Complete a series of tasks within a limited time to test your VPC skills. Note: This is an advanced lab requiring advanced networking skills.
In this quest, you’ll learn to work with services related to Compute and Networking, including Amazon EC2, Amazon Elastic Load Balancing, and Amazon Virtual Private Cloud (VPC).
Networking is a principle theme of cloud computing—it’s the underlying structure of GCP and it’s what connects all your resources and services to one another. This fundamental-level quest will cover essential GCP networking services and will give you hands-on practice with specialized tools for developing mature networks. From learning the ins-and-outs of VPCs, to creating enterprise-grade load balancers, Networking in the Google Cloud will give you the practical experience needed so you can start building robust networks right away.
Security is an uncompromising feature of Google Cloud Platform services, and GCP has developed specific tools for ensuring safety and identity across your projects. In this fundamental-level quest, you will get hands-on practice with GCP’s Identity and Access Management (IAM) service, which is the go-to for managing user and virtual machine accounts. You will get experience with network security by provisioning VPCs and VPNs, and learn what tools are available for security threat and data loss protections.
This lab provides a overview of building products in Service Catalog.
Security is a top priority for Amazon Web Services (AWS). AWS provides many tools and services to meet your unique security needs. This lab will present a solution, among many, to enhance your security. This lab walks through a method to automatically update your Virtual Private Cloud (VPC) Security Groups to only allow access from Amazon CloudFront and AWS Web Application Firewall (WAF). Defining Security Groups rules this way prevents malicious requests from by-passing AWS WAF security rules and accessing your EC2 instances directly.
This lab leads you through the steps to perform basic audits of core AWS resources. You will use the AWS Management Console to understand how to audit the use of multiple AWS services, Amazon EC2, Amazon VPC, Amazon IAM, Amazon Security Groups, AWS CloudTrail and AWS CloudWatch. This lab will help you understand how you can extend your existing auditing objectives related to organizational Governance, Asset Configuration, Logical Access Controls, Operating Systems, Databases and Applications security configurations within AWS. The skills learned will help provide visibility; testability and automated audit evidence gather capabilities.
This lab leads you through the steps to migrate a Microsoft SQL Server database from a pretend (on-premises) SQL server to a SQL Server in your AWS account. In this lab you will launch a Windows Server 2016 with SQL Server 2017 Express instance into a RemoteVPC. This instance will act as your on-premises SQL Server. You will Install Active Directory Services on your DC instance in your AWS LabVPC and promote it to be a Domain Controller. You will join your AWS SQL Server to your Domain. You will configure remote administrator access to your AWS SQL Server. This will allow you to migrate a database to it. You will install the AdventureWorks database to your Remote SQL Server. You will then migrate the AdventureWorks database from your Remote SQL Server to your AWS SQL Server. Finally, you will verify that the database migrated to the other SQL server by querying the database.
Enforcing the principle of least privilege in Security Groups is an important component in the overall security of an application. This task can become more complicated as an application grows in scope and complexity. In this lab we will walk through using VPC Flow Logs and the Amazon Elasticsearch Service to visualize the usage of Security Groups in order to help identify which rules might be too permissive.
In this Qwiklab, you set up a redundant pair of Windows Domain Controllers (DC) with AD using a new Virtual Private Cloud (VPC) network and multiple subnets on Google Cloud Platform (GCP).