Skip to main content
All CollectionsFor InstructorsAssignment Setup
AWS Lab
AWS Lab

Creating an AWS Cloud Lab in Vocareum Notebook

K
Written by Kevin Wesley
Updated over a week ago

Creating an Assignment

From your course page select the 'Edit Assignments' tab and then navigate to and select the 'New Assignment' tab.

Enter the title of your assignment and press 'Save and Continue'

Enabling cloud resources in the Part settings.

Select 'Part 1' to access the Part settings of your Assignment

From the Part settings navigate to Resources. Select your Cloud Vendor from the dropdown (In this case AWS). When you have made your selections, click 'Save Part' before moving on.

NOTE: Always select 'Save Part' before moving on to a different section of settings

Setting a Budget

In the same Part settings, navigate to Budgets. In this section you can determine multiple factors relating budgeting cloud resources for learners.

Budget can be set based on allotted time and spend. Per month or in total.

Scroll down the Budget settings further to specify resource management within the lab

Define session length by time (including extensions). Set 'End Lab' behavior to either terminate resources completely, or put them in a stopped state so the student can return to them how they were left. You can also set whether to terminate resources if a student needs to reset Vocareum lab back to its original state. When you have made your selections, click 'Save Part' before moving on.

Interface Options

In the same Part settings navigate to 'Interface'. Specific to cloud labs, you can set helpful features for students in the interface. From necessary controls such as start, stop and reset. To helpful information like a timer, active budget and progress of the lab in regards to cloud resources. When you have made your selections, click 'Save Part' before moving on.

Lab Policies

From the Assignment settings of your cloud lab, select Configure Workspace to navigate to the teacher authoring environment

Within the Vocareum Notebook select Files to open the File Browser

From the file browser open the /voc directory

Navigate to voc/private, and right-click to create a new file or upload your lab policy. The file must be labeled 'lab.policy'.

If you are not uploading an existing policy, create your file and select lab.policy to open the file editor. You can use the below example as a jumping off point by copying it into lab.policy. This example only permits the launch of smaller ec2 instances:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
           "cloudformation:ListStacks",
           "cloudformation:DescribeStackEvents",
           "cloudformation:GetTemplate",
           "cloudformation:ListStackResources",
           "cloudformation:DescribeStacks",
  "CloudWatch:List*",
  "CloudWatch:Get*",
  "CloudWatch:Describe*",
           "iam:List*",
           "iam:Get*",
           "iam:Describe*",
           "ec2:*"
        ],
          "Effect": "Allow",
          "Resource": "*"
    },
    {
      "Action": [
        "ec2:RunInstances"
      ],
      "Condition": {
        "StringNotEquals": {
          "ec2:InstanceType": [
            "t2.micro",
            "t2.small"
          ]
        }
      },
      "Effect": "Deny",
      "Resource": "arn:aws:ec2:*:*:instance/*"
    },
    {
      "Action": [
        "ec2:RunInstances"
      ],
      "Condition": {
        "NumericGreaterThan": {
          "ec2:VolumeSize": "13"
        }
      },
      "Effect": "Deny",
      "Resource": "arn:aws:ec2:*:*:volume/*"
    },
    {
      "Action": [
        "ec2:StartInstances"
      ],
      "Condition": {
        "StringNotEquals": {
          "ec2:InstanceType": [
            "t2.micro",
            "t2.small"
          ]
        }
      },
      "Effect": "Deny",
      "Resource": "arn:aws:ec2:*:*:instance/*",
      "Sid": "OnlyAllowTheseInstances"
    },
    {
      "Action": [
        "ec2:*Spot*"
      ],
      "Effect": "Deny",
      "Resource": "*"
    },
    {
      "Action": [
        "ec2:CreateVolume"
      ],
      "Condition": {
        "NumericGreaterThan": {
          "ec2:VolumeSize": "13"
        }
      },
      "Effect": "Deny",
      "Resource": "*",
      "Sid": "LimitVolumeSize"
    },
    {
      "Action": "ec2:RunInstances",
      "Condition": {
        "StringNotEqualsIgnoreCase": {
          "ec2:Owner": "amazon"
        }
      },
      "Effect": "Deny",
      "Resource": [
        "arn:aws:ec2:*:*:image/*"
      ]
    }
  ]
}<br>

Adding lab instructions (README.md)

From the file browser navigate to voc/docs. Right-click to upload or create a new file. The file must be named README.md

Select the file to open the file editor. Below is an example you can use as a jumping off point.

<h1>Sandbox Environment</h1>
<h3>Lab Overview</h3>
<p>This is a sandbox for ad-hoc exploration of AWS services.</p>
<ul>
    <li>Click "Start Lab" to start/restart the session timer and launch lab CloudFormation script (if any).</li>
    <li>Click "AWS" to launch the AWS Console in a new browser tab.</li>
    <li>Click "End Lab" to end your session.</li>
</ul>
<p>NOTE:  All resources are automatically cleaned up after your session is over.</p><br>

Did this answer your question?