2013HM15511 Mohit Agrawal

Infra Free Solutions (IFS)
DISSERTATION
By
Mohit Agrawal
2013HM15511
Under the supervision of

Dileep Mantena
ENGAGEMENT MANAGER, CLOUD INFRA SERVICES
Dissertation work carried out at
TECH MAHINDRA Limited, Bengaluru
BIRLA INSTITUTE OF TECHNOLOGY AND SCIENCE

Pilani (Rajasthan) INDIA
2017
‘Infra Free Solutions (IFS)’
Submitted in partial fulfillment of the requirements of

M.Tech in Software System Degree Programme
By
Mohit Agrawal
2013HM15511
Under the supervision of

Dileep Mantena
ENGAGEMENT MANAGER, CLOUD INFRA SERVICES
Dissertation work carried out at
TECH MAHINDRA Limited, Bengaluru
BIRLA INSTITUTE OF TECHNOLOGY AND SCIENCE

Pilani (Rajasthan) INDIA
2017
ABSTRACT
Infra Free Solution (IFS) is a proposed model for all IT organizations to automate infrastructure
events. Infra Free Solution (IFS) is a collection of scripts that comprises all the details required
for automating the Infrastructure events, which take place in all IT organizations. Infra Free
Solution (IFS) enables the automation feasibility for daily and repeated events, which consume
most of the time of employees.
Hardware Requirement:
1. 2-3 AWS instances with medium configuration
Technical Keywords:
Amazon Lambda, Amazon CloudWatch, Amazon CloudTrail, SNS, AWS S3, AWS EC-2, VPC,
AWS IAM.
Advantages:
1. Increases efficiency of alert/event management.

2. It also reduces the manual work involved in the processes.
3. Global accessibility to AWS instances.
4. Completely avoid human prone errors.
5. Improved operations and service delivery
Existing System:
1. Alerts are manually handled and tracked in the infra.

