Task Overview You are required to design and implement a cloud-based network and storage solution using AWS Free Tier. Your solution must simulate a secure and scalable architecture for a hypothetical business
Practical Cloud Architecture Test – AWS VPC, Subnets, Routing & Secure S3 Storage Assessment 2
Learning Outcomes Assessed
LO2: Formulate business problems and recommend infrastructure solutions
LO3: Apply governance, compliance, and cloud management practices
LO5: Analyse security and risk management in the cloud context
Task Overview
You are required to design and implement a cloud-based network and storage solution using AWS Free Tier. Your solution must simulate a secure and scalable architecture for a hypothetical business deploying a small-scale web application.
Scenario
You’ve been hired by a startup to help design a basic web-hosting architecture that includes:
- A Virtual Private Cloud (VPC) with at least 2 subnets (public and private).
- Routing configuration for traffic between subnets and the internet.
- Secure S3 bucket setup for static file storage.
- Proper use of IAM policies or bucket policies to restrict access.
Do You Need Assessment 2 of This Question
Required Deliverables (PDF Report)
You must submit a document including:
1. Architecture Overview (Diagram + Description)
High-level diagram of your VPC setup including:
- VPC CIDR block
- Public and private subnets
- Internet Gateway and routing tables
- S3 Bucket and access flow
- Use Google Drawing, Lucidchart, or draw.io and paste/export into the report.
2. Configuration Steps & Screenshots
Screenshots of your actual AWS setup for:
- VPC creation
- Subnet setup
- Internet Gateway
- Routing Table config
- S3 Bucket setup
- S3 Bucket Policy or IAM Role applied
- Each screenshot must contain either your full name or student ID in the AWS resource name or tag.
3. Security & Access Explanation
- How does your configuration restrict unauthorized access?
- How would you secure traffic between subnets and to/from S3?
4. Reflection
- What challenges did you face during this test?
- How would you improve or expand this solution for a larger deployment?
Structure & Format
- Cover Page (Student name, ID, Unit, Date, Academic Integrity declaration)
- Architecture Overview
- Implementation Steps with Screenshots
- Security & Access Section
- Reflection
- References (APA 7) – if any documentation or sources are used
Marking Rubric
Criteria | Weight | HD (85–100%) | D (75–84%) | C (65–74%) | P (50–64%) | F (0–49%) |
VPC Configuration | 20% | VPC, CIDR, subnets, routes, and gateway clearly configured with zero errors | Complete VPC setup with minor miscon figurations | VPC setup mostly correct, | Basic VPC attempt, minimal explanation | No or incorrect |
S3 Configuration | 20% | Secure, functional S3 bucket with appropriate policy and clear evidence | S3 bucket created with basic access configuration | Functional S3, but lacks proper security controls | S3 bucket created | S3 missing |
Architecture Diagram & Design | 20% | Clear, labelled, and accurate architecture with components and flows | Mostly clear diagram, slight layout or label issues | Diagram present, basic structure correct | Weak diagram, hard to interpret | No or incorrect diagram |
Security & Policy Implementation | 15% | Policies well-applied, access explained in detail | Mostly good explanation of security measures | General description of access and roles | Weak security focus, vague terms | No e |
Reflection & Understanding | 15% | Insightful reflection, clear understanding of cloud design principles | Reasonable reflection, discusses some issues | Basic summary with some understanding | Surface-level or vague | No reflection or unclear responses |
Presentation & Submission Quality | 10% | Well-formatted, clear writing, all screenshots ID-tagged, submitted on time | Good formatting, all key parts included | Acceptable submission with minor format issues | Disorganised or poorly structured | Missing sections, unreadable or no ID in screenshots |