Rename exercises dir

Name it instead "topics" so it won't be
strange if some topics included "exercises" directory.

topics/aws/exercises/access_advisor/exercise.md

@@ -0,0 +1,13 @@
+## AWS IAM - Access Advisor
+
+### Objectives
+
+Go to the Access Advisor and answer the following questions regarding one of the users:
+
+1. Are there services this user never accessed?
+2. What was the last service the user has accessed?
+3. What the Access Advisor is used/good for?
+
+## Solution
+
+Click [here to view to solution](solution.md)

topics/aws/exercises/access_advisor/solution.md

@@ -0,0 +1,18 @@
+## AWS IAM - Access Advisor
+
+### Objectives
+
+Go to the Access Advisor and answer the following questions regarding one of the users:
+
+1. Are there services this user never accessed?
+2. What was the last service the user has accessed?
+3. What the Access Advisor is used/good for?
+
+### Solution 
+
+1. Go to AWS IAM service and click on "Users" under "Access Management"
+2. Click on one of the users
+3. Click on the "Access Advisor" tab
+4. Check which service was last accessed and which was never accessed
+
+Access Advisor can be good to evaluate whether there are services the user is not accessing (as in never or not frequently). This can be help in deciding whether some permissions should be revoked or modified.

topics/aws/exercises/alb_multiple_target_groups/exercise.md

@@ -0,0 +1,15 @@
+## AWS ELB - ALB Multiple Target Groups
+
+### Requirements                   
+
+Two EC2 instances with a simple web application that shows the web page with the string "Hey, it's a me, `<HOSTNAME>`!"
+One EC2 instance with a simple web application that shows the web page with the string "Hey, it's only a test..." under the endpoint /test
+
+### Objectives
+
+1. Create an application load balancer for the two instances you have, with the following properties
+  1. healthy threshold: 3
+  2. unhealthy threshold: 3
+  3. interval: 10 seconds
+2. Create another target group for the third instance
+  1. Traffic should be forwarded to this group based on the "/test" path

topics/aws/exercises/alb_multiple_target_groups/solution.md

@@ -0,0 +1,44 @@
+## AWS ELB - ALB Multiple Target Groups
+
+### Requirements                   
+
+Two EC2 instances with a simple web application that shows the web page with the string "Hey, it's a me, `<HOSTNAME>`!"
+One EC2 instance with a simple web application that shows the web page with the string "Hey, it's only a test..." under the endpoint /test
+
+### Objectives
+
+1. Create an application load balancer for the two instances you have, with the following properties
+  1. healthy threshold: 3
+  2. unhealthy threshold: 3
+  3. interval: 10 seconds
+2. Create another target group for the third instance
+  1. Traffic should be forwarded to this group based on the "/test" path
+
+### Solution
+
+#### Console
+
+1. Go to EC2 service
+2. Click in the left side menu on "Load balancers" under "Load balancing"
+3. Click on "Create load balancer"
+4. Choose "Application Load Balancer"
+5. Insert a name for the LB
+6. Choose an AZ where you want the LB to operate
+7. Choose a security group
+8. Under "Listeners and routing" click on "Create target group" and choose "Instances"
+  1. Provide a name for the target group
+  2. Set healthy threshold to 3
+  3. Set unhealthy threshold to 3
+  4. Set interval to 10 seconds
+  5. Click on "Next" and choose two out of three instances you've created
+  6. Click on "Create target group"
+9. Refresh target groups and choose the one you've just created
+10. Click on "Create load balancer" and wait for it to be provisioned
+
+11. In the left side menu click on "Target Groups" under "Load Balancing"
+12. Click on "Create target group"
+13. Set it with the same properties as previous target group but this time, add the third instance that you didn't include in the previous target group
+14. Go back to your ALB and under "Listeners" click on "Edit rules" under your current listener
+  1. Add a rule where if the path is "/test" then traffic should be forwarded to the second target group you've created
+  2. Click on "Save"
+15. Test it by going to the browser, insert the address and add "/test" to the address

topics/aws/exercises/app_load_balancer/exercise.md

@@ -0,0 +1,13 @@
+## AWS ELB - Application Load Balancer 
+
+### Requirements                   
+
+Two EC2 instances with a simple web application that shows the web page with the string "Hey, it's a me, `<HOSTNAME>`!"
+
+### Objectives                     
+
+1. Create an application load balancer for the two instances you have, with the following properties
+  1. healthy threshold: 3
+  2. unhealthy threshold: 3
+  3. interval: 10 seconds
+2. Verify load balancer is working  (= you get reply from both instances at different times)

topics/aws/exercises/app_load_balancer/solution.md

@@ -0,0 +1,35 @@
+## AWS ELB - Application Load Balancer 
+
+### Requirements
+
+Two EC2 instances with a simple web application that shows the web page with the string "Hey, it's a me, `<HOSTNAME>`!"
+
+### Objectives
+
+1. Create an application load balancer for the two instances you have, with the following properties
+  1. healthy threshold: 3
+  2. unhealthy threshold: 3
+  3. interval: 10 seconds
+2. Verify load balancer is working  (= you get reply from both instances at different times)
+
+### Solution
+
+#### Console
+
+1. Go to EC2 service
+2. Click in the left side menu on "Load balancers" under "Load balancing"
+3. Click on "Create load balancer"
+4. Choose "Application Load Balancer"
+5. Insert a name for the LB
+6. Choose an AZ where you want the LB to operate
+7. Choose a security group
+8. Under "Listeners and routing" click on "Create target group" and choose "Instances"
+  1. Provide a name for the target group
+  2. Set healthy threshold to 3
+  3. Set unhealthy threshold to 3
+  4. Set interval to 10 seconds
+  5. Click on "Next" and choose the two of the instances you've created
+  6. Click on "Create target group"
+9. Refresh target groups and choose the one you've just created
+10. Click on "Create load balancer" and wait for it to be provisioned
+11. Copy DNS address and paste it in the browser. If you refresh, you should see different message based on the instance where the traffic was routed to

topics/aws/exercises/asg_dynamic_scaling_policy/exercise.md

@@ -0,0 +1,16 @@
+## AWS Auto Scaling Groups - Dynamic Scaling Policy
+
+### Requirements
+
+1. Existing Auto Scaling Group with maximum capacity set to at least 3
+2. One running EC2 instance with max of 4 CPUs
+
+### Objectives
+
+1. Create a dynamic scaling policy with the following properties
+  1. Track average CPU utilization
+  2. Target value should be 70%
+2. Increase the CPU utilization to at least 70%
+  1. Do you see change in number of instances?
+1. Decrease CPU utilization to less than 70%
+  1. Do you see change in number of instances?

topics/aws/exercises/asg_dynamic_scaling_policy/solution.md

@@ -0,0 +1,37 @@
+## AWS Auto Scaling Groups - Dynamic Scaling Policy
+
+### Requirements
+
+1. Existing Auto Scaling Group with maximum capacity set to at least 3
+2. One running EC2 instance with max of 4 CPUs
+
+### Objectives
+
+1. Create a dynamic scaling policy with the following properties
+  1. Track average CPU utilization
+  2. Target value should be 70%
+2. Increase the CPU utilization to at least 70%
+  1. Do you see change in number of instances?
+1. Decrease CPU utilization to less than 70%
+  1. Do you see change in number of instances?
+
+### Solution
+
+#### Console
+
+1. Go to EC2 service -> Auto Scaling Groups and click on the tab "Automating scaling"
+2. Choose "Target tracking scaling" under "Policy Type"
+3. Set metric type to Average CPU utilization
+4. Set target value to 70% and click on "Create"
+
+1. If you are using Amazon Linux 2, you can stress the instance with the following:
+
+```
+sudo amazon-linux-extras install epel -y
+sudo yum install stress -y
+stress -c 4  # assuming you have 4 CPUs
+```
+2. Yes, additional EC2 instance was added
+
+1. Simply stop the stress command
+2. Yes, one of the EC2 instances was terminated

topics/aws/exercises/aurora_db/exercise.md

@@ -0,0 +1,14 @@
+## AWS Databases - Aurora DB
+
+### Objectives
+
+1. Create an Aurora database with the following properties
+  * Edition: MySQL
+  * Instance type: db.t3.small
+  * A reader node in a different AZ
+  * Public access should be enabled
+  * Port should be set to 3306
+  * DB name: 'db'
+  * Backup retention: 10 days
+
+2. How many instances does your DB cluster has?