2. It is prone to errors as the slightest misconfiguration can lead to critical infra failures
Proposed System:
1. In the proposed system, we use the AWS Lambda to work synchronously to follow the
standard procedure.
2. Reduce or eliminate human interactions involved
Contents
1. Introduction: ........................................................................................................................................................................1
1.1 Infra Setup ..........................................................................................................................................................................2
1.2 Infra Events and closure .....................................................................................................................................................2
1.3 About the tool used: UFT ...................................................................................................................................................3
2. The Existing System..............................................................................................................................................................3
2.1 Process Involved In Acknowledging Events/Incidents .......................................................................................................3
2.2 Process Involved in Acknowledging Events/Incidents (user related) .................................................................................4
2.3 Process Involved in Acknowledging Events/Incidents (S3 Bucket related) ........................................................................5
3. Difficulties of Existing solution .............................................................................................................................................6
4. Benefits of implementing IFS in the existing solution ..........................................................................................................6
4.1 Benefits achieved by implementing Automation in the project ........................................................................................7
5. Requirements .......................................................................................................................................................................8
5.1 Functional Requirements ...................................................................................................................................................8
5.2 Non Functional Requirements ...........................................................................................................................................9
6. Scope ....................................................................................................................................................................................9
6.1 In scope ..............................................................................................................................................................................9
6.2 Out of Scope.....................................................................................................................................................................10
7. System Design overview ....................................................................................................................................................10
7.1 Development Environment ..............................................................................................................................................10
7.2 Solution Design approach ................................................................................................................................................10
8. Future Course of Action .....................................................................................................................................................11
8.1 Deploying VPC ..................................................................................................................................................................13
8.2 Launching EC-2 Instances .................................................................................................................................................17
8.3 Creating S3 Buckets..........................................................................................................................................................23
9. Automating Infra Events using IFS Solution: ......................................................................................................................26
9.1 Automating EC-2 Instances: .............................................................................................................................................26
9.1.1Auto Starting EC-2 Instances ......................................................................................................................................26
9.1.2Auto Stopping EC-2 Instances ....................................................................................................................................32
9.2 Automating S3 Buckets: ...................................................................................................................................................39
9.2.1 Event Handling in S3 Bucket .....................................................................................................................................39
9.2.2Event Handling in S3 Bucket ......................................................................................................................................42
10. Configuring SNS Service ............................................................................................................................................45
11. Amazon CloudTrail ...................................................................................................................................................49
12. Abbreviation used in Report: ...................................................................................................................................54
13. References ................................................................................................................................................................55
14. Checklist ...................................................................................................................................................................56
P a g e 0 | 57
1. Introduction:
Cloud computing is a domain which provides n numbers of services and various IT platforms for
building/maintaining IT Infra. While the benefits of private clouds can be compelling for many IT
organizations requirements; sometimes organizations require a combination of these benefits along
with the advantages of public cloud. In such circumstances, a hybrid cloud may prove to be the better
choice:
Infra Free Solution (IFS) is a proposed model for all IT organizations to automate infrastructure
events. Infra Free Solution (IFS) is a collection of scripts that comprises all the details required for
automating the Infrastructure events, which take place in all IT organizations. Infra Free Solution (IFS)
enables the automation feasibility for daily and repeated events, which consume most of the time of
employees.
Handling these IT Infrastructure events manually is a very tedious and time-consuming job since
it requires referring lot of documents and data, which will lead to the failure of on -time delivery to the
customer. To overcome this problem, I have decided to automate some typical and repeated
infrastructure events through Infra Free Solution (IFS) design, which would preferably give the solution
for these delivery & time constraints.
P a g e 1 | 57
1.1 Infra Setup
IT infra can be of various types based on the requirements/users/applications etc. In my project, I have
planned a small infra setup, which includes the following:
1. BITS domain containing two Windows server and one Linux machine.
2. Five users with different background and access levels.
3. Sales, HR, Infra Departments (Role)
4. Three S3 Buckets for individual storage of each department (HR/Sales/Infra)
5. AWS Lambda for automating IT events.
1.2 Infra Events and closure
As mentioned above, events can be of any type including logging issue, unauthorized access, S3 Bucket
upload/delete/create, cloud instances related issues etc. All these events or these can also be called incidents for
security purpose; can consumes lots of time to login and check manually by the System Admin.
Considering the above facts, I have planned to automate the following IT incidents/events and closure
with the use of Infra Free Solution (IFS).
1. Unauthorized access of S3 Buckets in our environment.
2. Creation of S3 Buckets/ users in our environment.
3. Deletion of S3 Buckets/users in our environment.
4. Cloud instances going Down/UP in our environment.
The objective is to reduce System Admin efforts and automatic closure of the repetitive IT
events/incidents in our environment. The scripts can be enhanced or modified and used for other
events, which have similar functionalities with minimal modifications and future iterations of project.
P a g e 2 | 57
1.3 About the tool used: UFT
Amazon Lambda is used to automate the test cases and test IT events. Private cloud is being
used, at the time of implementation (while building Infra), all test objective will never be
changed. Only the events will be changed as per the test requirement, which will be taken place
in our environment.
2. The Existing System
A system engineer must be assigned for acknowledging the alert generated by our environment.
IT Admin has to manually login, check, and verify each alert, which are triggered. For each alert
or incident, an incident number will be generated then it needs to be tracked until it gets fixed.
Hence, as a first step, a System Admin has to be appointed, to acknowledge all the alert and
details of the event.
2.1 Process Involved In Acknowledging Events/Incidents
Manual Process:
Step1. A system engineer needs to Login to the IT environment.
Step2. Engineer captures event details. (Date/time when event occurred)
Step3. Engineer checks the associated permission of user for particular task/action.
Step4. Engineer takes necessary action according to the organization’s policy and user’s
authorization. Step5. Engineer notifies the respective team and management regarding the
incident and then closes the case.
P a g e 3 | 57
All these above-mentioned steps involved for an engineer to login and manually verify events,
which will take approximately 15 to 20 minutes to perform it manually.
For e.g. If an engineer wants to work on 10 alerts/incidents; he has to spend 15*15 = 225
minutes which is approximately 3.75 hours of manual efforts.
Automated Process:
Automated process has not been tested yet. Once Amazon Lambda is deployed in our Infra, we
can get the approx. time for handling each alert/events.
2.2 Process Involved in Acknowledging Events/Incidents (user related)
Manual Process:
Step2. Engineer captures event details. (User details)
Step3. Engineer checks the associated permission for user.
requirement. Step5. Engineer notifies the respective team and management regarding the
All these above-mentioned steps involved for an engineer to login and manually verify
Events/requests, which will take approximately 15 to 20 minutes to perform it manually.
P a g e 4 | 57
Automated Process:
2.3 Process Involved in Acknowledging Events/Incidents (S3 Bucket related)
Manual Process:
Step2. Engineer captures event details. (User’s details/ bucket’s details)
Step3. Engineer checks the associated permission for user.
requirement. Step5. Engineer notifies the respective team and management regarding the
All these above-mentioned steps involved for an engineer to login and manually verify
events/requests, which will take approximately 15 to 20 minutes to perform it manually.
Automated Process:
Our Automated workflow will be like:
P a g e 5 | 57
3. Difficulties of Existing solution
Existing IT organization uses typical IT infra, which contains many upfront Hardware resources,
work forces and a big office. These altogether requires a team, which needs to manage all this.
Thus, it adds more human interaction, which results in increased demand of infra/space
continuously.
Apart from this, human interaction takes more time to complete assigned task as compared to
automated job.
There is always possibilities of errors in case of human.
Now in the world of competition, we need to provide reliable, secured, and fast solutions to our
Customers so we need to offer automation for repetitive jobs, which takes less time and provide
more profit.
4. Benefits of implementing IFS in the existing solution
The idea is to implement Automation for the events handling in our environment.
The following are the benefits of implementing IFS frame work to legacy applications, especially
banking suite:
∑ Consistency of event handling
∑ Need less time to handle complete event cycle.
∑ Supports Automation.
∑ Easy to schedule scripts using Amazon Lambda which will save efforts of manually
running scripts
∑ Usage of less resources
∑ Reduces cost through executing automation scripts in various IT cloud environments
P a g e 6 | 57
∑ Complete automation of event handling.
∑ Repeatability
∑ Coverage
∑ Reliability
∑ Increases robustness of the application
4.1 Benefits achieved by implementing Automation in the project
One of the biggest strengths of AWS Lambda functions is the reduced cost of execution. In a
traditional web application, with code hosted on – and accessible through – an EC2 instance in
AWS, you need to pay for the server usage regardless of whether or not your API is actually in-
use. This idle-time cost can be very expensive, depending on the particulars of the instance you
are working with AWS Lambda functions, you only pay for the computing costs that your code
makes use of. AWS Lambda functions are billed by the millisecond of CPU time, instead of as a
flat and scaling fee based on usage. We don’t need to worry about scaling our instance (for the
most part – AWS does request that you inform them of any massive changes in scale), nor do
we need to worry about spinning up an instance or web server. AWS handles all this for us.
If our code is only active for one hour, we only pay for one hour – greatly reducing our cost of
execution. Furthermore, the first million (yes, 1,000,000) requests per month are free of charge.
Meaning if you never exceed a million requests (with some transfer limits), we’ll never have to
pay a dime!
∑ Using automation scripts, can manage complete handling of environment events..
∑ Automated scripts can reduced human interaction to almost zero.
P a g e 7 | 57
∑ After alert fixes, by using automation, fresh data creation is easy and helps to validate
continuous changes in configuration and customization setups.
∑ Automation immensely helps in validating pricing test scenarios. Data creation (user
creation/ bucket creation etc.) using automated scripts, after database refresh, will
effectively reduce the effort and highlights the client that automation will benefit them by
reducing the time and work force.
∑ The automation of IT events/alerts is helpful for current projects and helps in using this
framework for other of IT environments as well.
5. Requirements
5.1 Functional Requirements
As described in detail in the initial Introduction and Problem Description, there is a strong
requirement for automating the current IT environments, since these infra/applications/services
are the core to create any IT organizations. The requirements are classified in further detail as
listed below
The following are the leading features that are to be included while automating these IT Infra.
FR1. Create any number of AWS instances with combination of customer type
application type with required configurations.
FR2. Create number of users as per organization need.
FR3. Create any number of user groups to assign various roles and permissions.
FR4. Perform event handling for all available user accounts.
FR5. Perform negative scenarios for all user’s authorizations.
FR6. Perform multiple tests for each event type.
P a g e 8 | 57
FR7. Can perform creation, deletion and closure for any number of alerts to check
the error and exception handling.
5.2 Non Functional Requirements
NR1. The system should be a cloud environment.
NR2. The system should be in working condition
NR3. Amazon Lambda’s trigger should be simple and able to execute by anyone.
NR4. Provide reliability.
NR5. Make the events handling faster and accurate.
NR6. Testing with multiple iterations of events would help to increase the
confidence level on the product.
6. Scope
6.1 In scope
Scope of work is to automate the following events/alerts:
1. Unauthorized access of S3 Buckets in our environment.
2. Creation of S3 Buckets/ users in our environment.
3. Deletion of S3 Buckets/users in our environment.
4. Cloud instances going Down/UP in our environment.
Number of Test cases for above events varies. We will show some basic repetitive
scenarios. Approximately it takes 20 Person days to test these scenarios manually
and the aim is to reduce the timeline to 5 Person days.
P a g e 9 | 57
6.2 Out of Scope
The aim is to automate the most repetitive IT events/alerts. Other project specific
scenarios are out of scope in this project.
7. System Design overview
The following section gives an overview of the conclusions reached during the Design Phase of the
dissertation. The section also aims at providing a brief description of the high level system architecture.
7.1 Development Environment
Operating System – Windows
Server 2016 Datacenter
addition, Amazon Linux AMI
2017
Automation Tool – Amazon
Lambda
7.2 Solution Design approach
After a thorough analysis of the requirements of events type (taking into consideration the
testing cycles, duration of testing, stability of the environment, reusability etc.) Function based
– Event driven framework is used for Infra Free Solution project.
When AWS Lambda executes our Lambda function on our behalf, it takes care of
provisioning and managing resources needed to run our Lambda function. When we
create a Lambda function, we specify configuration information, such as the amount of
P a g e 10 | 57
memory and maximum execution time that we want to allow for our Lambda function.
When a Lambda function is invoked, AWS Lambda launches a container (that is, an
execution environment) based on the configuration settings we provided.
8. Future Course of Action

