Assignment 1 budget part 2 and 3

AWS

AWS is a cloud web service which basically provides OnDemand cloud services via the AWS website. These services can be access at anytime and anywhere with just a computer and internet.

AWS basically is a big provider of the cloud computing industry as they offer their services in 42 different availability zones meaning that anyone can put their services in any of these 42 zones. There are also many big companies that use AWS for their cloud services (IaaS) a couple of these companies are MYOB and Naughty Dog which use their services to host components in their software and applications.

EC2 instances (Virtual Machines)

One of the services that AWS offer in their cloud services and this is EC2 instances which basically acts like a virtual machine which the EC2 instances can be run in any of the 42 closest locations which for example for me this would be Australia, Sydney as it will not have a lot of latency issues when trying to connect. (AWS, 2017)

EC2 Pricing

When using the EC2 service in AWS the pricing is based on the region and the up time of the instance per hour so again for me this would-be Sydney in Australia and the pricing for this will be different for each area and for each different type of system you choose will have a different price as the more power the company wants to use the more it’s going to cost. (AWS, 2017)

EC2 pricing

 

As from above you can see that there are many processing types from t2.nano to m3.2xlarge which the m3.2xlarge is the most expensive at $1.249 per hour meaning that basically when you aren’t using it turn it off as it still bills you if it is on and is not being used. (AWS, 2017)

So for a business they would probably go with a t2.small to a t2.large as they are the most cheapest to run and they basically give you the same processing power as a normal system would and you just don’t have to pay for the power it uses as that what the pricing is for. (AWS, 2017)

Load balancing

There is also another service that EC2 can use and this is load balancing which is a function in the EC2 services. What this basically does is group two EC2 instances and gives them an elastic IP address which this basically enables the instances to balance the load out to each other and when one crashes the other instance takes over and takes on the other resources and traffic from the instance. (AWS, 2017)

Load balancing prices

Like the EC2 pricing the Load balancer pricing varies from region to region which I ended up using the Sydney region for this which for the load balancer it cost $0.028 per Elastic Load Balancer per hour and $0.008 per GB that is processed.

So basically, this is my opinion on load balancer but I think that this would be good for online shopping and auction sites as since these types of websites usually have a lot of traffic and it would be good for them to able to balance the load on each instance so if one gets busy it can divert the traffic to the other instance. (AWS, 2017)

S3 storage

In AWS S3 storage is basically the structured storage service for AWS as it basically lets you upload files to an S3 bucket so that you can use for basically anything and at any time in the world by making the bucket and its contents publicly viewable so others can see it for example a website as you can host a website inside an S3 bucket.

S3 price

So basically when it comes to the pricing of S3 storage for the standard storage it is much cheaper to use more storage then using a little as you can see that with the Sydney prices it $0.25 for the first 50TB, then the next 450TB is $0.24 per GB and over 500TB is $0.23 per GB. (AWS, 2017)

Security

AWS basically is good when it comes to security for its customers and the cloud services as their focus is keeping the customers information safe while keeping the AWS service safe and friendly to use. There are couple parts of the cloud service that basically focuses on security.

  • When trying to access an EC2 instance the user must have a pair key connected to the instance as that is how you decrypt the password that is set to access the instance as you don’t just set the password yourself.
  • Also with the EC2 instances they are created through another service called VPC which basically lets the user to basically set any custom rules to the system which for example I could set that I can only remote desktop into the instance by setting up it to allow only my IP address through.
  • The instances also allow a business to set an instance to be in multiple availability zones meaning that the business can be accessed around the world.

 

Azure

Azure is Microsoft cloud service provider in the major infrastructures that offer it. Like AWS they have about 40 regions where you can put your services in and can put the services as a multi AZ zone.

Virtual Machines

With Azure, they don’t give the virtual machine a fancy name like AWS does they just called it by their normal name virtual machines.

Azure with virtual machines offer a good range of OS systems to run on the virtual machines as they basically open the virtual machines to open source software like Red hat, Ubuntu and Chef which is a community driven OS. They also make it so you can deploy databases also so for example I could deploy Oracle database. (Microsoft, 2017)

Azure VM price power

As we can see from the image above Azure has 5 different instances under basic pricing as the basic package for their instances the CPU and the memory aspect are configured so that it best suits basically the entry level businesses which I am going to use Dinostore as an example for this as it would be best suit for them as they are only selling in NZ and they have only just started their business up so they won’t have a lot of money to go on for the big types of instances.

With the pricing for their services is basically a pay by the hour it runs so if you have a A2 instance type you will get 2 cores, 3.5GiB of RAM and 60GB of storage for a price of $0.167/hr which is a fair price for small business. (Microsoft, 2017)

Virtual Machine Scale Sets

With Azure, you have a service called Virtual Machine Scale Sets which is basically a load balance service. Which the main purpose of this service is to basically automatically balance of the main VM and rapidly creates more VM’s to take on some of the traffic till it basically low enough to delete the VM off. It also links into other services like Azure Load Balancer which basically does the same but also allows you to configure the NAT rules so that if you are having trouble you can contact the trouble shooter to help you out. (Microsoft, 2017)

Virtual Machine Scale Sets (Prices)

For the prices for this service it is basically free to use as you get one VIP to use for load balancing meaning that it basically free to use.

But for the Virtual Machine Scale Sets it basically the same price as the VM’s so it would be $0.167/hr for an A2 instance.

So, basically so far AWS seems to be the best bet for the auto scaling in terms of cost but in terms it overall this is the best bet so far as we can use auto scaling for the free tier machines but after using the free tier it will cost so it best to use Azura in terms of auto scaling. (Microsoft, 2017)

Blob Storage

There are so many different storage types in Azura which range from normal storage to site recovery so I am going to focus on the blob storage type in Azura.

Blob storage in Azura basically enables the customer to basically scale the unstructured data and can change the amount of data storage you have on the go so if one day you need to have another server you can up the storage level and not be billed for a fixed amount of storage as it billed by what you use so if I use only 50gb I will be only billed for that amount so if you won’t use all the storage in one billing period you won’t be billed for that.

Blob storage also enables the customer to basically enable multiple availability zones as it enables redundancy so for a small business it would be good as if they have trouble accessing it in one region like Sydney and they have it in another region like the other Australia region they can access it from that region they will just need to change the region access. (Microsoft, 2017)

Blob Storage Price

As said before the Blob storage is a pay what you use price type so again you are basically paying the amount of storage you use ranging from 50TB to 500TB but it is also by the type of storage you use as it ranges from LRS-COOL to RGARS-HOT. (Microsoft, 2017)

So, what I can see for the Blob storage it is best to go with GRS-COOL as it basically a fixed price of $0.03 for each amount of storage which gives you an availability of 99% but gives you a higher access and transaction cost. (Microsoft, 2017)

Azure storage prices

So, as said before GRS-COOL is low in terms of storage prices but the access and transaction prices are higher if you use this storage type as for Put Blob it is going to cost $0.20 USD per 10000, other operations except delete is $0.01 USD, Data retrieval also $0.01 USD, Data write $0.005 per GB USD and Geo Replication is $0.12 per GB USD. (Microsoft, 2017)

Azure storage prices 2

Security

  • Uses anti-virus software like McAfee and works like a normal virus on a normal computer.
  • Secures sensitive data so you don’t have to worry about your data be stolen as it monitors the data 24/7 and offers extra protection by offering industry levelled protection so like trend micro.
  • Uses keys to improve the security of the SQL and VM’s while also enabling you to change permissions and active directory in Azure.
  • Uses VPN’s to basically keep network traffic safe.

 

 

 

 

 

 

 

Google Cloud

Compute Engine/Load balance

Compute Engine is Google Cloud’s version of VM’s which apparently enables the VM’s to scale from a single instance to a global quickly so it will be good for a webstore as they will give a lot of traffic so it will balance out according to the traffic.

It also allows basically SSD’s to be connected physically to the VM’s meaning that a business can use their own SSD’s and it will be encrypted on Google’s end. But to me I don’t trust this function as they will be able to see your data on the SSD but then again it more secure in terms of backing up the data.

When it comes to power for these machines Google decided to use renewable energy to run the whole data centre which results in consuming 50% less energy meaning they are saving on power and also saving the earth at the same time. (Google, 2017)

Compute Engine Price

googlecloudprice

So the image above is basically the first standard machine types for Google Cloud VM’s which has actually surprised me as I thought Google would have a low price for their standard machines but it looks like they are actually more expensive than AWS and Azure combined as I reckon the n1-standard-16 would be the best bit for a business as it would have enough storage to run but even though it 60GB the cores are real high at 16 which is probably why the price is at $0.76/hr to run which for a small business it would be expensive even with 1 free instance as they would want 2 just in case one goes down. (Google, 2017)

Storage

With Google Cloud Storage they offer redundancy and durable which all this is good as it helps the business a lot.

When it comes to redundancy google offers multi regional compatibility which a result of this it provides low latency meaning that anyone can basically access it anytime and anywhere if you put the storage multiple regions it also good because if you lose one file on one region it means you wouldn’t actually lose it as it on another region. It also makes sure that 99.95% that the storage is available

Then there is the durable side of Google Cloud Storage which to me this is good as this means that 99.999999999% the storage will be durable meaning that when it stores the data it will be redundant and will do an auto checksum which will basically check the integrity of the storage.

Lastly it offers scalability which basically means that if a business grows over time and needs more storage their current storage on Google Cloud will scale so that it meets the company’s new storage needs it will also do the same if the business needs less storage it can scale down to meet again the new storage needs.

Google Cloud storage price

When it comes to the storage price for Google Cloud it first of starts with free storage. Which is supported through Google Clouds free tier which because of this you get 5GB regional storage every month, 5,000 class A-operations, 50,000 class b operations and 1GB of egress from North America.

But when you use up the free tier for the month before it renews it will start costing you to use the storage service which the following apply to the business for a general price as since there no Australia service I assume the next best will be just US. (Google, 2017)

googlestorageprice

So basically, for a business that wants redundancy they will go for the Multi-Regional storage as that enables the business to put their data in a second region so if one goes down it can go to that region and still be able to access their data. So, this will cost them basically $0.026 USD per GB per month which is a decent price in terms for redundancy. (Google, 2017)

googlestorageprice2

Security

  • Google cloud offers the support of IAM roles which basically enables the root account to basically create users that have certain roles which basically only enables them to do certain things on the services and can restrict them from using certain services.
  • Uses key encryption throughout Google Cloud to give security to data and instances meaning that you need the key to access them. It also means that your data is safe as it will need the private key to decrypt the password or data that is stored.
  • Google basically also has an intrusion detection software enabled meaning that any attacks that happen on Google and Google Cloud will be detected.