topics/aws/exercises/aurora_db/solution.md

@@ -0,0 +1,37 @@
+## AWS Databases - Aurora DB
+
+### Objectives
+
+1. Create an Aurora database with the following properties
+  * Edition: MySQL
+  * Instance type: db.t3.small
+  * A reader node in a different AZ
+  * Public access should be enabled
+  * Port should be set to 3306
+  * DB name: 'db'
+  * Backup retention: 10 days
+
+2. How many instances does your DB cluster has?
+
+### Solution
+
+#### Console
+
+1. Go to RDS service
+2. Click on "Databases" in the left side menu and click on the "Create database" button
+3. Choose "standard create"
+4. Choose "Aurora DB"
+5. Choose "MySQL" edition and "Provisioned" as capacity type
+6. Choose "single-master"
+7. Specify Credentials (master username and password)
+8. Choose DB instance type: Burstable classes, db.t3.small
+9. Choose "Create an Aurora Replica or Reader node in a different AZ"
+10. Choose a default VPC and subnet
+11. Check "Yes" for public access
+12. Database port should be 3306
+13. For authentication, choose "Password and IAM database authentication"
+14. Set initial database name as "db"
+15. Increase backup retention period to 10 days
+16. Click on "Create database" button
+
+1. Two instances - one reader and one writer

topics/aws/exercises/auto_scaling_groups_basics/exercise.md

@@ -0,0 +1,21 @@
+## AWS Auto Scaling Groups - Basics
+
+### Requirements
+
+Zero EC2 instances running
+
+### Objectives
+
+A. Create a scaling group for web servers with the following properties:
+  * Amazon Linux 2 AMI
+  * t2.micro as the instance type
+  * user data:
+```
+yum install -y httpd
+systemctl start httpd
+systemctl enable httpd
+```
+
+B. Were new instances created since you created the auto scaling group? How many? Why?
+C. Change desired capacity to 2. Did it launch more instances?
+D. Change back the desired capacity to 1. What is the result of this action?

topics/aws/exercises/auto_scaling_groups_basics/solution.md

@@ -0,0 +1,48 @@
+## AWS Auto Scaling Groups - Basics
+
+### Requirements
+
+Zero EC2 instances running
+
+### Objectives
+
+A. Create a scaling group for web servers with the following properties:
+  * Amazon Linux 2 AMI
+  * t2.micro as the instance type
+  * user data:
+```
+yum install -y httpd
+systemctl start httpd
+systemctl enable httpd
+```
+
+B. Were new instances created since you created the auto scaling group? How many? Why?
+C. Change desired capacity to 2. Did it launch more instances?
+D. Change back the desired capacity to 1. What is the result of this action?
+
+### Solution
+
+#### Console
+
+A.
+1. Go to EC2 service
+2. Click on "Auto Scaling Groups" under "Auto Scaling"
+3. Click on "Create Auto Scaling Group"
+4. Insert a name
+5. Click on "Create a launch template"
+  1. Insert a name and a version for the template
+  2. Select an AMI to use (Amazon Linux 2)
+  3. Select t2.micro instance type
+  4. Select a key pair
+  5. Attach a security group
+  6. Under "Advanced" insert the user data
+  7. Click on "Create"
+6. Choose the launch template you've just created and click on "Next"
+7. Choose "Adhere to launch template"
+8. Choose in which AZs to launch and click on "Next"
+9. Link it to ALB (if you don't have one, create it)
+10. Mark ELB health check in addition to EC2. Click on "Next" until you reach the review page and click on "Create auto scaling group"
+
+B. One instance was launched to met the criteria of the auto scaling group we've created. The reason it launched only one is due to "Desired capacity" set to 1.
+C. Change it by going to your auto scaling group -> Details -> Edit -> "2 desired capacity". This should create another instance if only one is running
+D. Reducing desired capacity back to 1 will terminate one of the instances (assuming 2 are running).

topics/aws/exercises/budget_setup/exercise.md

@@ -0,0 +1,5 @@
+## AWS - Budget Setup
+
+### Objectives
+
+Setup a cost budget in your AWS account based on your needs.

topics/aws/exercises/budget_setup/solution.md

@@ -0,0 +1,18 @@
+## AWS - Budget Setup
+
+### Objectives
+
+Setup a cost budget in your AWS account based on your needs.
+
+### Solution
+
+1. Go to "Billing"
+2. Click on "Budgets" in the menu
+3. Click on "Create a budget"
+4. Choose "Cost Budget" and click on "Next"
+5. Choose the values that work for you. For example, recurring monthly budget with a specific amount
+6. Insert a budget name and Click on "Next" 
+7. Set up an alert but clicking on "Add an alert threshold"
+  1. Set a threshold (e.g. 75% of budgeted amount)
+  2. Set an email where a notification will be sent
+8. Click on "Next" until you can click on "Create a budget"

topics/aws/exercises/create_ami/exercise.md

@@ -0,0 +1,11 @@
+## EC2 - Create an AMI
+
+### Requirements
+
+One running EC2 instance
+
+### Objectives
+
+1. Make some changes in the operating system of your instance (create files, modify files, ...)
+2. Create an AMI image from running EC2 instance
+3. Launch a new instance using the custom AMI you've created

topics/aws/exercises/create_ami/solution.md

@@ -0,0 +1,20 @@
+## EC2 - Create an AMI
+
+### Requirements
+
+One running EC2 instance
+
+### Objectives
+
+1. Make some changes in the operating system of your instance (create files, modify files, ...)
+2. Create an AMI image from running EC2 instance
+3. Launch a new instance using the custom AMI you've created
+
+### Solution
+
+1. Connect to your EC2 instance (ssh, console, ...)
+2. Make some changes in the operating system
+3. Go to EC2 service
+4. Right click on the instance where you made some changes -> Image and templates ->  Create image
+5. Give the image a name and click on "Create image"
+6. Launch new instance and choose the image you've just created

topics/aws/exercises/create_efs/exercise.md

@@ -0,0 +1,12 @@
+## AWS - Create EFS
+ 
+### Requirements
+
+Two EC2 instances in different availability zones
+
+### Objectives
+
+1. Create an EFS with the following properties
+  1. Set lifecycle management to 60 days
+  2. The mode should match a use case of scaling to high levels of throughput and I/O operations per second
+2. Mount the EFS in both of your EC2 instances

