1|Page

Table of Contents
Introduction ..................................................................................................................................... 4
1.0 Cloud Architecture Solution ..................................................................................................... 5
2.0 Pricing Cost............................................................................................................................... 6
3.0 Cloud Environment (Capstone Project) and teamwork methodology to develop the cloud
project. ............................................................................................................................................ 7
3.1 Capstone Project/ AWS Learners Lab ................................................................................... 9
3.2 How the team work together to complete the project. ........................................................ 10
3.3 Web Services Deployed .......................................................................................................11
3.4 Project Challenges and limitation ....................................................................................... 13
4.0 Cloud Infrastructure ................................................................................................................ 14
4.1 Virtual Private Cloud (VPC) ............................................................................................... 15
4.2 Subnets ................................................................................................................................ 16
4.3 Route Tables ........................................................................................................................ 17
4.4 Internet gateway .................................................................................................................. 18
4.5 NAT gateway ...................................................................................................................... 19
4.6 Elastic IP Address ........................................................................................................... 20
5.0 Final Outcome......................................................................................................................... 21
Section B: Individual Work (Individual Report)........................................................................... 22
6.0 Security - (Anesh Krishna TP048927) ................................................................................ 22
6.1 Security Group ................................................................................................................ 22
6.1.1 Inventory-App .................................................................................................................. 23
6.1.2 Example-DBSG ............................................................................................................... 23
6.1.3 Bastion-SG ....................................................................................................................... 24
6.1.4 ALBSG............................................................................................................................. 24
7.0 Deployment – (Theebhan TP051052) ................................................................................. 25
7.1 EC2 ................................................................................................................................. 25
7.2 SSH Command................................................................................................................ 25
7.3 Running website on an instance. ..................................................................................... 26
Amazon Machine Image (AMI)................................................................................................ 26
7.4 RDS ................................................................................................................................. 28
7.5 Parameter Store ............................................................................................................... 28
8.0 High Availability/Scalability (Lim Kan Zheng TP064960) ........................................... 30
2|Page
 8.1 Web Application .................................................................................................................. 30
8.2 High Availability......................................................................................................... 31
9.0 Data Migration (Tan Jia Sin TP042191) ............................................................................. 35
9.1 RDS ................................................................................................................................. 35
9.2 MYSQL........................................................................................................................... 38
9.3 SSH Command................................................................................................................ 40
9.4 S3 Bucket ........................................................................................................................ 40
Appendix ....................................................................................................................................... 42
Work Breakdown Structure ................................................................................................... 42
References ..................................................................................................................................... 43

3|Page
 Introduction

The world’s leading cloud services in the market with 32% in 2022 still a leading organization in
the market which is Amazon Web Service (AWS). They are famous for their webservice that
provides to the market. They are famous for providing server, storage, networking, and cloud
computing. But mostly they provide enterprise web services that are scalable for any types of
business-like startups that want to a cloud service there will be available tools to help them. AWS
also have a data migration service that they will bring their own snow machine to help customer
to transfer their data to the cloud and it also depends on the organization’s scale, and it will provide
the solutions, to help them to transition to online (PAGE, 2022).

Lola Social Research Organization is an NGO organization that shares various data of global
development statistic. The organization also provides data of number of expectancies in life for all
the countries. The organization has collected a lot of data for the past 15 years that the current
solution has not enough storage to expand with the website. They need a solution where they can
expand their cloud storage as their organization grow with a lot of collectible data’s. AWS will be
the best solution for their needs.

4|Page
 1.0 Cloud Architecture Solution

Figure 1

The group has decided the figure above will be the final design of the architecture. Based on the
figure above the red line boxes are the ones that represent the security inbound of the network
architecture. As we can see the security group in the figure above each security group has different
port with each other. ALB will be the one who is responsible to inbound to any ports. As we can
just say each group has their own individual port that has their own set of rules to protect itself. As
we can see that the Primary RDS and Replica RDS are connected to Inventory application role and
Inventory application role is connected to parameter store. In the figure above we can see that the
Database security has two different private subnets.

5|Page
 2.0 Pricing Cost

In the figure below shows the cost estimation of the Lola Social Research Group need to pay for
them to continue run their data showing and collection for their website. Th price that the
organization needs to pay 99.37 USD per month in total. So, it is estimate they need to pay Amazon
Aurora My SQL Compatible for monthly of 51.83 USD. The organization needs to pay 10.67 USD
for the Amazon EC2. The last item is the Elastic Load balancing the organization must pay 36.87
USD for ELB. The RDS in figure 2 will cost 29.43 a month.

Figure 3

Figure 2

6|Page
 3.0 Cloud Environment (Capstone Project) and teamwork
methodology to develop the cloud project.

Figure 4

Capstone is a software engineering and cloud technology company that specializes in delivering
solutions to clients. Here in this project, capstone is used to provide the demonstration of the skills
and design for this project. The client is able to launch the program using PHP app that is running
on Amazon EC2 when the program is ready to be used at the end of the project (Project, 2022).
The MySQL database is also created using a SQL dump file and it is also a database that the PHP
programmer can access. AWS comes with a feature that enables the programmer to protect its
application by restricting some of the accessibility from the backend system by changing some of
the settings in the system manager parameter store (Lu, 2022).

It all begins with the setting up of the RDS DB. A (VPN) Virtual Private Cloud and Amazon VPC
service is used to create this establishment. A default security group is provided with a VPC when
it is created. Each VPC can have additional security groups created. A security group can only be
associated with resources in the VPC for which it was created. Here 2 of the Availability Zone is
used as a DB subnet group that was selected for the DM instance. This brings me to the next topic
which is the security group. The security group is made by the Amazon VPS service. A security
7|Page
group controls the traffic that comes in and out. For instance, a security group controls the
instance's inbound and outbound traffic when it is associated with an EC2 instance (Arun, 2022).

Hosting a reliable MySQL database is one of the most important things for a capstone project. In
this project a secure login page for the admin and anonymous access is also provided. This makes
it very secure as only an admin is able to change or do any modification to the program and not an
anonymous user.

8|Page
3.1 Capstone Project/ AWS Learners Lab

Figure 5

Based on figure 5 we can see that this project works on capstone. Details like Load Balance type,
IP address type, DNS name, Schema, status, availability zone, VPS and hosted zone are all showed
here.

9|Page
3.2 How the team work together to complete the project.

Our team decided to do this project is, we all decided to discuss it online on a application called
discord as it has good video and voice quality. This is because one of our group members is
currently not in town as he is in Sabah thus, we decided to discuss this entire project online. The
way the task is dedicated is by doing a workload matrix for the team. A workload matrix has been
around for centuries for projects to go on track and be very systematic. It brings a efficient
distribution system for the work across the team. The ultimate objective is to reduce idle time,
eliminate duplicate work, and boost employee morale by maximizing the collective output of the
team, thus, the reason why our team decided to choose this methodology.

10 | P a g e
 3.3 Web Services Deployed

Web services are applications that are accessible over the internet and use a standardized
messaging system to exchange data between different devices and systems. Amazon Web Services
(AWS) is a cloud computing platform that provides a wide range of services for building,
deploying, and managing web services.

AWS offers a variety of tools and services that make it easy to develop, deploy, and manage
web services. The AWS Elastic Beanstalk service allows developers to quickly deploy and scale
web applications without worrying about the underlying infrastructure. The AWS Lambda service
allows developers to run code without managing any servers, and the AWS API Gateway service
makes it easy to create and manage APIs for web services.

One of the main advantages of using AWS for web service deployment is the ability to
scale the service quickly and easily. AWS allows developers to automatically add or remove
resources such as computing power, storage, and network bandwidth based on the needs of the
web service. This means that web services deployed on AWS can handle fluctuations in traffic and
usage without any downtime or performance degradation.

Another advantage of AWS is the security it provides for web services. AWS offers a range
of security features such as encryption, authentication, and access control to help protect web
services and their data. AWS also has a robust compliance program that ensures that web services
deployed on the platform meet the requirements of various industry standards and regulations.

In conclusion, AWS is a powerful and flexible platform for deploying web services. Its
ability to scale web services quickly and easily, along with its robust security features, make it an
attractive option for developers looking to build and manage web services.

Deploying a Dynamic PHP website using AWS EC2

To deploy a website on AWS EC2 (Elastic Compute Cloud), developers need to follow these steps:

1. Sign up for an AWS account and create a new project on the AWS Management Console.
2. Choose the EC2 service and select the desired instance type and configuration. This will
determine the computing power, storage, and network bandwidth available for the website.

11 | P a g e
 3. Set up the EC2 instance by configuring the operating system, security settings, and
networking options.
4. Install and configure the necessary software and tools on the EC2 instance, such as a web
server (e.g., Apache or Nginx), a database server (e.g., MySQL or PostgreSQL), and any
other dependencies.
5. Transfer the website files and data to the EC2 instance, either using an FTP client or by
using AWS tools such as AWS Transfer for SFTP.
6. Configure the web server and any other necessary services to serve the website files and
handle requests from users. This may involve setting up virtual hosts, routing rules, and
other options.
7. Test the website to make sure it is working correctly on the EC2 instance.
8. Set up a domain name and DNS records to point to the EC2 instance, so that users can
access the website using the domain name instead of the IP address.