8.1 Need to create VPC environment in our Infra.
8.2 Need to design flow for automating infra events.
8.3 Need to deploy Amazon Lambda function in our environment.
8.4 Need to calculate the estimated time for event handling after deploying AWS Lambda.
P a g e 11 | 57
AWS DASHBOARD:
P a g e 12 | 57
8.1 Deploying VPC
Amazon VPC enables us to use our own isolated resources within the AWS Cloud and
connect those resources directly to our Data-Center.
Below are the steps to deploy VPC.
a. Login to AWS console and go to VPC Dashboard.
P a g e 13 | 57
b. We can either use ‘Start VPC Wizard’ or ‘Your VPC’ option for creating our
VPC.
P a g e 14 | 57
c. We need to create Subnets under our BITS VPC. Use the CIDR format to specify our
subnet's IP address block (e.g., 10.0.0.0/24).
Public Subnet: Instances, which will be deployed under BITS_Public subnet, will have
internet access.
Private Subnet: Instances, which will be deployed under BITS_Private subnet, will have no
internet access
P a g e 15 | 57
d. After defining subnets, we need to create Internet Gateway for our VPC. An Internet
gateway is a virtual router that connects a VPC to the Internet.
e. We also need to define Route Table for our VPC. A route table specifies how packets
are forwarded between the subnets within our VPC, the Internet, and our VPN
connection.
P a g e 16 | 57
f. So now, we have below VPC in our environment.
VPC: BITS
Subnets: BITS_Public & BITS_Private
Internet Gateway (IGW): Bits-IGW
8.2 Launching EC-2 Instances

