Hands-On Lab: Methods of Deploying and Operating in the AWS Cloud
Methods of deploying and operating in the AWS Cloud
Hands-On Lab: Methods of Deploying and Operating in the AWS Cloud
[!NOTE] Estimated Time: 30 minutes | Difficulty: Guided | Cloud Provider: AWS This lab is designed to help you prepare for the AWS Certified Cloud Practitioner (CLF-C02) exam by exploring Task Statement 3.1: Define methods of deploying and operating in the AWS Cloud.
Prerequisites
Before you begin this lab, ensure you have the following:
- AWS Account: An active AWS account with Administrator or PowerUser IAM permissions.
- AWS CLI: The AWS Command Line Interface installed on your local machine.
- IAM Credentials: Access Key ID and Secret Access Key configured (
aws configure). - Basic Knowledge: Familiarity with the differences between On-Premises, Cloud, and Hybrid deployment models.
Learning Objectives
By completing this lab, you will be able to:
- Compare manual resource deployment (AWS Management Console) with programmatic access (AWS CLI).
- Provision and manage AWS compute and storage resources using command-line tools.
- Understand deployment options and connectivity methods (e.g., AWS VPN, Direct Connect) for Hybrid architectures.
- Clean up provisioned resources to avoid unintended cloud costs.
Architecture Overview
This lab demonstrates the two primary ways Cloud Practitioners interact with AWS environments: Programmatic Access and Web Interface Access.
Additionally, as organizations migrate to the cloud, they adopt various deployment models. The diagram below illustrates the relationship between On-Premises, AWS Cloud, and Hybrid environments.
Step-by-Step Instructions
Step 1: Verify Programmatic Access
Before deploying resources, you must ensure your programmatic access is functioning correctly. The AWS CLI allows you to execute commands locally that authenticate with AWS APIs.
aws sts get-caller-identity📸 Screenshot: Take a screenshot of the JSON output showing your
UserId,Account, andArn.
▶Console alternative
Log into the AWS Management Console. In the top right navigation bar, click on your username or IAM role to view your Account ID and verify your active session.
[!TIP] If you receive an "Unable to locate credentials" error, you need to run
aws configureand provide your Access Key ID, Secret Access Key, and Default Region (e.g.,us-east-1).
Step 2: Deploy a Resource via AWS CLI
Infrastructure as Code (IaC) and the AWS CLI represent repeatable, automatable methods for deploying cloud resources. Let's create an Amazon S3 bucket using the CLI. S3 bucket names must be globally unique.
aws s3api create-bucket \
--bucket brainybee-lab-cli-<YOUR_ACCOUNT_ID> \
--region us-east-1📸 Screenshot: Capture the JSON response showing the
"Location"of your new bucket.
▶Console alternative
- Navigate to
in the AWS Management Console. 2. Click
. 3. Enter `brainybee-lab-console-
as the Bucket name. 4. Selectus-east-1` as the AWS Region.
5. Scroll down and click .
Step 3: Operate and Manage the Resource
Operating in AWS means configuring, updating, and interacting with the resources you deploy. Let's upload a local file to the cloud bucket we just created.
# Create a simple text file
echo "AWS CLI Deployment Test" > lab-test.txt
# Upload the file to S3
aws s3 cp lab-test.txt s3://brainybee-lab-cli-<YOUR_ACCOUNT_ID>/▶Console alternative
- In the S3 Console, click on the bucket you created.
- Click the
button. 3. Click
and select a file from your computer. 4. Click
at the bottom of the screen.
Checkpoints
Let's verify that the operations performed in the steps above were successful. Run the following command to list the contents of your bucket.
aws s3 ls s3://brainybee-lab-cli-<YOUR_ACCOUNT_ID>/Expected Result: You should see the timestamp, file size, and the filename lab-test.txt in your terminal output. If you see this, your programmatic deployment and operation were successful!
Teardown
[!WARNING] Remember to run the teardown commands to avoid ongoing charges. Even though S3 storage is cheap and often covered by the AWS Free Tier, cleaning up is a crucial operational best practice.
To safely delete the resources provisioned during this lab, execute the following commands:
# Delete the object inside the bucket
aws s3 rm s3://brainybee-lab-cli-<YOUR_ACCOUNT_ID>/lab-test.txt
# Delete the empty CLI bucket
aws s3api delete-bucket \
--bucket brainybee-lab-cli-<YOUR_ACCOUNT_ID> \
--region us-east-1▶Console alternative
- Navigate to
in the console. 2. Select your bucket, click
, and confirm deletion of all objects. 3. Select your bucket again, click
, and type the bucket name to confirm.
Troubleshooting
| Common Error | Cause | Fix |
|---|---|---|
Unable to locate credentials | AWS CLI is not configured | Run aws configure and supply your IAM Access Keys. |
AccessDenied | IAM User lacks permissions | Ensure your IAM user has AmazonS3FullAccess or sufficient privileges. |
BucketAlreadyExists | Bucket name is not globally unique | Ensure you append <YOUR_ACCOUNT_ID> or random numbers to your bucket name. |
IllegalLocationConstraintException | Region mismatch | If creating outside us-east-1, you must supply a --create-bucket-configuration LocationConstraint=<region> argument in the CLI. |