Case studys and their benefits from AWS

Geonet

Geonet started using AWS after the Christchurch Earthquake in 2010 as people started to rely on the app Geonet has for notifications so Geonet changed to AWS to host their app for smartphone and iPhone. So, then geonet started using the auto scaling feature of AWS to meet the new need of the number of users using the app.

Benefits

Geonet has really benefit from using AWS for their app as before the Christchurch earthquake they only sent 700 people notifications which was to only emergency services and then this changed since the earthquake as after that 150,000-people started using the Geonet when an event has happened so since they started using AWS for the app they have benefit from the auto scaling and elastic beanstalk as it will meet the new demand for the app meaning more people can use it without the delay of notifications.

Also, they have benefited from elastic beanstalk which basically is another auto scaling service but for data instance. They have from benefited from this because basically beforehand their datacentre equipment couldn’t handle the load and ever since using the AWS service they have be able to meet the new demand as they scale up and down when needed. (AWS, 2017)

Fairfax media

For Fairfax media, they have used enormous AWS services ranging from EC2 to RDS as they have been able to meet their needs and is trying to step more into the digital age as they have reached 40% of the customers daily through different devices and methods.

Benefits

Fairfax media has had a lot of benefits since using AWS EC2, S3 and RDS which one of these benefits is that it has been able to bring their products and prints out more quickly meaning that they are able to push more material out on time as they don’t have to manage the material if it gets to slow to get out as AWS scales the downloads to meet the download traffic.

The next benefit is basically relating to the cost as ever since using AWS they have been able to save more as when they were using a large scale CapEx to control the cost as when they were using this it cost a lot to keep it to scale. It will also expensive for them to keep the equipment running the depreciation cycle so since AWS they don’t have to worry about this as AWS will run these cycles for them meaning they only pay for the services they use which will be less then when they had to pay for the equipment to run it. (AWS, 2017)

Bibliography

AWS. (2017, June 3). Amazon EC2. Retrieved from Amazon Web Services: https://aws.amazon.com/ec2/?nc2=h_m1

AWS. (2017, June 3). Amazon EC2 Pricing. Retrieved from Amazon Web Services: https://aws.amazon.com/ec2/pricing/

AWS. (2017, June 3). Amazon S3 Pricing. Retrieved from Amazon Web Services: https://aws.amazon.com/s3/pricing/

AWS. (2017, June 2). AWS Case Study: Fairfax Media. Retrieved from Amazon Web Services: https://aws.amazon.com/solutions/case-studies/fairfax-media/

AWS. (2017, June 2). AWS Case Study: GeoNet. Retrieved from Amazon Web Service: https://aws.amazon.com/solutions/case-studies/geonet/

AWS. (2017, June 3). Classic Load Balancer Pricing. Retrieved from Amazon Web Service: https://aws.amazon.com/elasticloadbalancing/classicloadbalancer/pricing/

AWS. (2017, June 3). Elastic Load Balancing. Retrieved from Amazon Web Services: https://aws.amazon.com/elasticloadbalancing/?nc2=h_m1

Google. (2017, June 2). CLOUD IDENTITY & ACCESS MANAGEMENT. Retrieved from Google Cloud Platform: https://cloud.google.com/iam/

Google. (2017, June 2). COMPUTE ENGINE. Retrieved from Google Cloud Platform: https://cloud.google.com/compute/

Google. (2017, June 2). Google Cloud Storage Pricing. Retrieved from Google Cloud Platform: https://cloud.google.com/storage/pricing

Google. (2017, June 2). Google Compute Engine Pricing. Retrieved from Google Cloud Platform: https://cloud.google.com/compute/pricing

Microsoft. (2017, June 3). Azure Storage Pricing. Retrieved from Microsoft Azure: https://azure.microsoft.com/en-us/pricing/details/storage/blobs/

Microsoft. (2017, June 3). Storage. Retrieved from Microsoft Azure: https://azure.microsoft.com/en-us/services/storage/

Microsoft. (2017, June 2). Virtual Machine Scale Sets. Retrieved from Microsoft Azure: https://azure.microsoft.com/en-us/services/virtual-machine-scale-sets/

Microsoft. (2017, June 2). Virtual Machines. Retrieved from Microsoft Azure: https://azure.microsoft.com/en-us/services/virtual-machines/

Microsoft. (2017, June 2). Windows Virtual Machine Scale Sets Pricing. Retrieved from Microsoft Azure: https://azure.microsoft.com/en-us/pricing/details/virtual-machine-scale-sets/windows/

Microsoft. (2017, June 2). Windows Virtual Machines Pricing. Retrieved from Microsoft Azure: https://azure.microsoft.com/en-us/pricing/details/virtual-machines/windows/

 

Budget report week 14 (Last post)

Week 14 budget

This is my last budget report for the assignment so what we can see here is that for week 14 RDS was the highest in terms of cost but for some reason it included June and it doesn’t show any bills that have been taken from my account.

