AWS Academy Cloud Architecting 2.x – Capstone Project

AWS Academy Cloud Architecting 2.x – Capstone Project

Environment Overview

Environment Navigation

Access the AWS Management Console

Using the terminal in the browser

Project Overview

Introducing the Example Social Research Organization

Solution requirements

Project deliverables

Assets for completing the project

Environment Overview

This environment is long-lived. When the session timer runs to 0:00, the session will end, but any data and resources that you created in the AWS account will be retained. Any running resources (such as an EC2 instance) will be stopped. If you later launch a new session (for example, the next day), you will find that your work is still in the lab environment. However, you will need to manually start any stopped resources. You can continue to develop your solution as you progress through the course materials.

 IMPORTANT: Monitor your lab budget in the lab interface above. Whenever you have an active lab session, the remaining budget will display at the top of this screen. For this Capstone Project environment, the limit is $40. If you exceed your lab budget your lab account will be disabled and all progress and resources will be lost. Therefore, it is important for you to manage your spending. Suggestions to avoid overspending: Launch only the number of instances you need, sized to your requirements. Stop EC2 and RDS instances when not in use. Delete no longer needed resources and data.

Environment Navigation

Use the  Readme link above to return to these instructions at any time.

Use the  AWS Details link above to access information about your environment.

After you start the lab, the AWS Details panel will display and you will need to choose Readme to return to these instructions.

 Tip: you can resize this panel at anytime by dragging the bar to the left of these instructions to make it wider or narrower.

Use the  Reset link above if you ever want to reset your AWS account back to the way it was in the beginning, before you ever ran sessions of this lab environment.  CAUTION: if you choose reset and then choose Yes to confirm that you do want to reset, you will permanently delete everything that you have created or stored in the AWS account.

The terminal window to the left of these instructions can be used to run AWS CLI commands or code such as AWS SDK for Python code (details provided below).

Access the AWS Management Console

  1. At the top of these instructions, choose
    Start Lab to start the lab session.
    • The lab session is started and session information is displayed.
    • A timer above shows the time remaining in the session.
      Tip: You can refresh the session length at any time by choosing Start Lab again before the timer reaches 0:00.
  1. Choose the  Readme link to return to these instructions.
  1. Connect to the AWS Management Console by choosing the AWS link above the terminal window.
    • You should be connected to the AWS Management Console.
      Tip: If a new browser tab does not open, a banner or icon is usually at the top of your browser with the message that your browser is preventing the site from opening pop-up windows. Choose the banner or icon, and then choose Allow pop-ups.
      Tip: if you are interested in interacting with the AWS account programmatically, read the Configuring and using the terminal in the browser section below for details.

Using the Terminal in the browser

A terminal window displays to the left of these instructions. The terminal provides access to a Linux shell on a server that exists outside of the AWS account that you use when your lab is running. Credentials are configured on the server that provide the same level of AWS service access via the terminal that you also have via the AWS Management Console.

Project overview

This project provides you with an opportunity to demonstrate the solution design skills that you develop throughout this course. Your assignment is to design and deploy a solution for the following case.

By the end of this project, you should be able to apply the architectural design principles that you learned in this course to:

  • Deploy a PHP application that runs on an Amazon Elastic Compute Cloud (Amazon EC2) instance
  • Create a database instance that the PHP application can query
  • Create a MySQL database from a structured query language (SQL) dump file
  • Update application parameters in an AWS Systems Manager Parameter Store
  • Secure the application to prevent public access to backend systems

Introducing the Example Social Research Organization

Example Social Research Organization is a (fictitious) nonprofit organization that provides a website for social science researchers to obtain global development statistics. For example, visitors to the site can look up various data, such as the life expectancy for any country in the world over the past 10 years.

Shirley Rodriguez, a researcher at the organization, developed the website. She thought it would be valuable to share the data that she had gathered with other researchers. Shirley stores the data in a MySQL database, and the data is available through a PHP website that she built. She initially published the site through a commercial hosting company that provides limited support for technical issues and security.

Over the past year, Shirley’s website has grown in popularity. As a result of increased traffic, she started receiving complaints that the site is not as responsive as it used to be. She also experienced an attempted ransomware security breach. The security breach was unsuccessful, but her supervisor, Mateo Jackson, suggested that Shirley investigate new ways to host the website.

Shirley heard about Amazon Web Services (AWS), and initially moved her website and database to an EC2 instance that runs in a public subnet. She also runs an instance of MySQL on the same EC2 instance.

Shirley approached your team to make sure that her current design follows best practices. She wants to make sure that she has a robust and secure website. One of your colleagues started the process of migrating the site to a more secure implementation, but they were reassigned to another project. Your tasks are to complete the implementation, make sure that the website is secure, and confirm that the website returns data from the query page.

The following summary lists the solution requirements, and provides a diagram of the current environment.

Solution requirements

  • Provide secure hosting of the MySQL database
  • Provide secure access for an administrative user
  • Provide anonymous access to web users
  • Run the website on a t2.small EC2 instance, and provide Secure Shell (SSH) access to administrators
  • Provide high availability to the website through a load balancer
  • Store database connection information in the AWS Systems Manager Parameter Store
  • Provide automatic scaling that uses a launch template

The following parameters are used by the PHP application to connect to the database:

  • /example/endpoint
  • /example/username
  • /example/password
  • /example/database

 These parameter values are case sensitive.

Project deliverables

To complete this assignment, you must:

  • Deploy a PHP application that meets the system requirements outlined above
  • Submit a diagram that illustrates your solution
  • Submit a written summary of the design decisions that you made to achieve the result

Assets for completing the project

You can use the following assets for this project:

Steps to solve :

1. Create database in RDS
DB Name : dbcountry
User Name : admin
Password : paswdDb#123

2. Check security group : ALBSG, Bastion-SG, Example-DB , and Inventory-App

3. Create a new keypair: vockey2 (for ssh passthrough)

4. Create an EC2-Instance Web Application. --> private subnet

5. Create a Parameter Store in System Manager

6. Access the Web Application Instance via Bastion Host, and make sure the Web Server Instance we can access the internet. Ping test to

7. Install Apache Web Server (httpd) and Mysql in the Web Application Instance, with the following command-line: 
# sudo su
# yum install -y httpd mysql
# amazon-linux-extras install -y php7.2

8. Download SQL Dump, with command-line following : 

9. Download Web source code App, with the following command-line: 

10. extract the Web App source and copy it to the /var/www/html directory, with the following command-line: 
unzip -d /var/www/html/

11. enable and start the httpd service, with the following command-line: 
# systemctl enable httpd
# systemctl start httpd

12. test connection to RDS and check existing database on RDS :
# mysql -u admin -p --host

13. import data to database :
mysql - u admin -p --host dbcountry < Countrydatadump.sql

14. Create AMI from Web Application Instance

15. Create Target Group

16. Create Load Balancers

17. Create Launch Template

18. Create Auto Scaling Group

19. Test Web App access via Load Balancer url

You may also like...

4 Responses

  1. Aws Student says:

    I watched all your videos related to aws and all of them helped me a lot ??. But I’m unable to complete the caspton 2.x project ????. Please help me . Connect with me through Instagram or Facebook ??. Message me ur Instagram or FB id or Whatsapp number.

  2. CC says:

    What can I do if my parameter store is Restricted? is there another approach to finish the capstone without configuring the parameter store? Your video helped me a lot, but I can’t do that part.

  3. Julian says:

    Hello I am stuck at the Putty console step when trying to ping Nothing happens and when exited the ping fails.

Leave a Reply

Your email address will not be published. Required fields are marked *