environment.
The purpose of this project is to give the students an opportunity to apply what they learned in
the Cloud Computing Course. Each group of students is required to use AWS in their project’s
proof of concept implementation.
A Medical Company is a startup software as a service (SaaS) company. It has built an online
medical social networking and diagnosis assistance application for users in APAC, the US, and
Europe.
A Medical Company has hired you to architect an infrastructure in AWS to meet their
application needs. In preparation for your meeting with them, they provided information about
their current environment.
• Deployed it’s current development and test infrastructure with a server hosting company.
• Uses Microsoft Windows servers to host their web and application tiers with Microsoft SQL
Server Standard Edition backend databases.
• The application launch date is coming soon, and they expect many users to start using the
application.
• Believes it would be best to use cloud technologies to support its rapid growth.
• Thinks the new cloud platform could host the development, test, and production environments.
For your preparations, the customer provided this diagram of their current architecture.
• Web Tier
• High Availability Proxy load balancer used to balance traffic between the web servers
• Application Tier
• High Availability Proxy load balancer used to balance traffic between app servers
• Database Tier
• DBAs access and manage the database, but no RDMBS or advanced configuration is
required.
You have returned to the office with your teammates to discuss the A Medical Company’s requirements.
Now, it is time to turn all of the requirements into a solution design.
For ease of use, the customer requirements have been integrated with the solution design worksheets
that can be used to document your solution.
2. Building networks that conform to AWS best practices while providing all the necessary
network services to the application in their different environments.
5. Utilizing load balancers for web tier and application tier that must support HTTP, HTTPS,
TCP protocols plans to move their application into AWS.
Identify the POTENTIAL services needed and the purpose for each service that will be used to
move A Medical Company’s current environment to AWS. Use the following list to identify the
services.
Aws empowers health organizations to improve patient outcomes and accelerate the
digitization and utilization of their data with the broadest
Deepest portfolio of cloud services and purpose-built partner solutions.
Amazon is made to enable suppliers, ISVs, and application providers to swiftly and
securely host your apps, whether they are SaaS-based or not.
To access AWS's application hosting platform, use the AWS Management Console or
well-documented web services APIs.
When signing into the console, each administrator is required to provide a user name, a
password, and a random generated code provided by the Virtual MFA.
All other users should only have AWS Management Console access, using a combination of
user name and password.
Password Policy:
Use this chart to document users, groups, and roles that need to be created.
Group A combined
Group B combined
Group C combined
Role X seperated
Requirement Solution
1. Networks that conform to AWS best practices while providing all the necessary
network services to the application in their different environments.
4. Load balancers for web tier and application tier that must support HTTP,
HTTPS, TCP protocols plans to move their application into AWS.
Control access to the application and limit public entry points. Note: There should
be no external access to the application or database tiers.
The web tier load balancer can receive requests from the Internet on port 443.
Web tier servers can receive request from the web tier load balancer only on port
443.
The Application Load Balancer can receive requests from the application tier load
balancer only on port 443.
Database servers can receive requests from application servers only on port 1433.
1 #1 Public 1 13244
2 #1 Public 2 64474
3 #1 private 3 32636
4 #1 private 4 25326
AW #2 Public 1 13124
FH #2 Public 2 25536
IK #2 private 3 68699
GT #2 private 4 25523
UH #2 Public 3 23535
ER #2 Public 6 79757
TR #2 private 7 35366
EB #2 private 8 35326
The current architecture has three tiers: a web tier, a database tier, and an application tier. They
are configured as follows:
• Web Tier
• High Availability Proxy load balancer used to balance traffic between the web
servers
• Application Tier
• High Availability Proxy load balancer used to balance traffic between app servers
Instance Names:
• All web tier instance names should be tagged as Key = Name and value = web-tier.
Load balancers for web tier and application tier must support:
• HTTP
• HTTPS
• TCP protocols
Use this chart to describe the type, size, and justification for the instances you will use for each
tier.
web-elb-
Web web-elb 1 2 1 2 2432
sg
Web tier load balancer receive requests from Internet on port 80.