Overall, deploying a website on AWS EC2 involves setting up the EC2 instance, installing and
configuring the necessary software, transferring the website files and data, and configuring the
web server and other services to serve the website to users.

12 | P a g e
 3.4 Project Challenges and limitation

One potential challenge that a group might face when working on a cloud infrastructure
project is a lack of familiarity with cloud computing technologies and best practices. Building and
managing a cloud infrastructure requires specialized knowledge and skills, and if team members
do not have the necessary experience or expertise, it can be difficult to design and implement an
effective solution.

Another challenge that a group might face is managing the budget for the project. Building
and maintaining a cloud infrastructure can be expensive, and if the group does not have a clear
understanding of the costs involved, it can be difficult to control spending and stay within the
allocated budget.

A third challenge that a group might face is managing costs and optimizing performance
in the cloud. Cloud computing can provide significant benefits in terms of scalability and
flexibility, but it also introduces new challenges in terms of managing and controlling costs. The
group will need to carefully monitor usage and adjust the cloud infrastructure as needed to ensure
that it is cost-effective and delivers the desired performance.

To overcome these challenges, the group will need to ensure that team members have the
necessary knowledge and expertise to work on a cloud infrastructure project. The group will also
need to establish a clear plan and timeline for completing the project and should regularly monitor
progress and adjust the plan as needed. The group should also carefully manage the project budget
and should divide the work among team members in a way that maximizes efficiency and
minimizes duplication of effort.

13 | P a g e
 4.0 Cloud Infrastructure

The Lola recent traffic has been a lot lately due to popularity risen over time. The website is not
as fast as before their recent complaints that they have received. The organization has faced some
ransomware attacks recently fortunately they dodge the bullet and did not get affected. The
organization advisor has spoken that the organization needs a new solution for them to host a
website which they found and now use AWS as their hosting website and AWS can provide them
with security solution.

14 | P a g e
4.1 Virtual Private Cloud (VPC)

Figure 6

Figure 7

To start off with AWS, we need to create a VPC first to do anything else it is the first step to
creating your own hosting. A virtual private cloud (VPC) is a network that closely matches the
conventional network you would run in your own data center. Subnets can be added once a VPC
has been created. As the figure above is the example of the VPC that we have created.

15 | P a g e
4.2 Subnets

Figure 8
Every device that I used has a unique number called an IP address which comes in 2 pieces: the
client or hot address and the server or network address (Controlling access with security groups,
2022). A subnet mask is a 32-bit number that is created by the setting host which is in all 0’s and
network bit which is in all 1’s. Here in this case, it is found inside a Virtual Private Cloud (VPC).
Based on the type of subnet mask that is used, whether it’s a private or public, AWS can launch it
inside that specific subnet mask. Every subnet that is used needs to be contained within it’s own
availability zone. The difference between private and public subnets is, private subnet does not
allow any traffic and or function whither the VPC in collaboration with the public subnet, where
else subnet is directly lint to the internet through the internet gateways. When a private subnet is
needed to access the internet, it is required to use a NAT gateway (Subnet Mask Definition, 2022).
The figure above shows the IPv4 CIDR for all the subnet lies on the VPS IPv4 block.

16 | P a g e
4.3 Route Tables

Figure 9

The figure above shows the route table of AWS. A route table basically means that it’s a table that
has some rules in a proper and viewable format. The subnet which are located either in the private
or public is where the data will be sent through the entire VPC. This set of rules will control where
the data is sent and moves over the network IP. For example, when data travels, it requires a way
to travel and by this, it allows the data to travel to reach it’s end point. Here we can see that there
are 2 router tables that are created, both in each of the availability zones. There are 2 subnets that
are in each of the availability zones created. Both availability zones have a private subnet and a
public subnet. Finally, it brings me to my next topic which is the NAT GATEWAY. This NAT
GATEWAY is explained below.

17 | P a g e
4.4 Internet gateway

Figure 10

An internet gateway is a network device that connects a private cloud network to the
internet. It acts as a bridge between the cloud environment and the internet, allowing traffic to flow
between the two networks.

An internet gateway uses route tables to determine the path that traffic should take between
the cloud and the internet. A route table is a collection of rules that specify how traffic should be
routed based on various criteria such as the source and destination of the traffic, the type of traffic,
and the network security rules.

