网络安全代写｜CSCI4145/5409: Network & Security

这是一个加拿大的网络与安全相关作业代写

This assignment will measure your understanding of some of the network and security
mechanisms of our cloud provider AWS. This assignment assures us that you have attended the
tutorials and learned about AWS VPC, RDS and Secrets Manager, or that you have found some
other way to learn these services.

• Learn the importance and role of Virtual Private Clouds in creating secure architectures
that maximize the principle of least privilege (i.e. if a server does not need to be publicly
reachable or have its traffic go across the Internet, then it should be behind some
protective measure)

• Learn how to implement a VPC on AWS

• Apply your learning by implementing one public facing service inside the VPC that is
accessible to the public internet

• Apply your learning by implementing one private service inside the VPC that is not
accessible to the public internet, used by the public facing service

• Learn to apply AWS security practices by using Secrets Manager to store private
information

• More experience working with AWS libraries that allow you to perform AWS operations

• More experience building REST APIs, and working with arrays in JSON

By now you have all learned that cloud computing can be tricky and complicated. You have
learned that provisioning IT resources correctly is complicated, and a small mistake can lead to
hours of debugging and searching for answers. I highly recommend that you start this
assignment early, and that you follow my tutorial so that you understand how to properly
provision everything. There is a link at the end of this document that is the AWS tutorial that I
followed in our tutorial on March 7th in Collaborate Ultra. This architecture will be too complex
for me to debug with you individually if you make mistakes. Proceed carefully and
meticulously.

You will build a web application with any language or framework you like, deployed on an EC2
instance behind a Virtual Private Cloud (VPC).

Your application running on EC2 will be public facing (accessible through the VPC’s gateway),
and listening to POST requests to /storestudents, and GET requests to /liststudents.

/storestudents will:

• Receive and parse a JSON body

• Connect to an AWS RDS database server running on a private subnet inside your VPC

• Insert one record into the students table in the database for each item in the students
array in the JSON body

• Return a status 200 code if everything works, or 400 and an error message if there is a
failure

/liststudents will:

• Connect to the AWS RDS database running on the private subnet inside your VPC

• Query the students table and return a list of all students to display in a browser. How
you display the student information is up to you, but it must be legible.

When you are finished the system will look and function like this: