Laboratory Record

AWS Cloud Practitioner

Slot : A24+E21+F22
Fall Semester 2025-2026

Name of the student: Krishnendra Pratap Singh

Registration number: 23BAI11365
 Index
Page
Exp. No. Name of the Experiment
Number
Launch an EC2 instance using the AWS
Management Console by Select appropriate
1. instance types, AMIs, and configurations.
Connect to the EC2 instance using SSH or
Remote Desktop.
Create an S3 bucket and Configure bucket
2. policies, versioning, and encryption. Upload and
download objects to/from the S3 bucket.
Create an AWS Lambda function using Python
3. or [Link], set up event triggers, and perform
testing to ensure proper execution.
4. Elastic Beanstalk
5. Environment creation in beanstalk
RESTful API using Amazon API Gateway using
6.
AWS LambdaExercise
Launch an RDS instance by Select a database
engine (e.g., MySQL, PostgreSQL, SQL Server)
7.
and Configure database settings, including
storage, security, and backups.
Create an Identity and Access Management
(IAM) in AWS, including creating users, groups,
8.
roles, and policies, and managing access
permissions to AWS resources.
Creating and managing AMIs and snapshots in
9.
AWS and Attach EBS on a running instance.
Create CloudWatch alarms to monitor metrics
10. EC2 instances, RDS database, and ELB load
balancers and set up dashboards to visualize
performance metrics.
Exp No: Launch an EC2 instance using the AWS Management Console
1 by Select appropriate instance types, AMIs, and configurations.
17/7/25 Connect to the EC2 instance using SSH or Remote Desktop.

Aim: Launch an EC2 instance using the AWS Management Console by

Select appropriate instance types, AMIs, and configurations.
Connect to the EC2 instance using SSH or Remote Desktop.

Objective:

 Understand EC2 and its configuration options.

 Launch an EC2 instance with appropriate AMI and instance type.
 Configure security groups and key pairs.
 Successfully connect to the instance using RDP.

Program Code:

1. Login to AWS Console.

2. Navigate to the EC2 Dashboard.

3. Select Region from the right top corner.

4. Click “Launch Instance”.

5. Enter a name of EC2 Instance.

6. Select an Amazon Machine Image (AMI) (e.g. Windows).

7. Select an Instance Type (e.g., [Link]).

8. Create and select a Key Pair for secure connection.

9. Configure Network Settings and allow ports.

10. Review configuration and click “Launch Instance”.

11. Wait for the instance status to show “Running”.

12. Select the Experiment1 checkbox and then connect it.

13. Goto RDP Client then download remote desktop file.

14. Click get password and upload Experiment1_Key and decrypt the
password.

15. Run downloaded remote desktop file and enter the decrypted password.

16. Connect to the instance.

Output:

Successfully running an EC2 instance.

Exp No: Create an S3 bucket and Configure bucket policies, versioning,

2 and encryption. Upload and download objects to/from the S3
 17/7/25 bucket.

Aim: Create an S3 bucket and Configure bucket policies, versioning,

and encryption. Upload and download objects to/from the S3 bucket.

Objective:

After completion of this lab student shall be able to:

- Create an S3 bucket using AWS Console.

- Configure bucket policies for access control.

- Enable versioning and encryption for data protection.

- Upload and download objects to/from the S3 bucket.

Procedure:

1. Create an S3 Bucket:

Go to AWS Console → S3 → Create Bucket.

Provide a unique bucket name and region.

2. Enable Versioning:

Go to “Properties” → “Bucket Versioning” → Enable.

3. Configure Bucket Policy.

4. Enable Encryption:

Under “Properties” → “Default encryption” → Choose SSE-S3 or SSE-KMS.

5. Upload Objects:

Go to the “Objects” tab → Upload → Select files from your computer.

6. Download Objects:

Select the uploaded file → Actions → Download.

 Exp No:
3 Create an AWS Lambda function using Python or [Link], set up
22/7/25 event triggers, and perform testing to ensure proper execution.

Aim: Create an AWS Lambda function using Python or [Link], set up

event triggers, and perform testing to ensure proper execution.

Procedure:

1. Create the Lambda Function:

 Access the AWS Lambda Console:

 Sign in to the AWS Management Console and open the Lambda console.
 Create Function:
 Click "Create function."
 Select "Author from scratch."AWS Documentation
 Enter a function name (e.g., MyFunction).
 Choose the runtime:AWS Documentation
 For Python, select Python 3.x.
 Set up permissions by selecting or creating an execution role.
 Click "Create function."

2. Add Function Code:

 In the function's code editor:

 For Python, edit lambda_function.py.
 Ensure the handler is set correctly:
 For Python, use lambda_function.lambda_handler.
 Click "Deploy" to save changes.

3. Configure an Event Trigger (e.g., API Gateway):

 In the Lambda function's page, under "Function overview," click "Add

trigger."
 Select "API Gateway."
 Choose "Create an API" and select "HTTP API."
 Set security to "Open."
 Click "Add."

4. Test the Function:

 Direct Invocation:
 In the Lambda console, click "Test."
 Configure a test event with sample input data.
 Invoke the function and review the output.
  Via API Gateway:
 Use the provided API endpoint to send HTTP requests (e.g., using a
browser or tools like cURL or Postman).
 Verify the function'sresponse.

Coding:

import json

def lambda_handler(event, context):

return {

"statusCode": 200,

"body": [Link]("Hello from Lambda!")

}
Exp No:
4 Elastic Beanstalk
22/7/25

Aim: Elastic Beanstalk

Procedure:
Exp No: 5 Environment creation in beanstalk

22/7/25
Aim: Environment creation
Procedure:
Exp No:
6 RESTful API using Amazon API Gateway using AWS
2/9/25 LambdaExercise

Aim: RESTful API using Amazon API Gateway using AWS

LambdaExercise

Aim: Create a RESTful API using Amazon API Gateway and AWS
Lambda that performs basic CRUD (Create, Read, Update, Delete)
operations on a user database.

Prerequisites:

 Basic understanding of RESTful APIs

 AWS account setup
 Familiarity with AWS Lambda and API Gateway
 Basic knowledge of Python (or [Link]) for Lambda functions

Objectives:

After completion of this lab student shall be able to:

 Explain RESTful APIs and their principles.

 Demonstrate the integration of AWS Lambda with API Gateway.
 Implement a simple RESTful API using Amazon API Gateway and AWS
Lambda.
 Understand the process of deploying and testing an API in AWS.

Underlying Concept / Theory:

A RESTful API (Representational State Transfer API) follows REST principles

and allows interaction between distributed systems using HTTP methods like
GET, POST, PUT, and DELETE.

Amazon API Gateway is a fully managed service that enables developers to

create, deploy, and manage secure APIs. It acts as a front door for
applications, handling authentication, request validation, and traffic
management.

AWS Lambda allows running code without provisioning servers. It supports

various

programming languages and integrates with API Gateway to execute

functions upon API requests.

Algorithm:

Create an AWS Lambda Function:

 Go to the AWS Lambda console.

 Create a new function.
 Choose "Author from scratch" and select Python or [Link] as the
runtime.
 Write a simple function that returns a JSON response.
 Deploy the function.

Create an API in Amazon API Gateway:

 Open the API Gateway console.

 Create a new REST API.
 Define a resource (e.g., /greet).
 Create a GET method and link it to the Lambda function.
 Deploy the API.

Test the API Endpoint:

 Copy the API endpoint URL.

 Send a GET request using a web browser or Postman.
 Observe the response.

Coding:

import json

def lambda_handler(event, context): return {

"statusCode": 200,

"body": [Link]({"message": "Hello, welcome to RESTful APIs with AWS

Lambda!"})
}}

Output:

After deploying and invoking the API, the expected response is:

"message": "Hello, welcome to RESTful APIs with AWS Lambda!"}

Conclusion:

In this experiment, we successfully created a RESTful API using Amazon API

Gateway and AWS Lambda. We implemented a serverless function that
handles HTTP requests and returns a JSON response. This demonstrates how
to build scalable and cost-efficient APIs using AWS services.
Exp No: Launch an RDS instance by Select a database engine (e.g., MySQL,
7 PostgreSQL, SQL Server) and Configure database settings, including
2/9/25 storage, security, and backups.

Aim: Launch an RDS instance by Select a database engine (e.g.,

MySQL, PostgreSQL, SQL Server) and Configure database settings,
including storage, security, and backups

Objectives:

To deploy and configure an Amazon RDS MySQL Multi-AZ instance, secure it

with a security group, define a DB subnet group, and connect it to a web
application for data persistence.

By the end of this exercise, you will be able to:

 Create an Amazon RDS MySQL instance with Multi-AZ deployment.

 Set up a Security Group to allow access from an EC2-based web
application.
 Create and configure a DB Subnet Group for high availability.
 Establish a connection between the RDS instance and a web
application.
 Understand how data replication works in Amazon RDS Multi-AZ.

Procedure:

Step 1: Create a Security Group for RDS

1. Open AWS Management Console → Search VPC → Select Security

Groups.
2. Click Create Security Group → Name: DB Security Group.
3. Add Inbound Rule:

 Type: MySQL/Aurora (3306).


 Source: Select Web Security Group.

4. Click Create Security Group.

Step 2: Create a DB Subnet Group

1. Open AWS RDS Console → Select Subnet Groups.

2. Click Create DB Subnet Group → Name: DB-Subnet-Group.

3. Choose Lab VPC and add subnets in us-east-1a and us-east-1b.

4. Select CIDR ranges: [Link]/24 and [Link]/24.

5. Click Create.

Step 3: Launch an RDS MySQL Instance

1. Open AWS RDS Console → Select Databases → Click Create database.

2. Choose MySQL as the engine, Multi-AZ for availability.

3. Configure:

 DB instance ID: lab-db.