When a device in the cloud sends traffic to the internet, the internet gateway uses the route
table to determine the next hop for the traffic. It then sends the traffic to the next hop, which could
be another network device such as a NAT gateway or a VPN gateway, or it could be a public
internet address. The traffic continues to be routed through the internet until it reaches its
destination.

Similarly, when traffic from the internet is received by the internet gateway, it uses the
route table to determine where the traffic should be sent in the cloud network. It then sends the
traffic to the appropriate destination in the cloud network.

18 | P a g e
4.5 NAT gateway

Figure 11

NAT (Network Address Translation) gateway is a network device that enables

communication between a private cloud network and the internet. It is commonly used in cloud
environments where the devices in the private network do not have public IP addresses.

The NAT gateway typically resides in a public subnet, which is a subnetwork of the cloud
network that has access to the internet. The NAT gateway has a public IP address, which is used
to communicate with the internet.

When a device in the private cloud network wants to access the internet, it sends the traffic
to the NAT gateway. The NAT gateway then translates the private IP address of the device into a
public IP address and sends the traffic to the internet using its own public IP address. This allows
the traffic to be routed through the internet to its destination.

When the response traffic from the internet is received by the NAT gateway, it translates
the public IP address back into the private IP address of the device in the cloud network and sends
the traffic to the device.

19 | P a g e
 4.6 Elastic IP Address

Figure 12

Elastic IP address is a static public IP address that is allocated to a customer's AWS account.
It can be used to remap the address to any instance in the customer's account that is in the same
region.

The Elastic IP address is useful in a cloud infrastructure because it allows a customer to

mask the failure of an instance by remapping the address to a different instance. For example, if
an instance with a public IP address fails or is terminated, the customer can remap the Elastic IP
address to a new instance to ensure that the IP address remains active, and the services associated
with it are not disrupted.

An Elastic IP address also allows a customer to mask the movement of an instance from
one availability zone to another within the same region. This is useful in a cloud environment
because it enables the customer to perform maintenance or scale their services without affecting
the availability of their applications.

20 | P a g e
 5.0 Final Outcome

Figure 13

The outcome of deploying a website using AWS will depend on the specific requirements and
goals of the project. However, in general, a successful deployment of a website on AWS can
provide several benefits, including high availability and reliability, scalability, security, and cost-
effectiveness. A well-designed AWS cloud structure can ensure that the website can handle
fluctuations in traffic and usage without any downtime or performance degradation. It can also
provide the necessary security controls and compliance requirements to protect the website and its
data. Additionally, AWS allows customers to pay for only the resources they use, which can help
to reduce the overall cost of the website. Overall, a successful deployment of a website on AWS
can enable customers to build and manage their website in a flexible and efficient manner.

21 | P a g e
 Section B: Individual Work (Individual Report)

6.0 Security - (Anesh Krishna TP048927)

Figure 14

For the EC2 instance we are using to control the flow of incoming and outgoing traffic, a security
access group in AWS acts as a virtual firewall. The traffic that comes into your instance is
controlled by inbound rules, and the traffic that leaves your instance is controlled by outbound
rules. This project has 4 different distinct security groups. Inventory-App, Example-DB, Bastion-
SG and ALBSG. More explanation of these is mentioned below.

6.1 Security Group

A security access group in AWS acts like a virtual firewall for the EC2 instance that we are using
to control the incoming and outgoing traffic flow. The traffic that comes into your instance is
controlled by inbound rules, and the traffic that leaves your instance is controlled by outbound

Figure 15

22 | P a g e
rules. This project has 4 different distinct security groups. Inventory-App, Example-DB, Bastion-
SG and ALBSG. More explanation of these is mentioned below.

6.1.1 Inventory-App

Figure 16

“Inventory-App” the security group name is the main instance that is used of this project thus, to
ensure this is safe from any outside threats, this group only accepts some parkettes form certain
places. Here we can see in the above picture that the Port range is set to 80, protocol is TCP, and
the type is HTTP.

6.1.2 Example-DBSG

This security group “Example-DBSG” is used to ensure the database of Maria Kondo is kept safe
and private from any outside threats or attacks. By doing this, it can eliminate the problem Maria
Konda had before with her old system/application. Here we can see that the Port that is used is

23 | P a g e
Port Range 3306, protocol is TCP and the database that is used are 2 different ones, which are
MySQL and Aurora.

6.1.3 Bastion-SG

This “Bastion-SG” works as a firewall for the EC2-instance. The connection between PUTTY or
SSH is made to accept any traffic from the IPv4 to bastion-SG. This security group is there so that
any person who is an admin, backend developer or a developer can connect a secure connection
within it. Here we can see that the Port is 22, Protocol is TCP, type is SSH and the version is IPv4
anywhere. The source is 0.0.0.0/0 which means it can be accessed anywhere.