So basically this week again I am surprised that the RDS is the top cost for this week for the second week in a row this is probably because I have not created a lot of instances the last 2 weeks so this is probably why this has happened.  Which the overall cost was $1.22 USD.

Then there was the EC2-other which again I think this isn’t related to the instances and more to the elastic IP address as it cost but also just before it updated to own me $0.05 USD so I don’t know what is happening but before this, it was at $0.83 USD for EC2-other.

Then there are the EC2 instances which currently is sitting at only $0.16 USD. This is because for this week I haven’t mainly touch anything to do with the EC2 instances as only been creating them with the stack and then basically deleting them off.

Lastly, we then have KMS (Key Management Service) which currently is sitting at about $0.10 USD but also -$0.05 for the June as I don’t know why but for some reason this has happened but other than that it is lower than normal as usually, it is at $0.21 but for some reason it isn’t for this week so it might because it at a new month.

Week 14 budget 2

Then there is the forecast of this week cost which to me it will be the bar not the median as from now till the end of the month I will be only working only on little parts of the script I am using so it would probably cost only $0.05 – $0.40 for this week so basically I think it kind of going overboard with the median.

Budget report week 13

week 13 budget

This week compared to last week is basically the same but with a different service being the most expensive this week which was RDS.

RDS for this week was the highest even though I didn’t use it for some reason it still charged me for it this could because of the stacks that I was creating must have had something to do with RDS that I didn’t know about. For the total cost, this week for RDS was at $2.86 which is the highest it has ever been for this service since assignment 3.

Then there is the EC2-other which was the second highest this week which was at $1.83 this was definitely from my stack as it creates an elastic IP, auto scaling and load balancer which has a t2.large attach to it.

Then there are the EC2 instances which for once it was the third lowest for this week which is because at this point I have finished actually using the EC2 instances and was able to delete off dinostore stuff. The only reason I now use it is to basically create the stack so that it can work. This week bill for EC2 was at $0.35 USD which is the lowest I ever had since starting the NET702 course.

Lastly, there is the key management service which as usual it is at $0.23 which is the usual amount now for this service.

week 13 budget 2

So apparently from the forecast graph it says apparently it going to cost me $0.20 USD each day but for some reason I doubt this as lately I have been billed around $5 so it won’t be this.

Cloudformation Assignment 4 Success

Today I have finally fixed the last error I had with my template which was IamInstanceProfile”: “AD-DS-Scenario-3-RDGWStack-J8EJ15FIION7-RDGWHostProfile-GQ7YTFXO0QMM” which was only a single line that I had to take out of the AD-DS-Scenario-3-RDGWStack-J8EJ15FIION7-RDGWHostProfile-GQ7YTFXO0QMM resource which after that it basically finished no errors and nothing else happened.

So because of this I now have my own cloud formation template that creates a Windows ADDS template without any references.