Application tier load balancer can only receive requests from web tier servers, on port 8080.
Web tier servers can only receive requests from web tier load balancer, on port 80.
Application tier servers can only receive requests from application tier load balancer, on port 80
Database servers can only receive requests from Application tier servers, on port 1433
Microsoft Windows cannot open port 80 or other ports by default, and there is no IIS installed by
default in Microsoft Windows 2016 Base. If you configure using port 80 (TCP or HTTP) to
detect the ELB health status, you need to install IIS by using user data when launching an
instance, downloading from the website, or using a Powershell script.
Use this chart to describe the load balancer and instance security group details.
Load
Name External/ SG Sourc
Balance Subnets Rule
* Internal Name* e
r
The new architecture should be designed for business continuity and resiliency.
• The web and application tiers should be resilient and designed for
business continuity.
Siz
Tier OS Type Configuration Name* Role Security Group
e
Launch
Tie Group Grou VP
Configuration Subnets ELB Tags
r Name* p Size C
*
We WebTie
WebTier 1 2 235 244 1132
b r
2. Log the event history of AWS account activity, including actions taken
through the AWS Management Console, AWS SDKs, command line
tools, and other AWS services.
Administrators must be able to track every AWS service related action in the account.
• Instructor and/or peer feedback will help you enhancing your strengths and
improve your weaknesses for future design meetings with customers.
3. You will be allotted 20 minutes to present you solution and an additional 5 minutes for
the instructor and/or class to ask questions regarding the design, the chosen services, and
or how the solution was determined.
4. NOTE: The presentations should follow the outline of the actual project. See the project
guide for additional information.
• Architecture alignment with and deviations from the current server hosting company.
• Utilizing load balancers for web tier and application tier that support HTTP, HTTPS,
TCP protocols.
1. Cover Page:
Create a cover page for your report that demonstrates: course code and title; assignment title;
project name; team members names; faculty mentor’s name. Your report must include page
numbers on all pages
2. Project introduction:
Write about 100+ words introduction that provides a technical background about your project,
and highlights the main design decisions.
3. Planning Phase:
Use this section to detail all solutions of the above sections, identify the project member who did
each task, and present the role of each member of the team. Provide in-depth reflection of
teamwork and individual contribution.
4. Project Architecture
Use this section to provide a diagram using a draw.io for the project architecture with all
components. You refer to this video for more instructions about using draw.io with AWS
architecture (https://youtu.be/OSHirDvZcn4).
This part of the report must reflect the design and proof of concept implementation in-depth, and
must focus on AWS architecture components such as EC2, ELB, VPCs, IAM, RDS, etc. You
must provide screenshots of the implemented tasks.
Keep graphics simple and ensure that copyrights are not infringed
Apply text into the notes section that provide guidance for the presentation
View your presentation in the final presentation mode to ensure everything appears on
screen as intended
2 Introduction 0 -2
The project’s objectives are clearly
(Max 2 Marks) stated.
Design decisions are well established by
relating the current project problems.
An accurate and complete explanation of
Not included 0
Not included 0
list of all used
Included but at most two components are
4.2 AWS components 2-3
missing.
(Max 5 Marks)
All relevant services are included in the plan. 4-5
Not included 0
Project VPC Proper VPCs design but wrong number of
4.3 4-6
(Max 10 Marks) subnets
Not included 0
Not included 0
Security group Correct use of security groups but wrong
details. 4-6
4.6 ports and source of traffic.
(Max 10 Marks) Correct use of security groups and correct
8-10
ports and source of traffic are configured.
Not included 0
Business Proper configuration of Auto Scaling groups
Continuity 4-6
4.7 but with wrong size, role and security group
(Max 10 Marks) Proper configuration of Auto Scaling groups
8-10
correct size, role and security group
Not included 0
5.1 Project Design The project design is not complete, only two
services are presented without having 0 -5
(Max 20 Marks)
relevant link to the proposed plan.
Not included 0
Not included 0