6.1.4 ALBSG

A heap balancer fills in as the single resource for clients. Incoming application traffic is split up
among multiple targets, such as EC2 instances, in multiple Availability Zones by the load balancer.
Your application's availability is improved as a result. Your load balancer can have one or more
listeners added. This ALBSG accepts packets that come from Port 80 (HTTP) anywhere from
(0.0.0.0/0) and Port 443 (HTTPS) anywhere from (0.0.0.0/0).

24 | P a g e
7.0 Deployment – (Theebhan TP051052)

7.1 EC2
The Amazon EC2 is a platform where user able to use a cloud service that provides security
storage, virtual machine that user does not need to pay for a hardware upfront cost for them to host
or store anything inside the Amazon services. The AWS EC2 provides the necessary hardware, soft
and security to their customer to have the necessary solution to protect themselves against most
internet’s threats.

7.2 SSH Command

I used AWS Cloud9 IDE as my putty in my laptop cannot connect to the logical 80 port same goes
for Apache, the reasoning behind this I am using an active firewall system using that 80 port under
PID 4. I am also a networking student and I have several port forwarding addresses and my
physical port is semi open. Hence the usage of Cloud9 IDE for the development and database
connection.

25 | P a g e
 Figure 17

In figure above we can see that a symlink has been created to direct the file on the AWS to create
a shortcut (futurelearn, 2022). Symbolic Links is a short cut that points to a specific file or file path
to show the Linux where to find the file.

7.3 Running website on an instance.

Amazon Machine Image (AMI)

Figure 18

Based on the figure above shows the AMI of the websites and the details. The AMI is the place
where we install the application or operating system. In this case we need a software that helps us
run our websites. Before we install any of the operating system we need to create the AMI as you
can see Image summary is the created AMI.

26 | P a g e
 Figure 19

This is instance of AMI as based on the figure above. An Instance is a security group where it is
isolated to other availability zones, and it acts as a security measure for transmit and receive data.
The instance is a cloud server where you can install operating system or applications that run-in
instance it acts like a virtual machine in AWS cloud. In the figure above we can see the which state
that the instance is running which user can monitor the traffic of the transmission.

Figure 20

As in the figure above we can see that lamp maria dB has been install as the application that runs
the website which will run MySQL, PHP and other resources that required to run an web
application (ubuntu, 2022).

27 | P a g e
7.4 RDS

Figure 21

In figure above shows the database from the RDs can create after we have installed the application
for it. Basically, RDS is for user to import the database inside to manage SQL that has been
provided from AWS (Lutkevich, 2021).

7.5 Parameter Store

Figure 22

28 | P a g e
The parameter store is an AWS security feature that can store strings of data. The parameter store
stores sensitive and important data suck as in this figure above case is database, endpoint,
password, and user data that is very sensitive for it to be leaked. Like personal information and
multiple user’s password (AWS, AWS, 2022).

29 | P a g e
8.0 High Availability/Scalability (Lim Kan Zheng TP064960)

8.1 Web Application

A web application is a software application that is accessible over the internet using a web
browser. High availability and scalability are two important characteristics of a web application
that enable it to provide reliable and efficient service to users.

High availability refers to the ability of a web application to always remain available and
accessible to users, even in the face of hardware or software failures, network outages, or other
disruptions. A web application that has high availability can continue to operate and serve users
without any downtime or degradation of performance.

Scalability refers to the ability of a web application to handle increases in traffic and usage
without any disruption or loss of performance. A scalable web application can automatically add
or remove resources such as computing power, storage, and network bandwidth to meet the
changing demands of users.

Together, high availability and scalability are essential for a web application to provide a
reliable and efficient service to users. A web application that has high availability and scalability
can handle fluctuations in traffic and usage without any downtime or performance degradation,
ensuring that users can always access and use the application.

Figure 23 Website that successfully deployed.

30 | P a g e
The figure above shows a successful deployment of a website on a web server. In this scenario,
the web server has been set up and configured to serve the website to users. The website files and
data have been transferred to the web server, and the web server has been configured to handle
requests from users and serve the website to them. This website uses a DNS name which is
‘CapstoneProject-LB-426972011.us-east-1.elb.amazonaws.com”, people can access to the website
using the DNS name instead of the IP address of the web server.

Figure 24

The ‘sudo yum install’ command is used to install packages on a Linux system that uses the yum
package manager. The ‘sudo’ command is used to run the yum install command with superuser
privileges, which are required to install packages on the system.