Assignment 4 net template 13

{
“AWSTemplateFormatVersion”: “2010-09-09”,
“Resources”: {
“vpc9075e6f4”: {
“Type”: “AWS::EC2::VPC”,
“Properties”: {
“CidrBlock”: “10.0.0.0/16”,
“InstanceTenancy”: “default”,
“EnableDnsSupport”: “true”,
“EnableDnsHostnames”: “true”,
“Tags”: [
{
“Key”: “Name”,
“Value”: “Scotts-ADDS”
},
{
“Key”: “Text”,
“Value”: “ADDS-VPC-IP-Address”
}
]
}
},
“subnet121b4576”: {
“Type”: “AWS::EC2::Subnet”,
“Properties”: {
“CidrBlock”: “10.0.0.0/19”,
“AvailabilityZone”: “ap-southeast-2a”,
“VpcId”: {
“Ref”: “vpc9075e6f4”
},
“Tags”: [
{
“Key”: “Name”,
“Value”: “Private subnet 1A”
},
{
“Key”: “Network”,
“Value”: “Private”
}
]
}
},
“subnet66e0773f”: {
“Type”: “AWS::EC2::Subnet”,
“Properties”: {
“CidrBlock”: “10.0.144.0/20”,
“AvailabilityZone”: “ap-southeast-2c”,
“VpcId”: {
“Ref”: “vpc9075e6f4”
},
“Tags”: [
{
“Key”: “Network”,
“Value”: “Public”
},
{
“Key”: “Name”,
“Value”: “Public subnet 2A”
}
]
}
},
“subnet19e07740”: {
“Type”: “AWS::EC2::Subnet”,
“Properties”: {
“CidrBlock”: “10.0.32.0/19”,
“AvailabilityZone”: “ap-southeast-2c”,
“VpcId”: {
“Ref”: “vpc9075e6f4”
},
“Tags”: [
{
“Key”: “Network”,
“Value”: “Private”
},
{
“Key”: “Name”,
“Value”: “Private subnet 2A”
}
]
}
},
“subnet111b4575”: {
“Type”: “AWS::EC2::Subnet”,
“Properties”: {
“CidrBlock”: “10.0.128.0/20”,
“AvailabilityZone”: “ap-southeast-2a”,
“VpcId”: {
“Ref”: “vpc9075e6f4”
},
“Tags”: [
{
“Key”: “Name”,
“Value”: “Public subnet 1A”
},
{
“Key”: “Network”,
“Value”: “Public”
}
]
}
},
“igwd16371b4”: {
“Type”: “AWS::EC2::InternetGateway”,
“Properties”: {
“Tags”: [
{
“Key”: “Network”,
“Value”: “Public”
}
]
}
},
“dopt6b3fe70f”: {
“Type”: “AWS::EC2::DHCPOptions”,
“Properties”: {
“Tags”: [
{
“Key”: “Domain”,
“Value”: “example.com”
}
],
“DomainName”: “example.com”,
“DomainNameServers”: [
“10.0.5.173”,
“10.0.43.239”
]
}
},
“acl89d889ed”: {
“Type”: “AWS::EC2::NetworkAcl”,
“Properties”: {
“VpcId”: {
“Ref”: “vpc9075e6f4”
}
}
},
“rtb9386a2f7”: {
“Type”: “AWS::EC2::RouteTable”,
“Properties”: {
“VpcId”: {
“Ref”: “vpc9075e6f4”
}
}
},
“rtbf685a192”: {
“Type”: “AWS::EC2::RouteTable”,
“Properties”: {
“VpcId”: {
“Ref”: “vpc9075e6f4”
},
“Tags”: [
{
“Key”: “Network”,
“Value”: “Public”
},
{
“Key”: “Name”,
“Value”: “Public Subnets”
}
]
}
},
“rtb0d87a369”: {
“Type”: “AWS::EC2::RouteTable”,
“Properties”: {
“VpcId”: {
“Ref”: “vpc9075e6f4”
},
“Tags”: [
{
“Key”: “Name”,
“Value”: “Private subnet 2A”
},
{
“Key”: “Network”,
“Value”: “Private”
}
]
}
},
“rtbe080a484”: {
“Type”: “AWS::EC2::RouteTable”,
“Properties”: {
“VpcId”: {
“Ref”: “vpc9075e6f4”
},
“Tags”: [
{
“Key”: “Name”,
“Value”: “Private subnet 1A”
},
{
“Key”: “Network”,
“Value”: “Private”
}
]
}
},
“eip54153222186”: {
“Type”: “AWS::EC2::EIP”,
“DependsOn”: [
“gw1”
],
“Properties”: {
“Domain”: “vpc”
}
},
“asgADDSScenario3RDGWStackJ8EJ15FIION7RDGWAutoScalingGroup10NG4N1ZTXI5U”: {
“Type”: “AWS::AutoScaling::AutoScalingGroup”,
“Properties”: {
“AvailabilityZones”: [
“ap-southeast-2a”,
“ap-southeast-2c”
],
“Cooldown”: “300”,
“DesiredCapacity”: “1”,
“HealthCheckGracePeriod”: “0”,
“HealthCheckType”: “EC2”,
“MaxSize”: “1”,
“MinSize”: “1”,
“VPCZoneIdentifier”: [
{
“Ref”: “subnet66e0773f”
},
{
“Ref”: “subnet111b4575”
}
],
“LaunchConfigurationName”: {
“Ref”: “lcADDSScenario3RDGWStackJ8EJ15FIION7RDGWLaunchConfigurationV5IIVLSV0EER”
},
“Tags”: [
{
“Key”: “Name”,
“Value”: “RDGW”,
“PropagateAtLaunch”: true
},
{
“PropagateAtLaunch”: true
}
],
“TerminationPolicies”: [
“Default”
]
}
},
“lcADDSScenario3RDGWStackJ8EJ15FIION7RDGWLaunchConfigurationV5IIVLSV0EER”: {
“Type”: “AWS::AutoScaling::LaunchConfiguration”,
“Properties”: {
“ImageId”: “ami-72525a11”,
“InstanceType”: “t2.micro”,
“KeyName”: “DinoStore”,
“InstanceMonitoring”: “true”,
“SecurityGroups”: [
{
“Ref”: “sgADDSScenario3ADStack1O583ZAM2TJE9DomainMemberSG1G28PCRLVT770”
},
{
“Ref”: “sgADDSScenario3RDGWStackJ8EJ15FIION7RemoteDesktopGatewaySGEZJMI4FF21DD”
}
],
“BlockDeviceMappings”: [
{
“DeviceName”: “/dev/sda1”,
“Ebs”: {
“VolumeSize”: 50
}
}
]
}
},
“s3cftemplates44semihxy3kmapsoutheast2”: {
“Type”: “AWS::S3::Bucket”,
“Properties”: {
“AccessControl”: “Private”,
“VersioningConfiguration”: {
“Status”: “Suspended”
}
}
},
“sgADDSScenario3ADStack1O583ZAM2TJE9DomainMemberSG1G28PCRLVT770”: {
“Type”: “AWS::EC2::SecurityGroup”,
“Properties”: {
“GroupDescription”: “Domain Members”,
“VpcId”: {
“Ref”: “vpc9075e6f4”
},
“Tags”: [
{
“Key”: “test”,
“Value”: “test”
}
]
}
},
“sgADDSScenario3RDGWStackJ8EJ15FIION7RemoteDesktopGatewaySGEZJMI4FF21DD”: {
“Type”: “AWS::EC2::SecurityGroup”,
“Properties”: {
“GroupDescription”: “Enable RDP access from the Internet”,
“VpcId”: {
“Ref”: “vpc9075e6f4”
},
“Tags”: [
{
“Key”: “test”,
“Value”: “test”
}
]
}
},
“acl1”: {
“Type”: “AWS::EC2::NetworkAclEntry”,
“Properties”: {
“CidrBlock”: “0.0.0.0/0”,
“Egress”: “true”,
“Protocol”: “-1”,
“RuleAction”: “allow”,
“RuleNumber”: “100”,
“NetworkAclId”: {
“Ref”: “acl89d889ed”
}
}
},
“acl2”: {
“Type”: “AWS::EC2::NetworkAclEntry”,
“Properties”: {
“CidrBlock”: “0.0.0.0/0”,
“Protocol”: “-1”,
“RuleAction”: “allow”,
“RuleNumber”: “100”,
“NetworkAclId”: {
“Ref”: “acl89d889ed”
}
}
},
“subnetacl1”: {
“Type”: “AWS::EC2::SubnetNetworkAclAssociation”,
“Properties”: {
“NetworkAclId”: {
“Ref”: “acl89d889ed”
},
“SubnetId”: {
“Ref”: “subnet66e0773f”
}
}
},
“subnetacl2”: {
“Type”: “AWS::EC2::SubnetNetworkAclAssociation”,
“Properties”: {
“NetworkAclId”: {
“Ref”: “acl89d889ed”
},
“SubnetId”: {
“Ref”: “subnet121b4576”
}
}
},
“subnetacl3”: {
“Type”: “AWS::EC2::SubnetNetworkAclAssociation”,
“Properties”: {
“NetworkAclId”: {
“Ref”: “acl89d889ed”
},
“SubnetId”: {
“Ref”: “subnet111b4575”
}
}
},
“subnetacl4”: {
“Type”: “AWS::EC2::SubnetNetworkAclAssociation”,
“Properties”: {
“NetworkAclId”: {
“Ref”: “acl89d889ed”
},
“SubnetId”: {
“Ref”: “subnet19e07740”
}
}
},
“gw1”: {
“Type”: “AWS::EC2::VPCGatewayAttachment”,
“Properties”: {
“VpcId”: {
“Ref”: “vpc9075e6f4”
},
“InternetGatewayId”: {
“Ref”: “igwd16371b4”
}
}
},