We can launch various ec-2 instances as per our requirement from EC-2 Dashboard. I have used free tier
account in AWS and launched three ec-2 instances.
1. Windows Server 2016 Base (2 Instances as Non-Prod Server)
2. Amazon Linux AMI (single instance as Prod Server)
P a g e 17 | 57
These two ec-2 instance are Free-tier eligible. As per the customer requirement, we can go with all available
paid instances.
Below steps have been followed for launching ec-2 instance in our environment.
a. Login to AWS console and go to EC-2 Dashboard.
b. Select the below free tier eligible Windows Server AMI.
P a g e 18 | 57
c. Provide the required details for configuring our EC-2 instance.
d. Add Storage to our ec-2 instance.
P a g e 19 | 57
e. Assign appropriate tag to our ec-2 instance so it can be identified easily in our
environment.
f. Configure Security Groups details for our ec-2 instance.
P a g e 20 | 57
g. Review all provided configuration and settings and launch our ec-2 instance.
h. Create a new Key Pair for our ec-2 instance and save it in a secure place. These Keys
help us to get the password for our ec-2 instance.
P a g e 21 | 57
i. Once we are done with all above steps, we can finally launch our instances. After
launching our ec-2 instances; Dashboard will look like below:
Note: Same steps has to be followed for launching any version or any AWS instance type.
P a g e 22 | 57
8.3 Creating S3 Buckets