This command will instruct the yum package manager to download and install the mariadb-
server package from the package repository. The mariadb-server package contains the MariaDB
database server, which is a popular open-source database management system.

8.2 High Availability

8.2.1 Elastic Load Balancer

An Elastic Load Balancer (ELB) is a service provided by AWS that distributes incoming traffic
across multiple target instances in a public subnet. The ELB uses the HTTPS protocol on port 80
to route traffic securely and efficiently to the target instances.

In a public subnet, the ELB is assigned a public IP address that can be accessed by users over the
internet. When a user sends a request to the ELB using the HTTPS protocol on port 80, the ELB
receives the request and routes it to one of the target instances in the public subnet.

31 | P a g e
The target instances are typically web servers or other application servers that are running the web
application or service that the user is trying to access. The ELB uses a load balancing algorithm to
determine which target instance should receive the request based on factors such as the availability
and performance of the target instances.

Once the ELB has routed the request to a target instance, the target instance processes the request
and sends a response back to the user through the ELB. The ELB then routes the response back to
the user, completing the request-response cycle.

Overall, an Elastic Load Balancer is a service that distributes incoming traffic across multiple
target instances in a public subnet using the HTTPS protocol on port 80. It provides high
availability, scalability, and security for web applications and services, and ensures that users can
access and use the applications and services reliably and efficiently.

Figure 25

8.2.2 Target Group

A target group is a collection of target instances that receive traffic from a load balancer. In AWS,
a target group is associated with a load balancer and specifies the port and protocol that the load
balancer uses to route traffic to the target instances. To configure a target group, you need to specify
the load balancer, the port, and the protocol that the load balancer will use to route traffic to the
target instances. Once you have specified these settings, you can launch an EC2 instance with a
specific DNS name and add it to the target group. The load balancer will then route traffic to the

32 | P a g e
instance based on the settings you have specified for the target group. This enables users to access
the instance using the DNS name and the specified protocol and port. Overall, configuring a target
group in AWS allows you to specify how the load balancer should distribute incoming traffic to
the target instances.

Figure 26

Deploying target group on AWS

To deploy a target group on AWS, the steps are in following:
1. Open the Amazon Elastic Load Balancer (ELB) console.
2. In the navigation pane on the left, click on Target Groups.
3. Click on the Create Target Group button.
4. In the Create Target Group dialog, enter a name for your target group in the Name field.
5. Select the target type for your target group. For example, if you want to use the target group
with an Amazon EC2 instance, you will select the IP address type.
6. Enter the Protocol and Port settings for your target group. These settings determine how
the target group will receive traffic from the load balancer.
7. Click on the Create button to create the target group.

After creating the target group, you can add targets to it by selecting the target group and clicking
on the Register Targets button. Then, you can attach the target group to a load balancer by selecting
the load balancer and clicking on the Edit button. In the Edit Load Balancer dialog, you can select
the target group from the dropdown list under the Target Group section. Once the target group is
attached to the load balancer, it will start to receive traffic from the load balancer.

33 | P a g e
8.2 3 Auto Scaling Group

The use of an auto scaling group with a launch template or launch configuration provides several
benefits. First, it allows you to easily manage and scale the number of instances in your application.
By defining rules for scaling, you can ensure that your application always has the desired level of
capacity, and the auto scaling group will automatically add or remove instances as needed. This
can help to improve the availability and performance of your application.

By using a launch template or launch configuration, the properties of the instances are added to
the auto scaling group. For example, you can specify the AMI ID, instance type, and key pair to
use when creating new instances. This allows you to control the configuration of the instances and
ensure that they have the required software and settings.

In the example given, changing the AMI ID to a newer version can ensure that the instances in the
auto scaling group are using the latest version of the AMI. This can provide access to new features
and security updates. Changing the subnet to a public subnet IP can allow the instances to be
accessed over the internet, which may be required for some applications. And increasing the
capacity to 2 can ensure that there are always at least two instances available to handle incoming
traffic.

Figure 27

34 | P a g e
9.0 Data Migration (Tan Jia Sin TP042191)

9.1 RDS

Figure 28

The first thing that we got to do for data migration is creating a new subnet group called “example-
db-subnet”. According to the figure above under Subnets as we can see there are two private
subnets in the above which shows the availability zone of private subnet of 10.0.2.0/23 and
10.4.0/23, these two private subnets because only the owner should be able to see the database.
RDS is the place where we create and import the database.

35 | P a g e
 Figure 29

In the figure 29 above is the database that we have created. According to the figure we can see it
using MY SQL engine. The VPC is already preconfigure for us which is example VPC. The subnet
group that it is using it example-db-subnet that we have created in RDS. As we can see there are
two private subnets in the database. The First one is the primary RDS and the second one is the
Replica RDS

Figure 30

In the figure above we can see the security group of the database which is Example DB, there are
two inbound and one scattered outbound which is 0.0.0.0/0. The Security group are preconfigured
by AWS.

36 | P a g e
 Figure 31

In the figure above shows the DB Identifier. The DB Identifier is basically for replication is a
backup.

Figure 32

The figure above is a Cloud Watch which is the monitoring tool for users to see the status of the
server and for this case is their own server activity. As we can see id the site is currently live.

37 | P a g e
 Figure 33

In this figure as we can wee that database is up and running because the option groups, we can
see the database is in sync that indicates the database is live.

9.2 MYSQL

Figure 34

According to figure above as we can see that we are using MariaDB that is a Linux server based
on the Cloud 9 IDE. In this step we need to import the database, as we can see based on the figure

38 | P a g e
we have successfully imported, and it is selecting the two different tables which is
Tables_in_exampledb and countrydata_final.

Figure 35

To import the database table, we need to install an amazon Linux server MariaDB. The server that
we have installed is a Lamp server by maria db that is running in php framework based on the
figure above. The installation of lamp server is under the AMI layer.

Figure 36

In the figure above shows the URL link that we need to add to the into server for it to import the
database into MariaDB. The key is needed to be add because the key is unique that it can identify
the owner which is this two end point keys “mysql -u admin -p --host example.cmbvbhb1xbc3.us-
east-1.rds.amazonaws.com”, “mysql -u admin -p exampled -- host example.cmbvbhb1xbc3.us-
east-1.rds.amazonaws.com<Countrydatadump.sql” and “example.cmbvbhb1xbc3.us-east-
1.rds.amazonaws.com” respectively. The first URL is to login to the console of the SQL server.
The second URL is the key to import the SQL. The third URL is the endpoint of the database.

39 | P a g e
9.3 SSH Command

Figure 37

SSH command is done by the console.

9.4 S3 Bucket

Figure 38

40 | P a g e
 Figure 39

The Lola Social Research Group have a history of getting attacked by ransomware and they need
a secure backup file for their website and S3 bucket can provide that solution. S3 Bucket is safe
storage solution for user to back anything that they want. User can store up to 100 buckets per
account after it has reached the limited quota user still can request to increase quota by visiting the
Service Quotas Console (Amazon, 2022). As you can refer the figure above is the S3 bucket where
in this case they are uploading the Lola Social Research Group current website content will be
upload into S3 bucket for fail safe backup. When in the event of the attack they can use the backups
of the website to re-live their website. As the Client just must upload file like in the figure above.

41 | P a g e
 Appendix

Work Breakdown Structure

Anesh Krishna Lim Kan Theebhan Tan Jia Sin

(TP048927) Zheng (TP051052) (TP042191)
(TP064960)

Introduction ✔ ✔ ✔ ✔

Cloud Architecture ✔ ✔ ✔ ✔
solution

Pricing Cost ✔ ✔ ✔ ✔

Cloud Environment ✔ ✔ ✔ ✔

Web Services ✔ ✔ ✔ ✔
Deployed

Project Challenges ✔ ✔ ✔ ✔

Cloud Infrastructure ✔ ✔ ✔ ✔

Security ✔

Deployment ✔

High ✔
Availability/Scalability

Data Migration ✔

42 | P a g e
 References
Amazon. (2022). AWS. Retrieved from Buckets overview:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingBucket.html
Arun, R. (2022, Feb 11). What is AWS EC2 and Why It is Important? Retrieved from
https://www.simplilearn.com/tutorials/aws-tutorial/aws-ec2
AWS. (2022, Decemeber 11). AWS. Retrieved from The Right Way to Store Secrets using
Parameter Store: https://aws.amazon.com/blogs/mt/the-right-way-to-store-secrets-using-
parameter-
store/#:~:text=Parameter%20Store%20is%20an%20AWS,customer%2Dspecific%20AW
S%20KMS%20key.
AWS. (2022). NAT gateways. Retrieved from NAT gateways:
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html
AWS. (2022). VPC with public and private subnets (NAT). Retrieved from VPC with public and
private subnets (NAT):
https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Scenario2.html
Controlling access with security groups. (2022). Retrieved from
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.RDSSecurityGro
ups.html
futurelearn. (2022, Decemebr). futurelearn. Retrieved from Symbolic Links and Their Use:
https://www.futurelearn.com/info/courses/linux-for-
bioinformatics/0/steps/201767#:~:text=A%20symlink%20is%20a%20symbolic,directory
%20in%20any%20file%20system.
Lu, L. (2022). Capstone Final Project Documentation. Retrieved from https://rstudio-pubs-
static.s3.amazonaws.com/216005_d7846e8a892640a6960bc5eafacb08f2.html
Lutkevich, B. (2021, September ). Tech Target. Retrieved from Amazon RDS (Relational
Database Service): https://www.techtarget.com/searchaws/definition/Amazon-Relational-
Database-Service-RDS
PAGE, V. (2022, November 6). Investopedia. Retrieved from What Is Amazon Web Services and
Why Is It So Successful?: https://www.investopedia.com/articles/investing/011316/what-
amazon-web-services-and-why-it-so-
successful.asp#:~:text=AWS%20provides%20servers%2C%20storage%2C%20networki
ng,twice%20its%20next%20closest%20competitor.
Project, C. (2022). Retrieved from
https://dts50.github.io/Data%20Scientist%20Nanodegree%20%20v5.0.0/Part%2009-
Module%2001-
Lesson%2006_[DSND%20Capstone]%20Cloud%20Deployment%20Instructions/Project
%20Rubric%20-%20Capstone%20Project.html

43 | P a g e
Subnet Mask Definition. (2022). Retrieved from https://avinetworks.com/glossary/subnet-mask/
ubuntu. (2022). LAMP Applications. Retrieved from LAMP Applications:
https://ubuntu.com/server/docs/lamp-
applications#:~:text=LAMP%20installations%20(Linux%20%2B%20Apache%20%2B,
Management%20Software%20such%20as%20phpMyAdmin.

Amazon. (2022). AWS. Retrieved from Buckets overview:

https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingBucket.html
Arun, R. (2022, Feb 11). What is AWS EC2 and Why It is Important? Retrieved from
https://www.simplilearn.com/tutorials/aws-tutorial/aws-ec2
AWS. (2022, Decemeber 11). AWS. Retrieved from The Right Way to Store Secrets using
Parameter Store: https://aws.amazon.com/blogs/mt/the-right-way-to-store-secrets-using-
parameter-
store/#:~:text=Parameter%20Store%20is%20an%20AWS,customer%2Dspecific%20AW
S%20KMS%20key.
AWS. (2022). NAT gateways. Retrieved from NAT gateways:
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html
AWS. (2022). VPC with public and private subnets (NAT). Retrieved from VPC with public and
private subnets (NAT):
https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Scenario2.html
Controlling access with security groups. (2022). Retrieved from
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.RDSSecurityGro
ups.html
futurelearn. (2022, Decemebr). futurelearn. Retrieved from Symbolic Links and Their Use:
https://www.futurelearn.com/info/courses/linux-for-
bioinformatics/0/steps/201767#:~:text=A%20symlink%20is%20a%20symbolic,directory
%20in%20any%20file%20system.
Lu, L. (2022). Capstone Final Project Documentation. Retrieved from https://rstudio-pubs-
static.s3.amazonaws.com/216005_d7846e8a892640a6960bc5eafacb08f2.html
Lutkevich, B. (2021, September ). Tech Target. Retrieved from Amazon RDS (Relational
Database Service): https://www.techtarget.com/searchaws/definition/Amazon-Relational-
Database-Service-RDS
PAGE, V. (2022, November 6). Investopedia. Retrieved from What Is Amazon Web Services and
Why Is It So Successful?: https://www.investopedia.com/articles/investing/011316/what-
amazon-web-services-and-why-it-so-
successful.asp#:~:text=AWS%20provides%20servers%2C%20storage%2C%20networki
ng,twice%20its%20next%20closest%20competitor.

44 | P a g e
Project, C. (2022). Retrieved from
https://dts50.github.io/Data%20Scientist%20Nanodegree%20%20v5.0.0/Part%2009-
Module%2001-
Lesson%2006_[DSND%20Capstone]%20Cloud%20Deployment%20Instructions/Project
%20Rubric%20-%20Capstone%20Project.html
Subnet Mask Definition. (2022). Retrieved from https://avinetworks.com/glossary/subnet-mask/
ubuntu. (2022). LAMP Applications. Retrieved from LAMP Applications:
https://ubuntu.com/server/docs/lamp-
applications#:~:text=LAMP%20installations%20(Linux%20%2B%20Apache%20%2B,
Management%20Software%20such%20as%20phpMyAdmin.

45 | P a g e