“subnetroute2”: {
“Type”: “AWS::EC2::SubnetRouteTableAssociation”,
“Properties”: {
“RouteTableId”: {
“Ref”: “rtb0d87a369”
},
“SubnetId”: {
“Ref”: “subnet19e07740”
}
}
},
“subnetroute3”: {
“Type”: “AWS::EC2::SubnetRouteTableAssociation”,
“Properties”: {
“RouteTableId”: {
“Ref”: “rtbe080a484”
},
“SubnetId”: {
“Ref”: “subnet121b4576”
}
}
},
“route1”: {
“Type”: “AWS::EC2::Route”,
“Properties”: {
“DestinationCidrBlock”: “10.128.0.0/12”,
“RouteTableId”: {
“Ref”: “rtbf685a192”
},
“GatewayId”: {
“Ref”: “igwd16371b4”
}
},
“DependsOn”: “gw1”
},
“route2”: {
“Type”: “AWS::EC2::Route”,
“Properties”: {
“DestinationCidrBlock”: “10.128.0.0/13”,
“RouteTableId”: {
“Ref”: “rtbe080a484”
},
“GatewayId”: {
“Ref”: “igwd16371b4”
}
},
“DependsOn”: “gw1”
},
“route3”: {
“Type”: “AWS::EC2::Route”,
“Properties”: {
“DestinationCidrBlock”: “10.128.0.0/14”,
“RouteTableId”: {
“Ref”: “rtbe080a484”
},
“GatewayId”: {
“Ref”: “igwd16371b4”
}
},
“DependsOn”: “gw1”
},
“dchpassoc1”: {
“Type”: “AWS::EC2::VPCDHCPOptionsAssociation”,
“Properties”: {
“VpcId”: {
“Ref”: “vpc9075e6f4”
},
“DhcpOptionsId”: {
“Ref”: “dopt6b3fe70f”
}
}
},
“ingress1”: {
“Type”: “AWS::EC2::SecurityGroupIngress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3ADStack1O583ZAM2TJE9DomainMemberSG1G28PCRLVT770”
},
“IpProtocol”: “udp”,
“FromPort”: “49152”,
“ToPort”: “65535”,
“CidrIp”: “10.0.32.0/19”
}
},
“ingress2”: {
“Type”: “AWS::EC2::SecurityGroupIngress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3ADStack1O583ZAM2TJE9DomainMemberSG1G28PCRLVT770”
},
“IpProtocol”: “udp”,
“FromPort”: “49152”,
“ToPort”: “65535”,
“CidrIp”: “10.0.0.0/19”
}
},
“ingress3”: {
“Type”: “AWS::EC2::SecurityGroupIngress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3ADStack1O583ZAM2TJE9DomainMemberSG1G28PCRLVT770”
},
“IpProtocol”: “tcp”,
“FromPort”: “49152”,
“ToPort”: “65535”,
“CidrIp”: “10.0.0.0/19”
}
},
“ingress4”: {
“Type”: “AWS::EC2::SecurityGroupIngress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3ADStack1O583ZAM2TJE9DomainMemberSG1G28PCRLVT770”
},
“IpProtocol”: “tcp”,
“FromPort”: “49152”,
“ToPort”: “65535”,
“CidrIp”: “10.0.32.0/19”
}
},
“ingress5”: {
“Type”: “AWS::EC2::SecurityGroupIngress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3ADStack1O583ZAM2TJE9DomainMemberSG1G28PCRLVT770”
},
“IpProtocol”: “udp”,
“FromPort”: “53”,
“ToPort”: “53”,
“CidrIp”: “10.0.0.0/19”
}
},
“ingress6”: {
“Type”: “AWS::EC2::SecurityGroupIngress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3ADStack1O583ZAM2TJE9DomainMemberSG1G28PCRLVT770”
},
“IpProtocol”: “udp”,
“FromPort”: “53”,
“ToPort”: “53”,
“CidrIp”: “10.0.32.0/19”
}
},
“ingress7”: {
“Type”: “AWS::EC2::SecurityGroupIngress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3ADStack1O583ZAM2TJE9DomainMemberSG1G28PCRLVT770”
},
“IpProtocol”: “tcp”,
“FromPort”: “53”,
“ToPort”: “53”,
“CidrIp”: “10.0.0.0/19”
}
},
“ingress8”: {
“Type”: “AWS::EC2::SecurityGroupIngress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3ADStack1O583ZAM2TJE9DomainMemberSG1G28PCRLVT770”
},
“IpProtocol”: “tcp”,
“FromPort”: “53”,
“ToPort”: “53”,
“CidrIp”: “10.0.32.0/19”
}
},
“ingress9”: {
“Type”: “AWS::EC2::SecurityGroupIngress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3ADStack1O583ZAM2TJE9DomainMemberSG1G28PCRLVT770”
},
“IpProtocol”: “tcp”,
“FromPort”: “3389”,
“ToPort”: “3389”,
“CidrIp”: “10.0.144.0/20”
}
},
“ingress10”: {
“Type”: “AWS::EC2::SecurityGroupIngress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3ADStack1O583ZAM2TJE9DomainMemberSG1G28PCRLVT770”
},
“IpProtocol”: “tcp”,
“FromPort”: “3389”,
“ToPort”: “3389”,
“CidrIp”: “10.0.128.0/20”
}
},
“ingress11”: {
“Type”: “AWS::EC2::SecurityGroupIngress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3ADStack1O583ZAM2TJE9DomainMemberSG1G28PCRLVT770”
},
“IpProtocol”: “tcp”,
“FromPort”: “5985”,
“ToPort”: “5985”,
“CidrIp”: “10.0.32.0/19”
}
},
“ingress12”: {
“Type”: “AWS::EC2::SecurityGroupIngress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3ADStack1O583ZAM2TJE9DomainMemberSG1G28PCRLVT770”
},
“IpProtocol”: “tcp”,
“FromPort”: “5985”,
“ToPort”: “5985”,
“CidrIp”: “10.0.0.0/19”
}
},
“ingress13”: {
“Type”: “AWS::EC2::SecurityGroupIngress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3RDGWStackJ8EJ15FIION7RemoteDesktopGatewaySGEZJMI4FF21DD”
},
“IpProtocol”: “tcp”,
“FromPort”: “3389”,
“ToPort”: “3389”,
“CidrIp”: “10.0.0.0/16”
}
},
“ingress14”: {
“Type”: “AWS::EC2::SecurityGroupIngress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3RDGWStackJ8EJ15FIION7RemoteDesktopGatewaySGEZJMI4FF21DD”
},
“IpProtocol”: “icmp”,
“FromPort”: “-1”,
“ToPort”: “-1”,
“CidrIp”: “10.0.0.0/16”
}
},
“egress1”: {
“Type”: “AWS::EC2::SecurityGroupEgress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3ADStack1O583ZAM2TJE9DomainMemberSG1G28PCRLVT770”
},
“IpProtocol”: “-1”,
“CidrIp”: “0.0.0.0/0”
}
},
“egress2”: {
“Type”: “AWS::EC2::SecurityGroupEgress”,
“Properties”: {
“GroupId”: {
“Ref”: “sgADDSScenario3RDGWStackJ8EJ15FIION7RemoteDesktopGatewaySGEZJMI4FF21DD”
},
“IpProtocol”: “-1”,
“CidrIp”: “0.0.0.0/0”
}
}
},
“Description”: “Scott’s Cloudformer template”
}