We can create S3 buckets in our cloud environment using Amazon S3 Service. S3 is a safe
place to store our files. It is an Object-based storage; data is spread across multiple devices and
facilities. File size in S3 can be up to five TB from 0 Bytes. S3 is a universal namespace, so our
bucket name must be unique globally. S3 provides 99.99% availability, 99.999999999%
durability.
Below steps have been followed for launching ec-2 instance in our environment.
a. Login to AWS console and go to S3 Dashboard.
b. Select ‘Create Bucket’ and provide required details.
P a g e 23 | 57
c. Set required permission for our S3 Bucket.
P a g e 24 | 57
d. Once we are done, we can deploy our S3 bucket successfully.
We can follow all above steps in order to create n-number of S3 Buckets in our environment.
P a g e 25 | 57
9. Automating Infra Events using IFS Solution:
9.1 Automating EC-2 Instances:
9.1.1Auto Starting EC-2 Instances
Cloud service providers charges us on the bases of what resources we use and run. For the
organizations, there might be possibility that their few servers are unused during the nights and
weekends. However, if our instances are running, we would be charged no matter we use them
or not. To overcome this issue and save the overall cost, we should think to stop our unused
EC2 instances in the night as well as in the weekends. This can reduce 30-40% overall cost.
Either we can stop our EC2 instances manually or we can set a schedule to Auto Start Stop
EC2 instance. If we have a large number of running instances, the manual method cannot be
possible or might be too irritating. However, we can schedule auto start stop EC2 instances at
regular intervals using Lambda functions. In this solution (IFS Solution), we are going to explain
a step by step guide how to start and stop our EC2 instance at specific time, nights, and/or
weekends.
To Schedule Auto Start EC2 Instance, we need to perform the following tasks.
1. Create a Lambda Function.
2. Create an Event Schedule.
3. Test and Validate our EC2 Schedule.
Create an Auto Start EC2 Instance Lambda Function
To create a Lambda function we need to perform the following steps:
P a g e 26 | 57
 Open the AWS Lambda Console and click Create a Lambda Function as shown in the
following figure to create a Lambda function.
 On the Select Blueprint page, click on Blank Function to choose it as shown in the
following figure.
P a g e 27 | 57
 On the Configure Triggers page, click Next to proceed.
 On the Configure Function page, set the following values:
 Name: Auto_Start_EC2
 Description: Auto Start EC2 Instance
 Runtime: Python 2.7.
 On the Code entry type area, type the following script carefully.
Note: Instance-ID mentioned in code are used in our solution and these can be replaced accordingly.
 On the same page, scroll-down to the Lambda function and handler section and
select Create a custom role and attach below code for created Role.
P a g e 28 | 57
 Click Save to save the changes. Click Allow and return to the Lambda Function
console.
 On the same page, scroll-down to the Advanced Settings section and set
the Timeout value more than 10 sec.
P a g e 29 | 57
 Finally click Next to proceed. On the Review page, click Create Function to complete
the wizard.
 To test that our function works properly, make sure that the instance we mentioned
during creating the Lambda function is stopped.
 Click on the Test tab and then click Save and Test, if everything goes fine, we will see
the script execution result something like below.
To verify that instance is started, go to EC2 running instance list and check the status
of instance we mentioned in the script.
Creating an Auto Start Event Schedule Rule
P a g e 30 | 57
Now, we have created the Lambda function and IAM role, however, we have still not defined
the time when this instance should start. For this, we need to create an Event scheduler.
 Open the Cloud Watch console; click Rules in the left pane.
 On the Create Rule page, select the Schedule button.
 In the Cron expression box, set the desired time when we want to start our instances.
In our case, we have set it to start at 4.30 PM IST at daily.
 In the right pane, select the Lambda Function as Targets and then select the Lambda
function name we have created previously
 Click Configure details to proceed. On the Configure details page, specify the rule
name, description, and complete wizard.
Test and Validate Auto Start EC2 Schedule
P a g e 31 | 57
Now we have done all the steps. Just wait for the time we mentioned in the schedule
expression and verify that our instance starts automatically.
Using the similar process, we can also schedule auto stop event for specific instances at
specific time.
Important Note: We can scheduled events use UTC time zone
9.1.2Auto Stopping EC-2 Instances
Cloud service providers charges us on the bases of what resources we use and run. For the
organizations, there might be possibility that their few servers are unused during the nights
and weekends. However, if our instances are running, we would be charged no matter we use
them or not. To overcome this issue and save the overall cost, we should think to stop our
unused EC2 instances in the night as well as in the weekends. This can reduce 30-40%
overall cost.
Either we can stop our EC2 instances manually or we can set a schedule to Auto Start Stop
EC2 instance. If we have a large number of running instances, the manual method cannot be
possible or might be too irritating. However, we can schedule auto start stop EC2 instances at
regular intervals using Lambda functions. In this solution (IFS Solution), we are going to
explain a step by step guide how to start and stop our EC2 instance at specific time, nights,
and/or weekends.
To Schedule Auto Stop EC2 Instance, we need to perform the following tasks.
1. Create a Lambda Function.
P a g e 32 | 57
2. Create an Event Schedule.
3. Test and Validate our EC2 Schedule.
Create an Auto Stop EC2 Instance Lambda Function
To create a Lambda function we need to perform the following steps:
 Open the AWS Lambda Console and click Create a Lambda Function as shown in the
following figure to create a Lambda function.
 On the Select Blueprint page, click on Blank Function to choose it as shown in the
following figure.
P a g e 33 | 57
 On the Configure Triggers page, click Next to proceed.
 On the Configure Function page, set the following values:
 Name: Auto_Stop_EC2
 Description: Auto Stop EC2 Instance
 Runtime: Python 2.7.
 On the Code entry type area, type the following script carefully.
P a g e 34 | 57
Note: Instance-ID mentioned in code are used in our solution and these can be replaced accordingly.
 On the same page, scroll-down to the Lambda function and handler section and
select Create a custom role and attach below code for created Role.
P a g e 35 | 57
 Click Save to save the changes. Click Allow and return to the Lambda Function console.
 On the same page, scroll-down to the Advanced Settings section and set
the Timeout value more than 10 sec.
 Finally click Next to proceed. On the Review page, click Create Function to complete the
wizard.
 To test that our function works properly, make sure that the instance we mentioned during
creating the Lambda function is stopped.
 Click on the Test tab and then click Save and Test, if everything goes fine, we will see the
script execution result something like below.
P a g e 36 | 57
To verify that instance is started, go to EC2 running instance list and check the status
of instance we mentioned in the script.
Creating an Auto Stop Event Schedule Rule
Now, we have created the Lambda function and IAM role, however, we have still not defined the
time when this instance should start. For this, we need to create an Event scheduler.
 Open the Cloud Watch console; click Rules in the left pane.
 On the Create Rule page, select the Schedule button.
 In the Cron expression box, set the desired time when we want to start our instances. In
our case, we have set it to start at 4.35 PM IST at daily.
 In the right pane, select the Lambda Function as Targets and then select the Lambda
function name we have created previously
P a g e 37 | 57
 Click Configure details to proceed. On the Configure details page, specify the rule
name, description, and complete wizard.
Test and Validate Auto Stop EC2 Schedule
Now we have done all the steps. Just wait for the time we mentioned in the schedule
expression and verify that our instance stops automatically.
Using the similar process, we can also schedule auto stop event for specific instances at
specific time.
Important Note: We can scheduled events use UTC time zone
P a g e 38 | 57
9.2 Automating S3 Buckets:
9.2.1 Event Handling in S3 Bucket
The Amazon S3 notification feature enables you to receive notifications when certain events
happen in our bucket. To enable notifications, we must first add a notification configuration
identifying the events we want Amazon S3 to publish, and the destinations where we want
Amazon S3 to send the event notifications.
Handling ALL_OBJECT_CREATED Events
In this scenario, Amazon S3 send notifications for the following events:
An object created event – We choose ObjectCreated (All) when configuring our events in the
console to enable notifications for anytime an object is created in your bucket. On the other
hand, we can select one or more of the specific object-creation actions to trigger event
notifications. These actions are “Put, Post, Copy, and CompleteMultiPartUpload”.
We need to follow steps to configured events in S3 Buckets:
1. Go to Amazon S3 and select our S3 Bucket.
2. After selecting S3 Bucket, go to Bucket Properties and select Events.
P a g e 39 | 57
3. In Events setting, we can Add Notification as shown below.
P a g e 40 | 57
Amazon S3 use SNS (Simple Notification Service) to send us Email Notification.
P a g e 41 | 57
9.2.2Event Handling in S3 Bucket

