Practical Cloud Architecture Test – AWS VPC, Subnets, Routing & Secure S3 Storage Assessment 2
Learning Outcomes Assessed
LO2: Formulate business problems and recommend infrastructure solutions
LO3: Apply governance, compliance, and cloud management practices
LO5: Analyse security and risk management in the cloud context
Task Overview
You are required to design and implement a cloud-based network and storage solution using AWS Free Tier. Your solution must simulate a secure and scalable architecture for a hypothetical business deploying a small-scale web application.
Scenario
You’ve been hired by a startup to help design a basic web-hosting architecture that includes:
- A Virtual Private Cloud (VPC) with at least 2 subnets (public and private).
- Routing configuration for traffic between subnets and the internet.
- Secure S3 bucket setup for static file storage.
- Proper use of IAM policies or bucket policies to restrict access.
Do You Need Assessment 2 of This Question
Request to Buy Answer
Required Deliverables (PDF Report)
You must submit a document including:
1. Architecture Overview (Diagram + Description)
High-level diagram of your VPC setup including:
- VPC CIDR block
- Public and private subnets
- Internet Gateway and routing tables
- S3 Bucket and access flow
- Use Google Drawing, Lucidchart, or draw.io and paste/export into the report.
2. Configuration Steps & Screenshots
Screenshots of your actual AWS setup for:
- VPC creation
- Subnet setup
- Internet Gateway
- Routing Table config
- S3 Bucket setup
- S3 Bucket Policy or IAM Role applied
- Each screenshot must contain either your full name or student ID in the AWS resource name or tag.
3. Security & Access Explanation
- How does your configuration restrict unauthorized access?
- How would you secure traffic between subnets and to/from S3?
4. Reflection
- What challenges did you face during this test?
- How would you improve or expand this solution for a larger deployment?
Structure & Format
- Cover Page (Student name, ID, Unit, Date, Academic Integrity declaration)
- Architecture Overview
- Implementation Steps with Screenshots
- Security & Access Section
- Reflection
- References (APA 7) – if any documentation or sources are used
Marking Rubric
Criteria |
Weight |
HD (85–100%) |
D (75–84%) |
C (65–74%) |
P (50–64%) |
F (0–49%) |
VPC Configuration |
20% |
VPC, CIDR, subnets, routes, and gateway clearly configured with zero errors |
Complete VPC setup with minor miscon figurations |
VPC setup mostly correct, |
Basic VPC attempt, minimal explanation |
No or incorrect |
S3 Configuration |
20% |
Secure, functional S3 bucket with appropriate policy and clear evidence |
S3 bucket created with basic access configuration |
Functional S3, but lacks proper security controls |
S3 bucket created |
S3 missing |
Architecture Diagram & Design |
20% |
Clear, labelled, and accurate architecture with components and flows |
Mostly clear diagram, slight layout or label issues |
Diagram present, basic structure correct |
Weak diagram, hard to interpret |
No or incorrect diagram |
Security & Policy Implementation |
15% |
Policies well-applied, access explained in detail |
Mostly good explanation of security measures |
General description of access and roles |
Weak security focus, vague terms |
No e |
Reflection & Understanding |
15% |
Insightful reflection, clear understanding of cloud design principles |
Reasonable reflection, discusses some issues |
Basic summary with some understanding |
Surface-level or vague |
No reflection or unclear responses |
Presentation & Submission Quality |
10% |
Well-formatted, clear writing, all screenshots ID-tagged, submitted on time |
Good formatting, all key parts included |
Acceptable submission with minor format issues |
Disorganised or poorly structured |
Missing sections, unreadable or no ID in screenshots |