Assignment 4 post 5

Today I have made a lot of progress in terms of the assignment as I fixed the error I had with the destination cider block which was a totally different error which was:

cannot create a more specific route for 10.0.0.0/16 than local route 10.0.0.0/16 in route table rtb-89092fed

I just had to change the destination ciders to a different cider block and all different IP addresses so they don’t conflict with each other and the local route address as the local address was 10.0.0.0/16 so that why it wasn’t letting me use the cider address.

So the below code is what I basically have now for the routes but now I have come to another error which is Invalid IamInstanceProfile: AD-DS-Scenario-3-RDGWStack-J8EJ15FIION7-RDGWHostProfile-GQ7YTFXO0QMM.

Which I am going to fix tomorrow.

 "route1": {
      "Type": "AWS::EC2::Route",
      "Properties": {
        "DestinationCidrBlock": "10.0.0.0/12",
        "RouteTableId": {
          "Ref": "rtbf685a192"
        },
        "GatewayId": {
          "Ref": "igwd16371b4"
        }
      },
      "DependsOn": "gw1"
    },
    "route2": {
      "Type": "AWS::EC2::Route",
      "Properties": {
        "DestinationCidrBlock": "15.0.0.0/12",
		 "RouteTableId": {
          "Ref": "rtbe080a484"
        },
		 "GatewayId": {
          "Ref": "igwd16371b4"
        }
      },
      "DependsOn": "gw1"
    },
    "route3": {
      "Type": "AWS::EC2::Route",
      "Properties": {
	  "DestinationCidrBlock": "12.0.0.0/12",
        "RouteTableId": {
          "Ref": "rtbe080a484"
        },

Assignment 4 post 4

So today I basically fixed the first error I had with the routes which was the gateway which this was the fix.

Where I have changed the text to red is what I had to add as route 1 had this part in it when I created in cloudformer so that was why I had the error as it didn’t have the reference to the gateway ID and the depends on so I put that into the other route.

But now the new error is regarding the cider saying that it doesn’t exist.

 "route1": {
      "Type": "AWS::EC2::Route",
      "Properties": {
        "DestinationCidrBlock": "10.0.144.0/20",
        "RouteTableId": {
          "Ref": "rtbf685a192"
        },
        "GatewayId": {
          "Ref": "igwd16371b4"
        }
      },
      "DependsOn": "gw1"
    },
    "route2": {
      "Type": "AWS::EC2::Route",
      "Properties": {
        "DestinationCidrBlock": "10.0.0.0/19",
		 "RouteTableId": {
          "Ref": "rtbe080a484"
        },
		 "GatewayId": {
          "Ref": "igwd16371b4"
        }
      },
      "DependsOn": "gw1"
    },
    "route3": {
      "Type": "AWS::EC2::Route",
      "Properties": {
	  "DestinationCidrBlock": "10.0.0.0/24",
        "RouteTableId": {
          "Ref": "rtbe080a484"
        },
         "GatewayId": {
          "Ref": "igwd16371b4"
        }
      },
      "DependsOn": "gw1"
    },


Assignment 4 post 3

Today I continued on fixing my template today and with a little luck I noticed that there was another error that was causing the problem I was having with the route tables and this was the gateway address it depended on was missing from routes 2 to 5 with the error messages but this was before I gave up for the night as was stressing out a lot about these errors.

So the thing I was doing to try and fix this error was changing the destination cider block to the same cider but different IP ranges so for example 10.0.32.0/19 for one and 10.0.0.0/19 on the other but it keep saying that the cider wasn’t correct or the cider wasn’t the same as the local route destination.

Which this was the error: Exactly one of DestinationCidrBlock and DestinationIpv6CidrBlock must be specified and not empty so it wasn’t letting me have it empty or not the same probably empty.

Assignment 4 net template 14

Budget report week 12

This week I kind of had another big bill for the week which was the cause of EC2 basically as the stack was creating auto-scaling, load balancing, and non-free instance which was t2.large which is not covered by the free tier.

week 12 budget report w

From the graph above we can see that EC2-Instances is the highest again with it costing at $4.62 USD even though this is not a lot in the long run but I am nearly halfway through the credits. Then there is the RDS which was $2.86 USD. Then it was EC2 other at $2.13 which I don’t include in EC2 instances as it includes elastic IP and auto balance. Then lastly it was the key management service which was the usual amount of $0.23 USD.

week 12 budget report3

Then there is the forecast for next week which when I hovered over the bars they all estimated that it going to cost $0.65 USD for each day. But I have kind of been bad with reading the forecasting graph as can’t really understand the 80% and 95% confidence.

cloudwatch

Also, I wanted to show the history of the cloud watch alarms just to basically show that there have been no alarms triggered so that means that I haven’t got any emails yet.

 

Cloudformation assignment post 2

Today I tried to fix the route table errors but I didn’t end up getting it fixed as everything I tried it still keep erroring out with same code so I ended up just have a rest and then tried different approaches like changing the cider but still did the same thing that was when I decided to call it a day as my mind was getting stressed out as was mainly focusing on this.Assignment 4 net template 8

Assignment 4 net template 9.PNG

Week 11 budget report

Week 11 budget report

This week we have started on our assignment so this week I knew the bill was going to be around average as when I start an assignment it usually like that.

First off was the EC2 service which is the blue and green bar but I consider them different as they are for different parts of EC2. So for the blue which is under other is at $0.95 USD which is the highest for this week as it is using elastic IP for the stacks. Then there is the EC2 instance which is the green bar which was $0.91 so basically around the same for the EC2 others this is because the instance that the stack creates is not covered by the free tier.

Then the last one is the key management service the orange bar which is at $0.23 but what I noticed is that this service is always is this amount each week if you don’t use the keys so I kind of maybe expect that it will be the same next week.

Also, I have not had any alerts from my set up alerts which is kind of strange as I thought I would of less got one at least halfway through this course.