topics/aws/exercises/create_efs/solution.md

@@ -0,0 +1,27 @@
+## AWS - Create EFS
+ 
+### Requirements
+
+Two EC2 instances in different availability zones
+
+### Objectives
+
+1. Create an EFS with the following properties
+  1. Set lifecycle management to 60 days
+  2. The mode should match a use case of scaling to high levels of throughput and I/O operations per second
+2. Mount the EFS in both of your EC2 instances
+ 
+### Solution
+ 
+1. Go to EFS console
+2. Click on "Create file system"
+3. Create on "customize"
+  1. Set lifecycle management to "60 days since last access"
+  2. Set Performance mode to "MAX I/O" due to the requirement of "Scaling to high levels of throughput"
+  3. Click on "Next"
+  4. Choose security group to attach (if you don't have any, create one and make sure it has a rule to allow NFS traffic) and click on "Next" until you are able to review and create it
+5. SSH into your EC2 instances
+  1. Run `sudo yum install -y amazon-efs-utils`
+  2. Run `mkdir efs`
+  3. If you go to your EFS page and click on "Attach", you can see what ways are there to mount your EFS on your instancess
+    1. The command to mount the EFS should be similar to `sudo mount -t efs -o tls <EFS name>:/ efs` - copy and paste it in your ec2 instance's OS

topics/aws/exercises/create_role/exercise.md

@@ -0,0 +1,16 @@
+## AWS - Create a Role
+
+### Objectives
+
+Create a basic role to provide EC2 service with Full IAM access permissions.<br>
+In the end, run from the CLI (or CloudShell) the command to verify the role was created.
+
+### Solution
+
+1. Go to AWS console -> IAM
+2. Click in the left side menu on "Access Manamgement" -> Roles
+3. Click on "Create role"
+3. Choose "AWS service" as the type of trusted entity and then choose "EC2" as a use case. Click on "Next"
+4. In permissions page, check "IAMFullAccess" and click on "Next" until you get to "Review" page
+5. In the "Review" page, give the role a name (e.g. IAMFullAcessEC2), provide a short description and click on "Create role"
+6. `aws iam list-roles` will list all the roles in the account, including the one we've just created.

topics/aws/exercises/create_role/solution.md

@@ -0,0 +1,16 @@
+## AWS - Create a Role
+
+### Objectives
+
+Create a basic role to provide EC2 service with Full IAM access permissions.<br>
+In the end, run from the CLI (or CloudShell) the command to verify the role was created.
+
+### Solution
+
+1. Go to AWS console -> IAM
+2. Click in the left side menu on "Access Manamgement" -> Roles
+3. Click on "Create role"
+3. Choose "AWS service" as the type of trusted entity and then choose "EC2" as a use case. Click on "Next"
+4. In permissions page, check "IAMFullAccess" and click on "Next" until you get to "Review" page
+5. In the "Review" page, give the role a name (e.g. IAMFullAcessEC2), provide a short description and click on "Create role"
+6. `aws iam list-roles` will list all the roles in the account, including the one we've just created.

topics/aws/exercises/create_spot_instances/exercise.md

@@ -0,0 +1,9 @@
+## AWS EC2 - Spot Instances                                                                                                                                                  
+### Objectives             
+
+A. Create two Spot instances using a Spot Request with the following properties:
+
+* Amazon Linux 2 AMI
+* 2 instances as target capacity (at any given point of time) while each one has 2 vCPUs and 3 GiB RAM
+
+B. Create a single Spot instance using Amazon Linux 2 and t2.micro

topics/aws/exercises/create_spot_instances/solution.md

@@ -0,0 +1,35 @@
+## AWS EC2 - Spot Instances                                                                                                                                                  
+### Objectives             
+
+A. Create two Spot instances using a Spot Request with the following properties:
+
+* Amazon Linux 2 AMI
+* 2 instances as target capacity (at any given point of time) while each one has 2 vCPUs and 3 GiB RAM
+
+B. Create a single Spot instance using Amazon Linux 2 and t2.micro
+
+### Solution               
+
+A. Create Spot Fleets:
+
+1. Go to EC2 service
+2. Click on "Spot Requests"
+3. Click on "Request Spot Instances" button
+4. Set the following values for parameters:
+  * Amazon Linux 2 AMI
+  * Total target capacity -> 2
+  * Check "Maintain target capacity"
+  * vCPUs: 2
+  * Memory: 3 GiB RAM
+5. Click on Launch
+
+B. Create a single Spot instance:
+
+1. Go to EC2 service
+2. Click on "Instances"
+3. Click on "Launch Instances"
+4. Choose "Amazon Linux 2 AMI" and click on "Next"
+5. Choose t2.micro and click on "Next: Configure Instance Details"
+6. Select "Request Spot instances" 
+7. Set Maximum price above current price
+8. Click on "Review and Launch"

topics/aws/exercises/create_user/exercise.md

@@ -0,0 +1,9 @@
+## IAM AWS - Create a User
+
+### Objectives
+
+As you probably know at this point, it's not recommended to work with the root account in AWS. For this reason you are going to create a new account which you'll use regularly as the admin account.
+
+1. Create a user with password credentials
+2. Add the newly created user to a group called "admin" and attach to it the policy called "Administrator Access"
+3. Make sure the user has a tag called with the key `Role` and the value `DevOps`

topics/aws/exercises/create_user/solution.md

@@ -0,0 +1,25 @@
+## IAM AWS - Create a User
+
+### Objectives
+
+As you probably know at this point, it's not recommended to work with the root account in AWS. For this reason you are going to create a new account which you'll use regularly as the admin account.
+
+1. Create a user with password credentials
+2. Add the newly created user to a group called "admin" and attach to it the policy called "Administrator Access"
+3. Make sure the user has a tag called with the key `Role` and the value `DevOps`
+
+
+### Solution
+
+1. Go to the AWS IAM service
+2. Click on "Users" in the right side menu (right under "Access Management")
+3. Click on the button "Add users"
+4. Insert the user name (e.g. mario)
+5. Select the credential type: "Password"
+6. Set console password to custom and click on "Next"
+7. Click on "Add user to group"
+8. Insert "admin" as group name
+9. Check the "AdministratorAccess" policy and click on "Create group"
+10. Click on "Next: Tags"
+11. Add a tag with the key `Role` and the value `DevOps`
+12. Click on "Review" and then create on "Create user"

topics/aws/exercises/creating_records/exercise.md

@@ -0,0 +1,14 @@
+## AWS Route 53 - Creating Records
+
+### Requirements
+
+At least one registered domain
+
+### Objectives
+
+1. Create the following record for your domain:
+  1. Record name: foo
+  2. Record type: A
+  3. Set some IP in the value field
+
+2. Verify from the shell that you are able to use the record you've created to lookup for the IP address by using the domain name

topics/aws/exercises/creating_records/solution.md

@@ -0,0 +1,26 @@
+## AWS Route 53 - Creating Records
+
+### Requirements
+
+At least one registered domain
+
+### Objectives
+
+1. Create the following record for your domain:
+  1. Record name: foo
+  2. Record type: A
+  3. Set some IP in the value field
+
+2. Verify from the shell that you are able to use the record you've created to lookup for the IP address by using the domain name
+
+### Solution
+
+1. Go to Route 53 service -> Hosted zones
+2. Click on your domain name
+3. Click on "Create record"
+4. Insert "foo" in "Record name"
+5. Set "Record type" to A
+6. In "Value" insert "201.7.20.22"
+7. Click on "Create records"
+
+1. In your shell, type `nslookup foo.<YOUR DOMAIN>` or `dig foo.<YOUR NAME`

topics/aws/exercises/credential_report/exercise.md

@@ -0,0 +1,9 @@
+## AWS - Credential Report
+
+### Objectives
+
+1. Create/Download a credential report
+2. Answer the following questions based on the report:
+  1. Are there users with MFA not activated?
+  2. Are there users with password enabled that didn't 
+3. Explain the use case for using the credential report

topics/aws/exercises/credential_report/solution.md

@@ -0,0 +1,18 @@
+## AWS - Credential Report
+
+### Objectives
+
+1. Create/Download a credential report
+2. Answer the following questions based on the report:
+  1. Are there users with MFA not activated?
+  2. Are there users with password enabled that didn't 
+3. Explain the use case for using the credential report
+
+### Solution
+
+1. Go to the AWS IAM service
+2. Under "Access Reports" click on "Credential report"
+3. Click on "Download Report" and open it once it's downloaded
+4. Answer the questions in this exercises by inspecting the report
+
+The credential report is useful to identify whether there any users who need assistance or attention in regards to their security. For example a user who didn't change his password for a long time and didn't activate MFA.

topics/aws/exercises/ebs_volume_creation/exercise.md

@@ -0,0 +1,13 @@
+## AWS EC2 - EBS Volume Creation
+
+### Requirements
+
+One EC2 instance that you can get rid of :)
+
+### Objectives
+
+1. Create a volume in the same AZ as your instance, with the following properties:
+  1. gp2 volume type
+  2. 4 GiB size
+2. Once created, attach it to your EC2 instance
+3. Remove your EC2 instance. What happened to the EBS volumes attached to the EC2 instance?

topics/aws/exercises/ebs_volume_creation/solution.md

@@ -0,0 +1,29 @@
+## AWS EC2 - EBS Volume Creation
+
+### Requirements
+
+One EC2 instance that you can get rid of :)
+
+### Objectives
+
+1. Create a volume in the same AZ as your instance, with the following properties:
+  1. gp2 volume type
+  2. 4 GiB size
+2. Once created, attach it to your EC2 instance
+3. Remove your EC2 instance. What happened to the EBS volumes attached to the EC2 instance?
+
+### Solution
+
+1. Go to EC2 service
+2. Click on "Volumes" under "Elastic Block Store"
+3. Click on "Create Volume"
+4. Select the following properties 
+  1. gp2 volume type
+  2. 4 GiB size
+  3. The same AZ as your instance
+5. Click on "Create volume"
+6. Right click on the volume you've just created -> attach volume -> choose your EC2 instance and click on "Attach"
+7. Terminate your instance
+8. The default EBS volume (created when you launched the instance for the first time) will be deleted (unless you didn't check "Delete on termination"), but the volume you've created as part of this exercise, will remain
+
+Note: don't forget to remove the EBS volume you've created in this exercise

topics/aws/exercises/ec2_iam_roles/exercise.md

@@ -0,0 +1,11 @@
+## AWS EC2 - IAM Roles
+ 
+### Requirements
+ 
+1. Running EC2 instance without any IAM roles (so you if you connect the instance and try to run AWS commands, it fails)
+2. IAM role with "IAMReadOnlyAccess" policy
+ 
+### Objectives
+
+1. Attach a role (and if such role doesn't exists, create it) with "IAMReadOnlyAccess" policy to the EC2 instance
+2. Verify you can run AWS commands in the instance

topics/aws/exercises/ec2_iam_roles/solution.md

@@ -0,0 +1,21 @@
+## AWS EC2 - IAM Roles
+ 
+### Requirements
+ 
+1. Running EC2 instance without any IAM roles (so you if you connect the instance and try to run AWS commands, it fails)
+2. IAM role with "IAMReadOnlyAccess" policy
+ 
+### Objectives
+
+1. Attach a role (and if such role doesn't exists, create it) with "IAMReadOnlyAccess" policy to the EC2 instance
+2. Verify you can run AWS commands in the instance
+ 
+### Solution
+
+#### Console
+
+1. Go to EC2 service
+2. Click on the instance to which you would like to attach the IAM role
+3. Click on "Actions" -> "Security" -> "Modify IAM Role" 
+4. Choose the IAM role with "IAMReadOnlyAccess" policy and click on "Save"
+5. Running AWS commands now in the instance should work fine (e.g. `aws iam list-users`)

topics/aws/exercises/ecs_task/exercise.md

@@ -0,0 +1,9 @@
+## AWS Containers - Run Tasks
+
+Note: this costs money
+
+### Objectives
+
+Create a task in ECS to launch in Fargate.
+
+The task itself can be a sample app.

topics/aws/exercises/ecs_task/solution.md

@@ -0,0 +1,26 @@
+## AWS Containers - Run Tasks
+
+Note: this costs money
+
+### Objectives
+
+Create a task in ECS to launch in Fargate.
+
+The task itself can be a sample app.
+
+### Solution
+
+#### Console
+
+1. Go to Elastic Container Service page
+2. Click on "Get Started"
+3. Choose "sample-app"
+4. Verify it's using Farget and not ECS (EC2 Instance) and click on "Next"
+5. Select "None" in Load balancer type and click on "Next"
+6. Insert cluster name (e.g. my_cluster) and click on "Next"
+7. Review everything and click on "Create"
+8. Wait for everything to complete
+
+1. Go to clusters page and check the status of the task (it will take a couple of seconds/minutes before changing to "Running")
+
+1. Click on the task and you'll see the launch type is Fargate

topics/aws/exercises/elastic_beanstalk_simple/exercise.md

@@ -0,0 +1,18 @@
+## AWS Elastic Beanstalk - Node.js
+
+### Requirements
+ 
+1. Having a running node.js application on AWS Elastic Beanstalk platform
+ 
+### Objectives
+
+1. Create an AWS Elastic Beanstalk application with the basic properties
+a. No ALB, No Database, Just use the default platform settings
+
+### Out of scope
+
+1. Having ALB attached in place
+2. Having custom domain name in place
+3. Having automated pipelines in place
+4. Having blue-green deployment in place
+5. Writing the Node.js application

topics/aws/exercises/elastic_beanstalk_simple/solution.md

@@ -0,0 +1,52 @@
+## AWS Elastic Beanstalk - Node.js
+
+### Prerequisites
+1. make sure the node.js application has a _npm start_ command specified in the __package.json__ file like the following example
+```
+{
+
+  "name": "application-name",
+  "version": "0.0.1",
+  "private": true,
+  "scripts": {
+    "start": "node app"
+  },
+  "dependencies": {
+    "express": "3.1.0",
+    "jade": "*",
+    "mysql": "*",
+    "async": "*",
+    "node-uuid": "*"
+} 
+```
+2. zip the application, and make sure to not zip the parent folder, only the files together, like:
+
+```
+\Parent - (exclude the folder itself from the the zip)
+- file1 - (include in zip)
+- subfolder1 (include in zip)
+- file2 (include in zip)
+- file3 (include in zip)
+```
+
+### Solution
+
+1. Create a "New Environment"
+2. Select Environment => _Web Server Environment_
+3. Fill the Create a web server environment section
+a. Fill the "Application Name"
+4. Fill the Environment information section
+a. Fill the "Environment Name"
+b. Domain - "Leave for autogenerated value"
+5. Platform
+a. Choose Platform => _node.js_
+6. Application Code => upload the Zipped Code from your local computer
+7. Create Environment
+8. Wait for the environment to come up
+9. Check the website
+a. Navigate to the _Applications_ tab, 
+b. select the recently created node.js app
+c. click on the URL - highlighted
+
+### Documentation
+[Elastic Beanstalk / Node.js getting started](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/nodejs-getstarted.html)

topics/aws/exercises/elastic_ip/exercise.md

@@ -0,0 +1,10 @@
+## AWS EC2 - Elastic IP
+
+### Requirements
+
+* An EC2 instance with public IP (not elastic IP)
+
+### Objectives
+
+1. Write down the public IP of your EC2 instance somewhere and stop & start the instance. Does the public IP address is the same? why?
+2. Handle this situation so you have the same public IP even after stopping and starting the instance