The Amazon S3 notification feature enables you to receive notifications when certain events
happen in our bucket. To enable notifications, we must first add a notification configuration
identifying the events we want Amazon S3 to publish, and the destinations where we want
Amazon S3 to send the event notifications.
Handling ALL_OBJECT_DELETED Events
In this scenario, Amazon S3 send notifications for the following events:
An object delete event – We select ObjectDelete (All) when configuring our events in the
console to enable notification for anytime an object is deleted. On the other hand, we can select
Delete to trigger event notifications when a un-versioned object is deleted or a versioned object
is permanently deleted.
We need to follow steps to configured events in S3 Buckets:
1. Go to Amazon S3 and select our S3 Bucket.
2. After selecting S3 Bucket, go to Bucket Properties and select Events.
3. In Events setting, we can Add Notification as shown below.
P a g e 42 | 57
Amazon S3 use SNS (Simple Notification Service) to send us Email Notification.
P a g e 43 | 57
P a g e 44 | 57
10. Configuring SNS Service

Amazon Simple Notification Service (Amazon SNS) is a web service that coordinates and
manages the delivery or sending of messages to subscribing endpoints or clients.
1. Go to AWS Services; under Messaging, select Simple Notification Service (SNS). It will
take us to below page.
2. Select ‘create new topic’. Here I am using SNS service to be notified for our Lambda
Function for EC-2 instances.
P a g e 45 | 57
3. Once topic is created, we need to Subscribe it as shown below:
4. To add an email address, choose Create subscription. For Protocol, choose Email. For
Endpoint, type the email address of the new recipient.
P a g e 46 | 57
5. Once Subscription is done; we receive a notification at provided email for confirmation as

shown below:
Once we Confirm submission; we get a subscription confirmation message as shown below:
6. Once Subscription is completed; we need to publish out topic as shown below:
Once we select ‘Publish a topic’, we can define our Notification structure as below:
P a g e 47 | 57
7. Once we publish a topic, we receive email at provided email address.
P a g e 48 | 57
11. Amazon CloudTrail

AWS CloudTrail helps us enable governance, compliance, and operational and risk auditing of
our AWS account. Actions taken by a user, role, or an AWS service are recorded as events in
CloudTrail.
When activity occurs in your AWS account, that activity is recorded in a CloudTrail event. You
can easily view events in the CloudTrail console by going to Event history.
Event history allows us to view, search, and download the past seven days of supported activity
in our AWS account. We can create a CloudTrail trail to further archive, analyze, and respond to
changes in our AWS resources.
A trail is a configuration that enables delivery of events to an Amazon S3 bucket that we
specify. We can also deliver and analyze events in a trail with Amazon CloudWatch Logs and
Amazon CloudWatch Events.
Amazon CloudTrail Dashboard:
P a g e 49 | 57
Amazon Trails
Amazon CloudTrail deliver logs to an Amazon S3 bucket. CloudTrail events can be processed
by one trail for free.
We can create two types of trails:
A trail that applies to all regions
When you create a trail that applies to all regions, CloudTrail creates the same trail in each
region. It then records events in each region and delivers the CloudTrail event log files to an S3
bucket that you specify. This is the default option when you create a trail in the CloudTrail
console.
A trail that applies to one region
When you create a trail that applies to one region, CloudTrail records the log files in that region
only. It then delivers the CloudTrail event log files log to an S3 bucket that you specify. If you
create additional single trails, you can have those trails deliver CloudTrail event log files to the
same Amazon S3 bucket or to separate buckets.
Note: For both types of trails, you can specify an Amazon S3 bucket from any region
Below are the steps to configure CloudTrail in our environment:
1. Go to Amazon Dashboard and select Amazon CloudTrail under Management Tools.
P a g e 50 | 57
2. In CloudTrail Dashboard, create Trail as shown below:
P a g e 51 | 57
To be notified through Emails and to have an eye on our Infra/environment, I have configured
CloudWatch Rule to identify an event and keep us updated about occurred events.
P a g e 52 | 57
We are notified for each action taken on our S3 buckets like below:
We can set n-number of rules and CloudWatch events to monitor our Infra by following above
steps
P a g e 53 | 57
12. Abbreviation used in Report:

AWS: Amazon Web Service
AWS EC-2: Amazon Elastic Compute Cloud
AWS S3: Amazon Simple Storage Service
AWS VPC: Amazon virtual Private Cloud
AWS SNS: Amazon Simple Notification Service
AWS IAM: Amazon Identity & Access Management
IGW: Internet Gateway\
TTL: Time to Live
P a g e 54 | 57
13. References
1. https://aws.amazon.com/documentation/
2. https://github.com/
3. https://acloud.guru/
4. https://www.udemy.com/
P a g e 55 | 57
14. Checklist
P a g e 56 | 57

2013HM15511 Mohit Agrawal

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

2013HM15511 Mohit Agrawal

Uploaded by

Copyright:

Available Formats

Infra Free Solutions (IFS)

Infra Free Solutions (IFS)

Under the supervision of

BIRLA INSTITUTE OF TECHNOLOGY AND SCIENCE

‘Infra Free Solutions (IFS)’

Submitted in partial fulfillment of the requirements of

Under the supervision of

BIRLA INSTITUTE OF TECHNOLOGY AND SCIENCE

1. 2-3 AWS instances with medium configuration

1. Increases efficiency of alert/event management.

1. Alerts are manually handled and tracked in the infra.

Infra Free Solutions (IFS)

organizations requirements; sometimes organizations require a combination of these benefits along

for these delivery & time constraints.

1.1 Infra Setup

planned a small infra setup, which includes the following:

2. Five users with different background and access levels.

3. Sales, HR, Infra Departments (Role)

4. Three S3 Buckets for individual storage of each department (HR/Sales/Infra)

5. AWS Lambda for automating IT events.

1.2 Infra Events and closure

with the use of Infra Free Solution (IFS).

1. Unauthorized access of S3 Buckets in our environment.

2. Creation of S3 Buckets/ users in our environment.

3. Deletion of S3 Buckets/users in our environment.

4. Cloud instances going Down/UP in our environment.

1.3 About the tool used: UFT

2. The Existing System

details of the event.

2.1 Process Involved In Acknowledging Events/Incidents

Step1. A system engineer needs to Login to the IT environment.

Step2. Engineer captures event details. (Date/time when event occurred)

incident and then closes the case.

which will take approximately 15 to 20 minutes to perform it manually.

minutes which is approximately 3.75 hours of manual efforts.

can get the approx. time for handling each alert/events.

2.2 Process Involved in Acknowledging Events/Incidents (user related)

Step1. A system engineer needs to Login to the IT environment.

Step2. Engineer captures event details. (User details)

Step3. Engineer checks the associated permission for user.

incident and then closes the case.

Events/requests, which will take approximately 15 to 20 minutes to perform it manually.

minutes which is approximately 3.75 hours of manual efforts.

can get the approx. time for handling each alert/events.

2.3 Process Involved in Acknowledging Events/Incidents (S3 Bucket related)

Step1. A system engineer needs to Login to the IT environment.

Step2. Engineer captures event details. (User’s details/ bucket’s details)

Step3. Engineer checks the associated permission for user.

incident and then closes the case.

events/requests, which will take approximately 15 to 20 minutes to perform it manually.

minutes which is approximately 3.75 hours of manual efforts.

can get the approx. time for handling each alert/events.

Our Automated workflow will be like:

3. Difficulties of Existing solution

There is always possibilities of errors in case of human.

4. Benefits of implementing IFS in the existing solution

∑ Consistency of event handling

∑ Need less time to handle complete event cycle.

∑ Usage of less resources

∑ Reduces cost through executing automation scripts in various IT cloud environments

∑ Complete automation of event handling.

∑ Increases robustness of the application

4.1 Benefits achieved by implementing Automation in the project