Overview
Once upon a time, Emperor Akbar organized a party in his palace. He invited all the cabinet members and subjects to the party. Everything was going well on the day of the party but suddenly a fight broke out between his cabinet members and the subjects at the entry gate.
When Emperor Akbar came to know about this, he immediately called Birbal (You) and asked you to investigate deeply and find a solution.
On further investigation, Birbal (You) found that the members of the cabinet and the subjects were entering through the same gate, and there was a sudden stampede at the entrance of the palace.
To solve this problem, Birbal (You) decided to use different entrances for cabinet members and subjects.
The emperor was very happy with this solution and ordered you to work on the solution immediately.
Challenge Progress
Task Status Possible Points Clue Deduction Points Total Earned
Completed! 20 0 20
Completed! 20 0 20
Completed! 20 0 20
Completed! 20 0 20
Total Points Earned: 80
Task 1: Create New Guard (Security Group) for the Entry Gate (ENI)
Possible Points: 20 Clue Penalty: 0 Points Earned: 20
Enter answer here
Completed!
Background
In this task, you are going to create new Guard (Security Group) for the New Entry Gate (ENI) of Palace.
Your Task
Create new Security Group in Kingdom VPC and it should allow TCP port 80 for all IPv4 addresses.
Inventory
EC2 - Security Group
Services you should use
EC2 - Security Group
Task Validation
After creating the new Security Group, enter the newly created Security Group’s ID in the above Input field to validate the task.
Task 2: Create New Entry Gate (ENI) for the Palace (EC2) and Assign the Guard (Security Group)
Possible Points: 20 Clue Penalty: 0 Points Earned: 20
Enter answer here
Completed!
Background
In this task, you are going to create new Entry Gate (ENI) in private subnet and assign the newly created Guard (Security Group) to the Entry Gate (ENI).
Your Task
Create a Network Interface in Kingdom VPC for Subnet “Palace Area (Private Subnet)” and attach newly create security group to this ENI.
Inventory
EC2 - Network Interfaces
Services you should use
EC2 - Network Interfaces
Task Validation
After creating the new ENI, enter the newly created ENI’s ID in the above Input field to validate the task.
Task 3: Attach the Newly Created Entry Gate (ENI) to the Palace (EC2)
Possible Points: 20 Clue Penalty: 0 Points Earned: 20
Completed!
Background
In this task, you are going to attach newly created Entry Gate (ENI) to the Palace (EC2).
Your Task
Attach the newly created ENI to “Palace” Instance.
Inventory
EC2 - Network Interfaces
Services you should use
EC2 - Network Interfaces
Task Validation
The task will complete once you correctly attach the ENI to Palace Instance.
Task 4: Modify the Responsibilities (Rules) of Old Guard (Security Group)
Possible Points: 20 Clue Penalty: 0 Points Earned: 20
Completed!
Background
In this task, you are going to modify the responsibilities (Allow only HTTPS access) of old Guard (Security Group) to maximize the security of Palace (EC2).
Your Task
Modify the “Gate 1 Guard (Security Group 1)” Security Group to allow traffic only on TCP port 443 from all IPv4 addresses.
Inventory
EC2 - Security Groups
Services you should use
EC2 - Security Groups
Task Validation
The task will complete once you correctly modify the “Gate 1 Guard” security group. So now single EC2 instance has two network interfaces. One interface is publicly accessible on port 443 and another is only accessible via private ip on port 80. We can use second interface for internal traffic or management purpose.
There is no need to explain. The topic is very clear. As long as you are not lazy, follow the steps