topics/aws/exercises/elastic_ip/solution.md

@@ -0,0 +1,28 @@
+## AWS EC2 - Elastic IP
+
+### Requirements
+
+* An EC2 instance with public IP (not elastic IP)
+
+### Objectives
+
+1. Write down the public IP of your EC2 instance somewhere and stop & start the instance. Does the public IP address is the same? why?
+2. Handle this situation so you have the same public IP even after stopping and starting the instance
+
+### Solution
+
+1. Go to EC2 service -> Instances
+  1. Write down current public IP address
+  2. Click on "Instance state" -> Stop instance -> Stop
+  3. Click on "Instance state" -> Start Instance
+  4. Yes, the public IP address has changed
+2. Let's use an Elastic IP address
+  1. In EC2 service, under "Network & Security" click on "Elastic IP"
+  2. Click on the "Allocate elastic IP address" button
+  3. Make sure you select "Amazon's pool of IPv4 addresses" and click on "Allocate"
+  4. Click on "Actions" and then "Associate Elastic IP address"
+    1. Select "instance", choose your instance and provide its private IP address
+    2. Click on "Associate"
+  5. Now, if we go back to the instance page, we can see it is using the Elastic IP address as its public IP
+
+Note: to remove it, use "disassociate" option and don't forget to also release it so you won't be billed.

topics/aws/exercises/elastic_network_interfaces/exercise.md

@@ -0,0 +1,10 @@
+## AWS EC2 - Elastic Network Interfaces
+
+### Requirements
+
+* An EC2 instance with network interface
+
+### Objectives
+
+A. Create a network interface and attach it to the EC2 instance that already has one network interface
+B. Explain why would anyone use two network interfaces

topics/aws/exercises/elastic_network_interfaces/solution.md

@@ -0,0 +1,25 @@
+## AWS EC2 - Elastic Network Interfaces
+
+### Requirements
+
+* An EC2 instance with network interface
+
+### Objectives
+
+A. Create a network interface and attach it to the EC2 instance that already has one network interface
+B. Explain why would anyone use two network interfaces
+
+### Solution
+
+A.
+1. Go to EC2 service
+2. Click on "Network Interfaces" under "Network & Security"
+3. Click on "Create network interface"
+4. Provide a description
+5. Choose a subnet (one that is in the AZ as the instance)
+6. Optionally attach a security group and click on "Create network interface"
+7. Click on "Actions" -> "Attach" and choose the instance to attach it to
+8. If you go now to "Instances" page you'll see your instance has two network interfaces
+
+B.
+1. You can move the second network interface between instances. This allows us to create kind of a failover mechanism between the instances.

topics/aws/exercises/elasticache/exercise.md

@@ -0,0 +1,7 @@
+## AWS ElastiCache
+
+### Objectives
+
+1. Create ElastiCache Redis
+  * Instance type should be "cache.t2.micro"
+  * Replicas should be 0

topics/aws/exercises/elasticache/solution.md

@@ -0,0 +1,20 @@
+## AWS ElastiCache
+
+### Objectives
+
+1. Create ElastiCache Redis
+  * Instance type should be "cache.t2.micro"
+  * Replicas should be 0
+
+### Solution
+
+#### Console
+
+1. Go to ElastiCache service
+2. Click on "Get Started Now"
+3. Choose "Redis"
+4. Insert a name and description
+5. Choose "cache.t2.micro" an node type
+6. Set number of replicas to 0
+7. Create new subnet group
+8. Click on "Create"

topics/aws/exercises/health_checks/exercise.md

@@ -0,0 +1,14 @@
+## AWS Route 53 - Health Checks
+
+## Requirements
+
+3 web instances in different AZs.
+
+## Objectives 
+
+1. For each instance create a health checks with the following properties:
+  1. Name it after the AZ where the instance resides
+  2. Failure threshold should be 5
+
+2. Edit the security group of one of your instances and remove HTTP rules.
+  1. Did it change the status of the health check?

topics/aws/exercises/health_checks/solution.md

@@ -0,0 +1,33 @@
+## AWS Route 53 - Health Checks
+
+## Requirements
+
+3 web instances in different AZs.
+
+## Objectives 
+
+1. For each instance create a health checks with the following properties:
+  1. Name it after the AZ where the instance resides
+  2. Failure threshold should be 5
+
+2. Edit the security group of one of your instances and remove HTTP rules.
+  1. Did it change the status of the health check?
+
+### Solution
+
+#### Console
+
+1. Go to Route 53
+2. Click on "Health Checks" in the left-side menu
+3. Click on "Create health check"
+4. Insert the name: us-east-2
+5. What to monitor: endpoint
+6. Insert the IP address of the instance
+7. Insert the endpoint /health if your web instance supports that endpoint
+8. In advanced configuration, set Failure threshold to 5
+9. Click on "next" and then on "Create health check"
+10. Repeat steps 1-9 for the other two instances you have
+
+1. Go to security group of one of your instances
+2. Click on "Actions" -> Edit inbound rules -> Delete HTTP based rules
+3. Go back to health checks page and after a couple of seconds you should see that the status becomes "unhealthy"

topics/aws/exercises/hello_function/exercise.md

@@ -0,0 +1,3 @@
+## Hello Function
+
+Create a basic AWS Lambda function that when given a name, will return "Hello <NAME>"

topics/aws/exercises/hello_function/solution.md

@@ -0,0 +1,49 @@
+## Hello Function - Solution
+
+### Exercise
+
+Create a basic AWS Lambda function that when given a name, will return "Hello <NAME>"
+
+### Solution
+
+#### Define a function
+
+1. Go to Lambda console panel and click on `Create function`
+  1. Give the function a name like `BasicFunction`
+  2. Select `Python3` runtime
+  3. Now to handle function's permissions, we can attach IAM role to our function either by setting a role or creating a new role. I selected "Create a new role from AWS policy templates"
+  4. In "Policy Templates" select "Simple Microservice Permissions"
+
+1. Next, you should see a text editor where you will insert a code similar to the following
+
+#### Function's code
+```
+import json
+
+
+def lambda_handler(event, context):
+    firstName = event['name']
+    return 'Hello ' + firstName
+```
+2. Click on "Create Function"
+
+#### Define a test
+
+1. Now let's test the function. Click on "Test".
+2. Select "Create new test event"
+3. Set the "Event name" to whatever you'd like. For example "TestEvent"
+4. Provide keys to test
+
+```
+{
+  "name": 'Spyro'
+}
+```
+5. Click on "Create"
+
+#### Test the function
+
+1. Choose the test event you've create (`TestEvent`)
+2. Click on the `Test` button
+3. You should see something similar to `Execution result: succeeded`
+4. If you'll go to AWS CloudWatch, you should see a related log stream 

topics/aws/exercises/hibernate_instance/exercise.md

@@ -0,0 +1,8 @@
+## AWS EC2 - Hibernate an Instance
+
+### Objectives
+
+1. Create an instance that supports hibernation
+2. Hibernate the instance
+3. Start the instance
+4. What way is there to prove that instance was hibernated from OS perspective?