 Username: main, Password: lab-password.
 DB instance class: [Link].
 Storage: 20 GB SSD.
 VPC: Lab VPC.
 Security Group: DB Security Group.

4. Disable encryption and automatic backups for faster setup.

5. Click Create Database and wait for the status to change to Available.

6. Copy the Endpoint (e.g., [Link]).

Step 4: Connect Web Application to RDS

1. Retrieve WebServer IP from AWS Details.

2. Open a browser → Enter WebServer IP → Click RDS.

3. Enter:

 Endpoint: (Paste the copied RDS endpoint).

 Database: lab.
 Username: main.
 Password: lab-password.

4. Click Submit → The Address Book will appear.

5. Test by adding, editing, and deleting contacts.

Output:

 Security Group created → Allows EC2 to connect to RDS.

 DB Subnet Group created → Ensures availability in multiple zones.
 Amazon RDS MySQL instance launched → Multi-AZ deployment
enabled.
 Web application successfully connected to RDS.
 Address Book displayed → Data stored and retrieved in real time.
 Exp No: 8|Create IAM users
5/8/25

Aim:
Create an Identity and Access Management (IAM) in AWS, including creating
users, groups, roles, and policies, and managing access permissions
to AWS resources.

Procedure:
1. In the search box to the right of Services, search for and choose IAM to open
the IAM console.

2. In the navigation pane on the left, choose Users. The following IAM Users
have been created for you:

• user-1

• user-2

• user-3

3. Choose the user-1 link, Notice that user-1 does not have any permissions.
Choose the Groups tab, user-1 also is not a member of any groups.

4. In the navigation pane on the left, choose User groups. The following groups
have already been created for you:

• EC2-Admin

• EC2-Support

• S3-Support

5. Choose the EC2-Support group link, This group has a Managed Policy
associated with it, called AmazonEC2ReadOnlyAccess. In the navigation pane on the
left, choose User

groups.

6. Choose the S3-Support group link and then choose the Permissions tab. The
S3-Support group has the AmazonS3ReadOnlyAccess policy attached.
7. Choose the EC2-Admin group link and then choose the Permissions tab.

This Group is slightly different from the other two. Instead of a Managed Policy, it
has an Inline Policy, which is a policy assigned to just one User or Group. Inline
Policies are typically used to apply permissions for one-off situations.

8. Add user-1 to the S3-Support Group

• In the left navigation pane, choose User groups.

• Choose the S3-Support group link.

• Choose the Users tab.

• In the Users tab, choose Add users.

• In the Add Users to S3-Support window, configure the following:

• Select user-1.

• At the bottom of the screen, choose Add users.

9. Add user-2 to the EC2-Support Group, Using similar steps to the ones above,
add

user-2 to the EC2-Support group.

10. Add user-3 to the EC2-Admin Group, Using similar steps to the ones above,
add user- 3 to the EC2-Admin group.

11. In the navigation pane on the left, choose Dashboard.

This link can be used to sign-in to the AWS Account you are currently using.

12. Paste the IAM users sign-in link into the address bar of your private browser
session and press Enter.

Next, you will sign-in as user-1, who has been hired as your Amazon S3 storage
support staff.

• IAM user name: user-1

• Password: Lab-Password1

Since your user is part of the S3-Support Group in IAM, they have permission to
view a list of Amazon S3 buckets and the contents.

In the left navigation pane, choose Instances.

You cannot see any instances. Instead, you see a message that states You are not
authorized to perform this operation. This is because this user has not been granted
any permissions to access Amazon EC2.

13. You will now sign-in as user-2, who has been hired as your Amazon EC2
support person.

• IAM user name: user-2

• Password: Lab-Password2

You are now able to see an Amazon EC2 instance because you have Read Only
permissions. However, you will not be able to make any changes to Amazon EC2
resources.

• Select the instance named LabHost. In the Stop Instance window, select Stop.

You will receive an error stating You are not authorized to perform this operation.
This demonstrates that the policy only allows you to view information, without
making changes.

14. You will now sign-in as user-2, who has been hired as your Amazon EC2
support person

• IAM user name: user-3

• Password: Lab-Password3

As an EC2 Administrator, you should now have permissions to Stop the Amazon EC2
instance.

• Select the instance named LabHost . In the Stop instance window, choose
Stop.

The instance will enter the stopping state and will shutdown.
Output:
Remarks:
• The IAM Policies were correctly assigned to groups, ensuring users have only the required
permissions.

• The principle of least privilege was successfully implemented, reducing security risks.

• The group-based access control simplifies user management, making it easier to modify
permissions when needed.