topics/aws/exercises/hibernate_instance/solution.md

@@ -0,0 +1,25 @@
+## AWS EC2 - Hibernate an Instance
+
+### Objectives
+
+1. Create an instance that supports hibernation
+2. Hibernate the instance
+3. Start the instance
+4. What way is there to prove that instance was hibernated from OS perspective?
+
+### Solution
+
+1. Create an instance that supports hibernation
+  1. Go to EC2 service
+  2. Go to instances and create an instance
+  3. In "Configure instance" make sure to check "Enable hibernation as an additional stop behavior"
+  4. In "Add storage", make sure to encrypt EBS and make sure the size > instance RAM size (because hibernation saves the RAM state)
+  5. Review and Launch
+
+2. Hibernate the instance
+  1. Go to the instance page
+  2. Click on "Instance state" -> "Hibernate instance" -> Hibernate
+
+3. Instance state -> Start
+
+4. Run the "uptime" command, which will display the amount of time the system was up

topics/aws/exercises/launch_ec2_web_instance/exercise.md

@@ -0,0 +1,15 @@
+## AWS - Launch EC2 Web Instance
+
+### Objectives
+
+Launch one EC2 instance with the following requirements:
+
+1. Amazon Linux 2 image
+2. Instance type: pick up one that has 1 vCPUs and 1 GiB memory
+3. Instance storage should be deleted upon the termination of the instance
+4. When the instance starts, it should install:
+  1. Install the httpd package
+  2. Start the httpd service
+  3. Make sure the content of /var/www/html/index.html is `I made it! This is is awesome!`
+5. It should have the tag: "Type: web" and the name of the instance should be "web-1"
+6. HTTP traffic (port 80) should be accepted from anywhere

topics/aws/exercises/launch_ec2_web_instance/solution.md

@@ -0,0 +1,39 @@
+## AWS - Launch EC2 Web Instance
+
+### Objectives
+
+Launch one EC2 instance with the following requirements:
+
+1. Amazon Linux 2 image
+2. Instance type: pick up one that has 1 vCPUs and 1 GiB memory
+3. Instance storage should be deleted upon the termination of the instance
+4. When the instance starts, it should install:
+  1. Install the httpd package
+  2. Start the httpd service
+  3. Make sure the content of /var/www/html/index.html is `I made it! This is is awesome!`
+5. It should have the tag: "Type: web" and the name of the instance should be "web-1"
+6. HTTP traffic (port 80) should be accepted from anywhere
+
+### Solution
+
+1. Choose a region close to you 
+2. Go to EC2 service
+3. Click on "Instances" in the menu and click on "Launch instances"
+4. Choose image: Amazon Linux 2
+5. Choose instance type: t2.micro 
+6. Make sure "Delete on Termination" is checked in the storage section
+7. Under the "User data" field the following:
+
+```
+yum update -y
+yum install -y httpd
+systemctl start httpd
+systemctl enable httpd
+echo "<h1>I made it! This is is awesome!</h1>" > /var/www/html/index.html
+```
+8. Add tags with the following keys and values:
+  * key "Type" and the value "web"
+  * key "Name" and the value "web-1"
+9. In the security group section, add a rule to accept HTTP traffic (TCP) on port 80 from anywhere
+10. Click on "Review" and then click on "Launch" after reviewing.
+11. If you don't have a key pair, create one and download it.

topics/aws/exercises/mysql_db/exercise.md

@@ -0,0 +1,14 @@
+## AWS Databases - MySQL DB
+
+### Objectives
+
+1. Create a MySQL database with the following properties
+  * Instance type: db.t2.micro
+  * gp2 storage
+  * Storage Auto scaling should be enabled and threshold should be set to 500 GiB
+  * Public access should be enabled
+  * Port should be set to 3306
+  * DB name: 'db'
+  * Backup retention: 10 days
+
+2. Create read replica for the database you've created

topics/aws/exercises/mysql_db/solution.md

@@ -0,0 +1,42 @@
+## AWS Databases - MySQL DB
+
+### Objectives
+
+1. Create a MySQL database with the following properties
+  * Instance type: db.t2.micro
+  * gp2 storage
+  * Storage Auto scaling should be enabled and threshold should be set to 500 GiB
+  * Public access should be enabled
+  * Port should be set to 3306
+  * DB name: 'db'
+  * Backup retention: 10 days
+
+2. Create read replica for the database you've created
+
+### Solution
+
+#### Console
+
+1. Go to RDS service
+2. Click on "Databases" in the left side menu and click on the "Create database" button
+3. Choose "standard create"
+4. Choose "MySQL" and the recommended version
+5. Choose "Production" template
+6. Specify DB instance identifier
+7. Specify Credentials (master username and password)
+8. Choose DB instance type: Burstable classes, db.t2.micro
+9. Choose "gp2" as storage
+10. Enable storage autoscalling: maximum storage threshold of 500 GiB
+11. Choose "Do not create a standby instance"
+12. Choose a default VPC and subnet
+12. Check "Yes" for public access
+13. Choose "No preference" for AZ
+14. Database port should be 3306
+15. For authentication, choose "Password and IAM database authentication"
+16. Set initial database name as "db"
+17. Increase backup retention period to 10 days
+18. Click on "Create database" button
+
+1. Go to the database under "Databases" in the left side menu
+2. Click on "Actions" -> Create read replica
+3. Click on "Create read replica"

topics/aws/exercises/network_load_balancer/exercise.md

@@ -0,0 +1,13 @@
+## AWS ELB - Network Load Balancer
+
+### Requirements                   
+
+Two running EC2 instances
+
+### Objectives
+
+1. Create a network load balancer 
+  1. healthy threshold: 3
+  2. unhealthy threshold: 3
+  3. interval: 10 seconds
+  4. Listener should be using TCP protocol on port 80

topics/aws/exercises/network_load_balancer/solution.md

@@ -0,0 +1,35 @@
+## AWS ELB - Network Load Balancer
+
+### Requirements                   
+
+Two running EC2 instances
+
+### Objectives
+
+1. Create a network load balancer 
+  1. healthy threshold: 3
+  2. unhealthy threshold: 3
+  3. interval: 10 seconds
+  4. Listener should be using TCP protocol on port 80
+
+### Solution
+
+#### Console
+
+1. Go to EC2 service
+2. Click in the left side menu on "Load balancers" under "Load balancing"
+3. Click on "Create load balancer"
+4. Choose "Network Load Balancer"
+5. Insert a name for the LB
+6. Choose AZs where you want the LB to operate
+7. Choose a security group
+8. Under "Listeners and routing" click on "Create target group" and choose "Instances"
+  1. Provide a name for the target group
+  2. Set healthy threshold to 3
+  3. Set unhealthy threshold to 3
+  4. Set interval to 10 seconds
+  5. Set protocol to TCP and port to 80
+  6. Click on "Next" and choose two instances you have
+  7. Click on "Create target group"
+9. Refresh target groups and choose the one you've just created
+10. Click on "Create load balancer" and wait for it to be provisioned

topics/aws/exercises/new_vpc/exercise.md

@@ -0,0 +1,6 @@
+## AWS VPC - My First VPC
+
+### Objectives
+
+1. Create a new VPC
+  1. It should have a CIDR that supports using at least 60,000 hosts

topics/aws/exercises/new_vpc/solution.md

@@ -0,0 +1,17 @@
+## AWS VPC - My First VPC
+
+### Objectives
+
+1. Create a new VPC
+  1. It should have a CIDR that supports using at least 60,000 hosts
+
+### Solution
+
+#### Console
+
+1. Under "Virtual Private Cloud" click on "Your VPCs"
+2. Click on "Create VPC"
+3. Insert a name (e.g. someVPC)
+4. Insert IPv4 CIDR block: 10.0.0.0/16
+5. Keep "Tenancy" at Default
+6. Click on "Create VPC"

topics/aws/exercises/no_application/exercise.md

@@ -0,0 +1,8 @@
+## No Application :'(
+
+### Objectives
+
+Explain what might be possible reasons for the following issues:
+
+1. Getting "time out" when trying to reach an application running on EC2 instance
+2. Getting "connection refused" error

topics/aws/exercises/no_application/solution.md

@@ -0,0 +1,21 @@
+## No Application :'(
+
+### Objectives
+
+Explain what might be possible reasons for the following issues:
+
+1. Getting "time out" when trying to reach an application running on EC2 instance
+2. Getting "connection refused" error
+
+### Solution
+
+1. 'Time out' Can be due to one of the following:
+
+  * Security group doesn't allow access
+  * No host (yes, I know. Not the first thing to check and yet...)
+  * Operating system firewall blocking traffic
+
+2. 'Connection refused' can happen due to one of the following:
+
+  * Application didn't launch properly or has some issue (doesn't listens on the designated port)
+  * Firewall replied with a reject instead of dropping the packets

topics/aws/exercises/password_policy_and_mfa/exercise.md

@@ -0,0 +1,12 @@
+## AWS IAM - Password Policy & MFA
+
+Note: DON'T perform this exercise unless you understand what you are doing and what is the outcome of applying these changes to your account
+
+### Objectives
+
+1. Create password policy with the following settings:
+  1. At least minimum 8 characters
+  2. At least one number
+  3. Prevent password reuse
+
+2. Then enable MFA for the account.

topics/aws/exercises/password_policy_and_mfa/solution.md

@@ -0,0 +1,32 @@
+## AWS IAM - Password Policy & MFA
+
+Note: DON'T perform this exercise unless you understand what you are doing and what is the outcome of applying these changes to your account
+
+### Objectives
+
+1. Create password policy with the following settings:
+  1. At least minimum 8 characters
+  2. At least one number
+  3. Prevent password reuse
+
+2. Then enable MFA for the account.
+
+### Solution
+
+Password Policy:
+
+1. Go to IAM service in AWS
+2. Click on "Account settings" under "Access management"
+3. Click on "Change password policy"
+  1. Check "Enforce minimum password length" and set it to 8 characters
+  1. Check "Require at least one number"
+  1. Check "Prevent password reuse"
+4. Click on "Save changes"
+
+MFA:
+
+1. Click on the account name
+2. Click on "My Security Credentials"
+3. Expand "Multi-factor authentication (MFA)" and click on "Activate MFA"
+4. Choose one of the devices
+5. Follow the instructions to set it up and click on "Assign MFA"

topics/aws/exercises/placement_groups/exercise.md

@@ -0,0 +1,6 @@
+## AWS EC2 - Placement Groups          
+
+### Objectives                      
+
+A. Create a placement group. It should be one with a low latency network. Make sure to launch an instance as part of this placement group.
+B. Create another placement group. This time high availability is a priority

topics/aws/exercises/placement_groups/solution.md

@@ -0,0 +1,23 @@
+## AWS EC2 - Placement Groups          
+
+### Objectives                      
+
+A. Create a placement group. It should be one with a low latency network. Make sure to launch an instance as part of this placement group.
+B. Create another placement group. This time high availability is a priority
+
+### Solution                        
+
+A.
+1. Go to EC2 service
+2. Click on "Placement Groups" under "Network & Security"
+3. Click on "Create placement group"
+4. Give it a name and choose the "Cluster" placement strategy because the requirement is low latency network
+5. Click on "Create group"
+6. Go to "Instances" and click on "Launch an instance". Choose any properties you would like, just make sure to check "Add instance to placement group" and choose the placement group you've created
+
+B.
+1. Go to EC2 service
+2. Click on "Placement Groups" under "Network & Security"
+3. Click on "Create placement group"
+4. Give it a name and choose the "Spread" placement strategy because the requirement is high availability as top priority
+5. Click on "Create group"

topics/aws/exercises/register_domain/exercise.md

@@ -0,0 +1,9 @@
+## AWS Route 53 - Register Domain
+
+### Objectives
+
+Note: registering domain costs money. Don't do this exercise, unless you understand that you are going to register a domain and it's going to cost you money.
+
+1. Register your own custom domain using AWS Route 53
+2. What is the type of your domain?
+3. How many records your domain has?

topics/aws/exercises/register_domain/solution.md

@@ -0,0 +1,27 @@
+## AWS Route 53 - Register Domain
+
+### Objectives
+
+Note: registering domain costs money. Don't do this exercise, unless you understand that you are going to register a domain and it's going to cost you money.
+
+1. Register your own custom domain using AWS Route 53
+2. What is the type of your domain?
+3. How many records your domain has?
+
+### Solution
+
+1. Go to Route 53 service page
+2. Click in the menu on "Registered Domains" under "Domains"
+3. Click on "Register Domain"
+4. Insert your domain
+5. Check if it's available. If it is, add it to the cart 
+
+Note: registering domain costs money. Don't click on "continue", unless you understand that you are going to register a domain and it's going to cost you money.
+
+6. Click on "Continue" and fill in your contact information
+7. Choose if you want to renew it in the future automatically. Accept the terms and click on "Complete Order"
+8. Go to hosted zones and you should see there your newly registered domain
+
+1. The domain type is "Public"
+
+1. The domain has 2 DNS records: NS and SOA

topics/aws/exercises/route_53_failover/exercise.md

@@ -0,0 +1,11 @@
+## AWS Route 53 - Failover
+
+### Requirements
+
+A running EC2 web instance with an health check defined for it in Route 53
+
+### Objectives
+
+1. Create a failover record that will failover to another record if an health check isn't passing
+  1. Make sure TTL is 30
+  2. Associate the failover record with the health check you have

topics/aws/exercises/route_53_failover/solution.md

@@ -0,0 +1,29 @@
+## AWS Route 53 - Failover
+
+### Requirements
+
+A running EC2 web instance with an health check defined for it in Route 53
+
+### Objectives
+
+1. Create a failover record that will failover to another record if an health check isn't passing
+  1. Make sure TTL is 30
+  2. Associate the failover record with the health check you have
+
+### Solution
+
+#### Console
+
+1. Go to Route 53 service
+2. Click on "Hosted Zones" in the left-side menu
+3. Click on your hosted zone
+4. Click on "Created record"
+5. Insert "failover" in record name and set record type to A
+6. Insert the IP of your instance
+7. Set the routing policy to failover
+8. Set TTL to 30
+9. Associate with an health check
+10. Add another record with the same properties as the previous one
+11. Click on "Create records"
+12. Go to your EC2 instance and edit its security group to remove the HTTP rules
+13. Use your web app and if you print the hotsname of your instance then you will notice, a failover was performed and a different EC2 instance is used

topics/aws/exercises/security_groups/exercise.md

@@ -0,0 +1,20 @@
+## AWS EC2 - Security Groups
+
+### Requirements 
+
+For this exercise you'll need:
+
+1. EC2 instance with web application
+2. Security group inbound rules that allow HTTP traffic
+
+### Objectives
+
+1. List the security groups you have in your account, in the region you are using
+2. Remove the HTTP inbound traffic rule
+3. Can you still access the application? What do you see/get?
+4. Add back the rule
+5. Can you access the application now?
+
+## Solution
+
+Click [here to view to solution](solution.md)

topics/aws/exercises/security_groups/solution.md

@@ -0,0 +1,55 @@
+## AWS EC2 - Security Groups
+
+### Requirements 
+
+For this exercise you'll need:
+
+1. EC2 instance with web application
+2. Security group inbound rules that allow HTTP traffic
+
+### Objectives
+
+1. List the security groups you have in your account, in the region you are using
+2. Remove the HTTP inbound traffic rule
+3. Can you still access the application? What do you see/get?
+4. Add back the rule
+5. Can you access the application now?
+
+### Solution
+
+#### Console
+
+1. Go to EC2 service - > Click on "Security Groups" under "Network & Security"
+   You should see at least one security group. One of them is called "default"
+2. Click on the security group with HTTP rules and click on "Edit inbound rules".
+   Remove the HTTP related rules and click on "Save rules"
+3. No. There is a time out because we removed the rule allowing HTTP traffic.
+4. Click on the security group -> edit inbound rules and add the following rule:
+  * Type: HTTP
+  * Port range: 80
+  * Source: Anywhere -> 0.0.0.0/0
+5. yes
+
+#### CLI
+
+1. `aws ec2 describe-security-groups` -> by default, there is one security group called "default", in a new account
+2. Remove the rule:
+
+```
+aws ec2 revoke-security-group-ingress \
+    --group-name someHTTPSecurityGroup
+    --protocol tcp \
+    --port 80 \
+    --cidr 0.0.0.0/0
+```
+3. No. There is a time out because we removed the rule allowing HTTP traffic.
+4. Add the rule we remove:
+
+```
+aws ec2 authorize-security-group-ingress \
+    --group-name someHTTPSecurityGroup
+    --protocol tcp \
+    --port 80 \
+    --cidr 0.0.0.0/0
+```
+5. yes

topics/aws/exercises/snapshots/exercise.md

@@ -0,0 +1,16 @@
+## AWS EC2 - EBS Snapshots
+
+### Requirements
+
+EBS Volume
+
+### Objectives
+
+A. Create a snapshot of an EBS volume
+B. Verify the snapshot was created
+C. Move the data to another region
+D. Create a volume out of it in a different AZ
+
+## Solution
+
+Click [here to view to solution](solution.md)

topics/aws/exercises/snapshots/solution.md

@@ -0,0 +1,33 @@
+## AWS EC2 - EBS Snapshots
+
+### Requirements
+
+EBS Volume
+
+### Objectives
+
+A. Create a snapshot of an EBS volume
+B. Verify the snapshot was created
+C. Move the data to another region
+D. Create a volume out of it in a different AZ
+
+### Solution
+
+A.
+1. Go to EC2 service
+2. Click on "Volumes" under "Elastic Block Store"
+3. Right click on the chosen volume -> Create snapshot
+4. Insert a description and click on "Create Snapshot"
+
+B.
+1. Click on "Snapshots" under "Elastic Block Store"
+2. You should see the snapshot you've created
+
+C.
+1. Select the snapshot and click on Actions -> Copy
+2. Select a region to where the snapshot will be copied
+
+D.
+1. Select the snapshot and click on Actions -> Create volume
+2. Choose a different AZ
+3. Click on "Create Volume"

topics/aws/exercises/subnets/exercise.md

@@ -0,0 +1,23 @@
+## AWS VPC - Subnets
+
+### Requirements
+
+Single newly created VPC
+
+### Objectives
+
+1. Create a subnet in your newly created VPC
+  1. CIDR: 10.0.0.0/24
+  2. Name: NewSubnet1
+2. Create additional subnet
+  1. CIDR: 10.0.1.0/24
+  2. Name: NewSubnet2
+  3. Different AZ compared to previous subnet
+3. Create additional subnet
+  1. CIDR: 10.0.2.0/24
+  2. Name: NewSubnet3
+  3. Different AZ compared to previous subnets
+
+## Solution
+
+Click [here to view to solution](solution.md)

topics/aws/exercises/subnets/solution.md

@@ -0,0 +1,39 @@
+## AWS VPC - Subnets
+
+### Requirements
+
+Single newly created VPC
+
+### Objectives
+
+1. Create a subnet in your newly created VPC
+  1. CIDR: 10.0.0.0/24
+  2. Name: NewSubnet1
+2. Create additional subnet
+  1. CIDR: 10.0.1.0/24
+  2. Name: NewSubnet2
+  3. Different AZ compared to previous subnet
+3. Create additional subnet
+  1. CIDR: 10.0.2.0/24
+  2. Name: NewSubnet3
+  3. Different AZ compared to previous subnets
+
+### Solution
+
+#### Console
+
+1. Click on "Subnets" under "Virtual Private Cloud"
+2. Make sure you filter by your newly created VPC (to not see the subnets in all other VPCs). You can do this in the left side menu
+3. Click on "Create subnet"
+4. Choose your newly created VPC
+5. Set the subnet name to "NewSubnet1"
+6. Choose AZ
+7. Set CIDR to 10.0.0.0/24
+8. Click on "Add new subnet"
+9. Set the subnet name to "NewSubnet2"
+10. Choose a different AZ
+11. Set CIDR to 10.0.1.0/24
+12. Click on "Add new subnet"
+13. Set the subnet name to "NewSubnet3"
+14. Choose a different AZ
+15. Set CIDR to 10.0.2.0/24

topics/aws/exercises/url_function/exercise.md

@@ -0,0 +1,7 @@
+## URL Function
+
+Create a basic AWS Lambda function that will be triggered when you enter a URL in the browser
+
+## Solution
+
+Click [here to view to solution](solution.md)

topics/aws/exercises/url_function/solution.md

@@ -0,0 +1,71 @@
+## URL Function
+
+Create a basic AWS Lambda function that will be triggered when you enter a URL in the browser
+
+### Solution
+
+#### Define a function
+
+1. Go to Lambda console panel and click on `Create function`
+  1. Give the function a name like `urlFunction`
+  2. Select `Python3` runtime
+  3. Now to handle function's permissions, we can attach IAM role to our function either by setting a role or creating a new role. I selected "Create a new role from AWS policy templates"
+  4. In "Policy Templates" select "Simple Microservice Permissions"
+
+1. Next, you should see a text editor where you will insert a code similar to the following
+
+#### Function's code
+```
+import json
+
+
+def lambda_handler(event, context):
+    firstName = event['name']
+    return 'Hello ' + firstName
+```
+2. Click on "Create Function"
+
+#### Define a test
+
+1. Now let's test the function. Click on "Test".
+2. Select "Create new test event"
+3. Set the "Event name" to whatever you'd like. For example "TestEvent"
+4. Provide keys to test
+
+```
+{
+  "name": 'Spyro'
+}
+```
+5. Click on "Create"
+
+#### Test the function
+
+1. Choose the test event you've create (`TestEvent`)
+2. Click on the `Test` button
+3. You should see something similar to `Execution result: succeeded`
+4. If you'll go to AWS CloudWatch, you should see a related log stream
+
+#### Define a trigger
+
+We'll define a trigger in order to trigger the function when inserting the URL in the browser
+
+1. Go to "API Gateway console" and click on "New API Option"
+2. Insert the API name, description and click on "Create"
+3. Click on Action -> Create Resource
+4. Insert resource name and path (e.g. the path can be /hello) and click on "Create Resource"
+5. Select the resource we've created and click on "Create Method"
+6. For "integration type" choose "Lambda Function" and insert the lambda function name we've given to the function we previously created. Make sure to also use the same region
+7. Confirm settings and any required permissions
+8. Now click again on the resource and modify "Body Mapping Templates" so the template includes this:
+
+```
+{ "name": "$input.params('name')" }
+```
+9. Finally save and click on Actions -> Deploy API
+
+#### Running the function
+
+1. In the API Gateway console, in stages menu, select the API we've created and click on the GET option
+2. You'll see an invoke URL you can click on. You might have to modify it to include the input so it looks similar to this: `.../hello?name=mario`
+3. You should see in your browser `Hello Mario`